Category: Warning

The Danger of Online Pharmacies

An increasing number of people buy their prescription medication on the Internet (with or without a prescription). Often this is because it can be cheaper but also at times because the person believes either they can get the medicine they want without a prescription or that it may be easier to convince someone online to give them what they want.

The big problem with online pharmacies is that many are unregistered and that means unregulated, so buying from them is potentially unsafe. The drugs they provide may be unsuitable for the patient or unsafe or be badly or unhygienically produced – you don’t know what you will get.

Medication should only be taken under the supervision of a healthcare professional as their guidance and knowledge of your state of health is crucial in ensuring you get the safest medications.

For prescription-only medicines, an online pharmacy must receive a legally valid prescription before dispensing the medication. This means you’ll either need a paper prescription or an electronic prescription via the Electronic Prescription Service from your GP.

Some sites do offer prescriber services, where provide a consultation with a medical practitioner who can write prescriptions.

It can be difficult to distinguish between registered online pharmacies and other commercial websites. The General Pharmaceutical Council operates an internet pharmacy logo scheme to identify legitimate online pharmacies and you should only buy from registered pharmacies. However, some illegal online pharmacies fake the logo so you have to check carefully.

Check if a website can legally sell medicines online

Search the Medicines and Healthcare products Regulatory Agency (MHRA) register to check if a website is allowed to sell medicines.

You can search the register by the business:

https://medicine-seller-register.mhra.gov.uk/search-registry

If you have any experiences with online pharmacies do me know, by email.

Fightback Ninja Signature

Surrey Broadband Scam

Surrey Police are urging people to be wary of phone calls leading to scams and victims have recorded more than £180,000 in losses to these scams within months.

e.g. an elderly lady from Surrey was phoned by a man claiming to be from BT and he had called to warn her that they were going to turn her Internet connection off for 24 hours  for improvements.

He directed her to a website to download some test software and informed her that compensation would be paid. He just needed her bank details to make the transfer. With that information, the scam moved up a gear and he convinced her to transfer all the money in her account to one he controlled.

The Police warn that these callers target the elderly and will take any money they can get.

They also warn everyone to be careful on receiving an unsolicited call-

  • Do not give financial details to anyone by phone
  • Do not make payment for a service you did not request
  • Do not allow anyone to have remote access to your computer
  • Trust your instincts – if unsure then end the conversation

If you have any experiences with such scams do let me know, by email.

Fightback Ninja Signature

Domain Names Offered

The domain name for your business is an important choice and it should be protected against hackers trying to steal the domain name or the customer traffic it gets.

Once you have a domain name e.g. mybusiness.co.uk then you face the choice of whether it’s worth buying the same name with different extensions e.g. mybusiness.com, mybusiness.uk, mybusiness.london etc.

If you think you might lose customers to other variants on your domain name, then it may be worth the extra small cost to buy more domain names and redirect the traffic from them to your main site, otherwise it could be pointless.

Some people specialise in buying and selling domain names.

They have two basic ways of working-

  1. They look for variants on high profile web site names and see if they can buy any similar names. These might be misspellings on the original name or very similar names or the same name with different extensions etc. They buy up any they think will sell for a high price.
  2. They do as above but don’t actually buy any domain names.

They can then contact the owner of the high profile web site and offer to sell them the variants and spin a story on how it is essential for the owner to buy all variants on the name.

For the ones who take the risk and buy the domain names, it’s a little akin to blackmail but they take a risk and see which ones pay off and it is legal.

For those who don’t risk their own money (i.e. don’t buy the domain names and just pretend to have them) it is legal but more of a con as the owner can just buy the domain names they want directly without having to pay an inflated cost from the scammer.

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Drive-by Downloads

Generally on web pages, you have to click a link or a button or do something to enable the page to download malware to your device.

But, if your software is sufficiently out of date or missing security updates, then  it may be possible for a web page to initiate a download of malware without you taking any action and it may not warn you of the download.

This can be very dangerous.

Anti-malware services can generally spot such danger and block the download but the key is to always keep your software fully up to date.

Common drive-by exploits

Hackers looking to create drive-by malware, generally look at the following:-

  • Old operating systems
  • Browsers such as FireFox, Chrome, Opera, and others, especially out of date versions
  • Out of date browser plug-ins
  • Early versions of Microsoft Office
  • Adobe/Shockwave Flash (ActiveX)
  • Adobe Reader
  • WinZip compression

The types of drive-by malware commonly found include:-

  • Trojan horses – these take remote control of the user’s device
  • Ransomware—allows the attacker to encrypt or threaten to destroy data on the device unless a ransom is paid
  • Botnet toolkits—attackers may install a botnet application that on many devices which can then be controlled as one to carry out actions such as sending spam email or participating in DDoS attacks
  • Man in the Middle tools—enables attackers to eavesdrop on the user’s communications
  • Keyloggers—capture keystrokes and feed them back to the hacker.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

Request For Quote Scam

Sending a request for information is a standard way that hackers check whether the email addresses on a spam list they bought are valid.

If they get a mail reject message then they know the email address is fake.

If they get no reply then the address is real but the owner isn’t stupid enough to reply to a spam message and if the reply is helpful then they know the address is valid and the owner is a good case to be scammed.

More enterprising scammers try to get information from business by sending out messages claiming to want product catalogues, price lists, updates on latest products, guarantee information etc.

The latest set of such Request for Quote emails goes further.

They look professional at first glance, have company names, addresses and contact details, use colour and different fonts to create an impact and have good grammar unlike so many scam messages.

Some even have confidentiality notices at the bottom.

We would appreciate if you send us a quotation for the attached items and also indicate the manufacturer name and country of origin, delivery time and terms of payment”.

The messages are fake of course as genuine businesses do not send in requests for quotation without first having made contact and provided all necessary details and verified that you are a genuine supplier of the relevant goods or services.

The messages are elaborate but the scam is simple and the messages should be deleted.

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Social Networking and Identity Theft

Billions of people use social media networks – Facebook, Twitter, Instagram, YouTube, Snapchat, Tik Tok and more.

Many people share lots of information about themselves and sometimes that can give fraudsters what they need to scam them, specifically to steal their identity.

Identity theft is where a fraudster acquires confidential information about you – sufficient that she can access your online accounts, take out credit cards or loans in your name, commit crimes and use your name etc.

This can be a devastating experience for some and once your identity has been stolen it’s very difficult to reclaim it without a lot of help.

How Identity Theft Can Happen Through Social Networking

To make full use of social media you need to divulge some information about yourself but you should be aware of the following risky activities:-

  • In Settings – choosing privacy to be “low” is risky
  • Accepting invitations to connect from unknown people
  • Downloading free APPS – games etc.
  • Sharing your password
  • Clicking on links that lead you to other websites, even if the link was sent to you by a friend or posted on your friend’s profile
  • Clicking on links in phishing messages or replying to them

E.g. A woman receives a message from one of her friends on social media recommending a cat video for which there is a link. She trusts her friend so clicks on the link, but it doesn’t bring up a video. She didn’t know that her friends profile had been hacked and taken over and the link was to a malicious website. A computer virus has  now downloaded to her computer from that website.

She later finds that emails have gone out in her name to all of her contacts asking them to click on the malicious link.

Be careful and stay safe.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature