Category: Warning

Zeus Malware

Zeus Virus or Zeus Trojan malware (also called Zbot) is a form of malicious software that targets computers running Microsoft Windows, although some versions have been created for other devices and operating systems. It is most commonly used for trying to steal financial data.

It was first detected in 2007 and has infected millions of computers across the world.

The creator of Zeus malware published source code in 2011, which made it possible for many other criminals to create their own versions.

How Zeus Works

Step1. It creates a botnet – this is a network of infected computers that are secretly controlled by a Zeus command server.

Step 2.  The controlled computers then send information to the command server which can collate that for the criminals or can carry out various types of attacks on those computers.

Step 3. Zeus can also steal banking credentials from the machines it infects, by means of keylogging and other methods.

Zeus infects computers typically be means of

  1. Spam emails
  2. Social media campaigns
  3. Drive-by website downloads

How to Protect Against Zeus Malware

The means of protection are basically the same as against malware generally, including:

  • Up to date anti-virus and anti-malware
  • Regular backups of all important information and data
  • Use of strong passwords
  • All software updated as specified by the supplier
  • Consider the use of two factor authentication where appropriate

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

What are Data Brokers

Data brokers, also known as information brokers, collect personal information, package it into bundles, and sell it to advertisers or other third parties.

On the Internet, we are effectively giving away huge amounts of personal information by using search engines, posting on social media, accessing websites that track us, using mobile phone APPS, buying and selling etc.

We give this information away freely  but often don’[t understand how that data is used – sometimes for our benefit but often to help businesses sell more to us and scammers to take from us.

Data brokerage relies on this freely available information that they can collect, package and sell on.

They may collect information on purchases, preferences, habits, location, travel, income, pastimes, health issues, relatives and friends and much more. This collection of data can be used by advertisers to target adverts at you. Some people prefer seeing more relevant adverts and other people find it creepy that searching on Amazon for a product can lead to that product then popping up in adverts on other websites you visit.

It is also likely that this information paints a false picture of you, at least in part.

For example, if you search online for pregnancy items for your sister, buy dog food for the neighbour and signed up to a social media group on marital arts by mistake then you are likely to get adverts focussed on your new baby, your pet dog and martial arts equipment.

Information Sources

There are numerous sources of data on us, but the most common accessed include:-

  • date of birth
  • address
  • property sales
  • who you live with
  • relatives
  • friends
  • income level
  • purchases
  • marriage licenses
  • arrest records

The Data Brokers sell to advertisers, finance companies, landlords, prospective employers and many more.

Make sure they only have the information you want them have, by restricting what you publish about yourself online.

Fightback Ninja Signature

Email Auto Forward

The FBI has warned businesses of the threat posed by cybercriminals who create auto-forwarding rules on their victims’ web-based email services, in an attempt to make them more susceptible to Business Email Compromise.

Business Email Compromise is an American name for fraud where hackers send an email message that appears to come from a known source making a legitimate request but ends up with the recipient being defrauded.

e.g. the hackers manage to get the email address and details for a solicitor conducting a house sale and email their customers asking for payment to be made to a new bank account (controlled by the criminals).

Or a hacker spoofs the email address of the company CEO to instruct a ledger clerk to transfer some company money to a new bank account.

Email Auto Forward Rules

With many email systems you can create rules that automatically move emails to folders or mark emails or delete messages from specified senders or auto forward emails containing specified keywords then delete them, for example.

The criminals use a variety of methods to get access to email systems, the most common being the sending of phishing messages to get the victims to enter their email credentials into a fake website page believing it is something to their benefit e.g. a free prize draw.

With access to the email, they setup rules that, for example, will auto forward any incoming message with the keywords ‘bank’, account’, ‘payment’ or ‘money’ then delete the messages.

The hackers hope this will give them emails containing enough information to be able to create matching fake emails and send those to the relevant companies asking for money to be transferred or to change the bank details for a payment due etc.

The hackers continue this until someone realises their payments are going astray.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Bitcoin Update

Bitcoin has been as high as $19,000 in 2020 but also as low as $6,500 – it can be extremely volatile as there are no real world assets to give it a solid value.

For those who invest in Bitcoin, it’s an unpredictable roller coaster with wild swings up and down. This can make people very rich or they can lose almost everything. Not for the faint hearted and not for anyone who cannot afford to take a big loss.

There are endless Bitcoin investment plans offered by a myriad of organisations.

Some are genuine but generally they don’t care if you win or lose on Bitcoin – they always win whether the price goes up or down.

The volatility of the currency and the occasional stories of people making fortines with Bitcoin encourage scammers to create their scam offerings where you always lose and they always win, unless they get caught by the authorities.

 Bitcoin Scams

Cryptocurrency scams are now a popular way for scammers to trick people into sending money. And they pop up in many ways. Most crypto scams can appear as emails trying to blackmail someone, online chain referral schemes, or bogus investment and business opportunities.

If you’re trying to pay for something online and the retailer wants you to pay in Bitcoin, maybe they are just offering options, nut generally this means there is a scam in progress and you will be the victim if you send that money as it will not be recoverable.

Latest Bitcoin Scam

Periodically, highly organised scammers produce floods of emails, adverts, fake newspaper articles and more in a coordinated attempt to lure people into their scam offering of Bitcoins.

Often these use fake celebrity endorsements such as claiming Richard Branson is selling everything to invest in Bitcoin. Recent names used include Alan Sugar and Daniel Radcliffe. The celebrities have nothing to do with this and try to stop their names being used to con people, but the scammers typically shut up shop and move on before being caught.

Headlines such as

“SPECIAL REPORT: Daniel Radcliffe’s Latest Investment Has The Government And Big Banks Terrified.”

“United Kingdom citizens are already raking in millions of Pounds from home using this “wealth loophole” – but is it legitimate?”

These such messages are always part of a coordinated scam.

If you do consider investing in Bitcoin or other cyber currencies, never respond to such emails, adverts or newspaper articles – do your own research on how to invest and take professional advice if possible.

Fightback Ninja Signature

 

The Website SEO Pitch Changes

Years ago, emails started to flood in offering website design services. Some were real offers by companies and many were real but from individuals as it is the sort of work that can be done easily from home.

Then lots of scammers saw this as an opportunity – offer these services but take the money and do nothing or subcontract at low cost to an idiot who will do a bad job.

After some years of this, the offers turned a bit more aggressive – stating such as that they had checked my website and found it lacking and giving a random general list of faults that they could fix.

These messages were annoying in their volume and being told our website was no good.

Some businesses offering website design moved on to saying that although our website was very good in some ways, it needed more work on some specified things. The scammers copied this new approach.

Again, these were general comments as the scammers never actually viewed the website they were talking about. When you are sending out these messages by the million – you don’t have time to actually view websites.

Then the scammers moved on to offering SEO services. After a while these changed into starting with insults about the lack of SEO on our site and how better SEO can bring in more customers.

You can see the pattern here – the changes often start with genuine businesses offering the services in a new way then the scammers catch on and copy the approach.

Next was social media optimisation and then onto web chat facilities and recently onto chatbots and some have moved on to AI chatbots.

A recent email to the radio station first of all compliments us on our great website design and SEO then offers statistics on why just getting people to the website is pointless unless you have an automated way to get them to make a purchase. The message has pages of boring stuff about how effective these new services can be and eventually some links for us to try their demonstration.

No thanks – any email that starts with a lot of lies about us and our website (however complementary) could never lead to business.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Car Key Cloning

According to a recent survey, 43 per cent of drivers “don’t appear to think twice” about handing over their car keys at a garage, airport parking, car-wash, or at a hotel or restaurant. However, very few people would behave the same way with their house keys.

Also, at home, many drivers leave their car keys in clear view or on a table or a hook near the front door. This can be a temptation to thieves who can try to hook the keys on a pole pushed through the letterbox.

These days, car theft is much less of a problem than its peak of around 20 years ago, but there are still tens of thousands of cars stolen each year. Modern alarm systems have made it much more difficult for thieves to steal cars, but the thieves have also become more high tec.

All new cars sold in the UK have alarms and immobilisers and almost always there is double locking.

Security in most new cars uses radio messages transmitted between the key fob and the car – if criminals have access to both the key and the car they can copy the electronic access, and return at a later date to steal the compromised car. This is not always true as it depends how the signals work.

Police say one in four stolen cars are now stolen using electronic gadgets, which send a signal that stops owners locking their doors by remote.

At Home Theft

You may have seen on TV where criminals can use signal boosters to make your car think the car key is next to the car door and hence unlock. If your key is safely away from the front door of your home or better still in a safe metal box then this form of theft doesn’t work.

Avoid storing your keys by the front door – it may not be fail-safe but get into the habit of leaving your keys well away from your vehicle, such as at the back of the house or buy a safe bag or metal box to store the keys.

Look after your car keys or thieves may find a way to relive you of the car.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature