Category: Warning

Email Auto Forward

The FBI has warned businesses of the threat posed by cybercriminals who create auto-forwarding rules on their victims’ web-based email services, in an attempt to make them more susceptible to Business Email Compromise.

Business Email Compromise is an American name for fraud where hackers send an email message that appears to come from a known source making a legitimate request but ends up with the recipient being defrauded.

e.g. the hackers manage to get the email address and details for a solicitor conducting a house sale and email their customers asking for payment to be made to a new bank account (controlled by the criminals).

Or a hacker spoofs the email address of the company CEO to instruct a ledger clerk to transfer some company money to a new bank account.

Email Auto Forward Rules

With many email systems you can create rules that automatically move emails to folders or mark emails or delete messages from specified senders or auto forward emails containing specified keywords then delete them, for example.

The criminals use a variety of methods to get access to email systems, the most common being the sending of phishing messages to get the victims to enter their email credentials into a fake website page believing it is something to their benefit e.g. a free prize draw.

With access to the email, they setup rules that, for example, will auto forward any incoming message with the keywords ‘bank’, account’, ‘payment’ or ‘money’ then delete the messages.

The hackers hope this will give them emails containing enough information to be able to create matching fake emails and send those to the relevant companies asking for money to be transferred or to change the bank details for a payment due etc.

The hackers continue this until someone realises their payments are going astray.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Bitcoin Update

Bitcoin has been as high as $19,000 in 2020 but also as low as $6,500 – it can be extremely volatile as there are no real world assets to give it a solid value.

For those who invest in Bitcoin, it’s an unpredictable roller coaster with wild swings up and down. This can make people very rich or they can lose almost everything. Not for the faint hearted and not for anyone who cannot afford to take a big loss.

There are endless Bitcoin investment plans offered by a myriad of organisations.

Some are genuine but generally they don’t care if you win or lose on Bitcoin – they always win whether the price goes up or down.

The volatility of the currency and the occasional stories of people making fortines with Bitcoin encourage scammers to create their scam offerings where you always lose and they always win, unless they get caught by the authorities.

 Bitcoin Scams

Cryptocurrency scams are now a popular way for scammers to trick people into sending money. And they pop up in many ways. Most crypto scams can appear as emails trying to blackmail someone, online chain referral schemes, or bogus investment and business opportunities.

If you’re trying to pay for something online and the retailer wants you to pay in Bitcoin, maybe they are just offering options, nut generally this means there is a scam in progress and you will be the victim if you send that money as it will not be recoverable.

Latest Bitcoin Scam

Periodically, highly organised scammers produce floods of emails, adverts, fake newspaper articles and more in a coordinated attempt to lure people into their scam offering of Bitcoins.

Often these use fake celebrity endorsements such as claiming Richard Branson is selling everything to invest in Bitcoin. Recent names used include Alan Sugar and Daniel Radcliffe. The celebrities have nothing to do with this and try to stop their names being used to con people, but the scammers typically shut up shop and move on before being caught.

Headlines such as

“SPECIAL REPORT: Daniel Radcliffe’s Latest Investment Has The Government And Big Banks Terrified.”

“United Kingdom citizens are already raking in millions of Pounds from home using this “wealth loophole” – but is it legitimate?”

These such messages are always part of a coordinated scam.

If you do consider investing in Bitcoin or other cyber currencies, never respond to such emails, adverts or newspaper articles – do your own research on how to invest and take professional advice if possible.

Fightback Ninja Signature


The Website SEO Pitch Changes

Years ago, emails started to flood in offering website design services. Some were real offers by companies and many were real but from individuals as it is the sort of work that can be done easily from home.

Then lots of scammers saw this as an opportunity – offer these services but take the money and do nothing or subcontract at low cost to an idiot who will do a bad job.

After some years of this, the offers turned a bit more aggressive – stating such as that they had checked my website and found it lacking and giving a random general list of faults that they could fix.

These messages were annoying in their volume and being told our website was no good.

Some businesses offering website design moved on to saying that although our website was very good in some ways, it needed more work on some specified things. The scammers copied this new approach.

Again, these were general comments as the scammers never actually viewed the website they were talking about. When you are sending out these messages by the million – you don’t have time to actually view websites.

Then the scammers moved on to offering SEO services. After a while these changed into starting with insults about the lack of SEO on our site and how better SEO can bring in more customers.

You can see the pattern here – the changes often start with genuine businesses offering the services in a new way then the scammers catch on and copy the approach.

Next was social media optimisation and then onto web chat facilities and recently onto chatbots and some have moved on to AI chatbots.

A recent email to the radio station first of all compliments us on our great website design and SEO then offers statistics on why just getting people to the website is pointless unless you have an automated way to get them to make a purchase. The message has pages of boring stuff about how effective these new services can be and eventually some links for us to try their demonstration.

No thanks – any email that starts with a lot of lies about us and our website (however complementary) could never lead to business.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Car Key Cloning

According to a recent survey, 43 per cent of drivers “don’t appear to think twice” about handing over their car keys at a garage, airport parking, car-wash, or at a hotel or restaurant. However, very few people would behave the same way with their house keys.

Also, at home, many drivers leave their car keys in clear view or on a table or a hook near the front door. This can be a temptation to thieves who can try to hook the keys on a pole pushed through the letterbox.

These days, car theft is much less of a problem than its peak of around 20 years ago, but there are still tens of thousands of cars stolen each year. Modern alarm systems have made it much more difficult for thieves to steal cars, but the thieves have also become more high tec.

All new cars sold in the UK have alarms and immobilisers and almost always there is double locking.

Security in most new cars uses radio messages transmitted between the key fob and the car – if criminals have access to both the key and the car they can copy the electronic access, and return at a later date to steal the compromised car. This is not always true as it depends how the signals work.

Police say one in four stolen cars are now stolen using electronic gadgets, which send a signal that stops owners locking their doors by remote.

At Home Theft

You may have seen on TV where criminals can use signal boosters to make your car think the car key is next to the car door and hence unlock. If your key is safely away from the front door of your home or better still in a safe metal box then this form of theft doesn’t work.

Avoid storing your keys by the front door – it may not be fail-safe but get into the habit of leaving your keys well away from your vehicle, such as at the back of the house or buy a safe bag or metal box to store the keys.

Look after your car keys or thieves may find a way to relive you of the car.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Warning: Chain letter Scams

Chain Letters used to be very common as physical letters , in the days before home computing. These do still exist but almost all chain letters these days are by email.

We’ve all received email chain letters – urgent messages that warn us of computer viruses, social media fraud, money making opportunities, urgent charity requests etc. Typically, these emails will exhort you to add your name and forward them to other people – DO NOT. Press the Delete button instead.

Some chain letters can be amusing, but others may contain security threats – viruses or phishing attempts etc.

In recent years, they have appeared on social media as well. Some are carefully crafted and similar to the physical letters but some are very different, consisting of just a few lines directly pitching “Money for Nothing” schemes unashamedly. It is surprising that people fall for these such obvious frauds but some do.  Unfortunately people are so used on social media to just retweeting or reposting without thought that these frauds can circulate quickly.

There are 5 main categories of chain letter:-

  1. A sick child story. A story about how the child needs expensive treatment that the parents cannot afford. The message asks you to donate and to pass on the message so more people can donate.
  2. Fake warnings e.g. that Facebook accounts can all be hacked within seconds or that a new virus is spreading or that an email with a specified title can wipe out all of your files etc.
  3. Big money. A promise of a large financial reward if you take a list of specified steps. This is backed up by a celebrity name e.g. Bill Gates recommends this or Beyonce swears by this etc. Sign up and also your friends but only if you act fast. Always fake.
  4. Petitions, which can be for something obvious such as ban all whaling or can be something very specific. In any case, the idea is to get your name and address which can then be used for a variety of fraudulent purposes.
  5. These used to be very common but less so nowadays. The idea is to threaten bad luck if you don’t pass on the message.

Never forward any message you are unsure about.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

The Danger of Online Pharmacies

An increasing number of people buy their prescription medication on the Internet (with or without a prescription). Often this is because it can be cheaper but also at times because the person believes either they can get the medicine they want without a prescription or that it may be easier to convince someone online to give them what they want.

The big problem with online pharmacies is that many are unregistered and that means unregulated, so buying from them is potentially unsafe. The drugs they provide may be unsuitable for the patient or unsafe or be badly or unhygienically produced – you don’t know what you will get.

Medication should only be taken under the supervision of a healthcare professional as their guidance and knowledge of your state of health is crucial in ensuring you get the safest medications.

For prescription-only medicines, an online pharmacy must receive a legally valid prescription before dispensing the medication. This means you’ll either need a paper prescription or an electronic prescription via the Electronic Prescription Service from your GP.

Some sites do offer prescriber services, where provide a consultation with a medical practitioner who can write prescriptions.

It can be difficult to distinguish between registered online pharmacies and other commercial websites. The General Pharmaceutical Council operates an internet pharmacy logo scheme to identify legitimate online pharmacies and you should only buy from registered pharmacies. However, some illegal online pharmacies fake the logo so you have to check carefully.

Check if a website can legally sell medicines online

Search the Medicines and Healthcare products Regulatory Agency (MHRA) register to check if a website is allowed to sell medicines.

You can search the register by the business:

If you have any experiences with online pharmacies do me know, by email.

Fightback Ninja Signature