Category: Warning

The Danger of Internet Connected Gadgets in Your Home

Some homes are now filled with dozens of appliances, devices and children’s toys which can be connected to Wi-Fi and some are useful while others are just for fun, but if they are not fully secure the consequences can be unpleasant .

Often set with a default password or no password, these devices can  provide an easy route for cyber attackers to get into your systems and look for confidential information.

The Internet of Things

The “Internet of Things” is a name for the adoption of Internet enabled devices in the home. The idea being that more and more household objects will communicate over the Internet. Common such items now include thermostats controlled by an APP, smoke alarms that phone you, toys that access Internet stories and music, the Alexa and Google Home devices that you can say instructions to and they use WI-FI to control other devices or find information or translate something. This also includes Internet-connected “wearable” devices, such as fitness bands which upload your GPS co-ordinates and telemetry to the Internet so you can access the data on your PC.

Many companies are working on more of these Internet of things devices.

These devices can give out information to interlopers that you may not consider e.g. the recent case of American Special Forces soldier wearing fitness bands and their location being broadcast on Google.  OOPS.

How to Make Your Connected Home More Secure

  • Secure the wireless network. Use the WPA2 protocol if your broadband router allows that option.
  • Give your Wi-Fi network an unusual name that doesn’t identify your address e.g. General Electric.
  • If guest access is enabled on the network – disable it.
  • If your router is capable of creating two separate WI-FI networks then use one for computer devices and a separate one for household gadgets.
  • Always use strong passwords that cannot possibly be guessed by anyone e.g. a string of random words.
  • Login name is often admin or administrator by default – If you are able to change the login name then change it to something that cannot be guessed.
  • Disable any remote access for gadgets. If you ever need it for allowing the supplier to fix a fault then you can re-enable it temporarily.

Some of these gadgets have appropriate Internet security and insist on strong passwords etc.  but others have little or no thought of security, so you must take care to plug any holes in security.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

BT Support Internet Scam

This is a latest version of the support call scam.

The Fightback Ninja received a call from ‘Agnes’ at BT support.

She told me they have found that my Internet connection is not working properly and that my IP address shows up as being in California. So they suspect someone has illegally gained access to my Internet connection and that is bad.

Once they have checked they will be able to help me to block this problem.

I just agreed with her as she listed each step, knowing this to be a stupid scam but interested in the process the scammers go through to steal from people.

There were a lot of people talking in her background and I complained that I could hardly hear over the noise. She told me I could hear perfectly well. ‘Agnes’ is a bossy scammer.

Agnes then asked me to check my IP address and said she could explain how to do that.

I checked online and my IP address of course shows my real location, not California as ‘Agnes’ claimed.

Agnes was now getting angry when I told her I could see on screen that the IP address was showing its location correctly. And she accused me of telling stories.

I told her I wasn’t a lying cheating scammer like her.

Then she put the phone down as it was obvious I wasn’t going to be scammed.

These horrible people will take money from anyone – do not believe cold callers unless you can prove who they are and what they say.  Anyone cold calling your home about your Internet connection is almost certainly a scammer.

Note: If you want to know the IP address for your device  there are various ways to check depending on what  device you’re using but a simple website such as will tell you your current IP address and also give you the apparent location of that IP address.

The apparent location will likely show the nearest town but sometimes may show the location of your Internet Service Provider instead so don’t be concerned if that’s the case.

The apparent IP location is generally unimportant – it’s mostly just for the curious.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

Is Your PC Mining Bitcoins for Someone

Criminals keep finding new ways to take advantage of us. Bitcoins and other cyber currencies are constantly in the news and this has led to endless scam offers of untold wealth from Bitcoins and other cyber currencies. But there’s also a new way for criminals to take advantage of you.

The Creation of New Bitcoins

This is through a process called ‘mining’ and it applies to all cyber currencies.

Mining uses huge amounts of computer processing power to keep the blockchains consistent, complete and unalterable. The “blockchain” is how the records of the Bitcoins are stored. Mining becomes progressively more difficult as more Bitcoins are created over time – requiring more and more processing power.

Bitcoin has been in circulation for some years and effective mining requires super computers.

However, hackers get around this by commandeering processing power from large numbers of other people’s computers – possibly your computer.

The hackers infect your computer with malware that lets them download data to be processed and upload the results back to themselves. If you find your computer is always slow and seems to be busy doing something you haven’t asked it to do – this can mean your computer has been infected and is busy working for someone else.

The same hacking tool that allowed the Wannacry ransomware to wreak destruction in 2017 has also been used by hackers to take over people’s computers and use them for mining.

Another similar one is called Smominru and makes infected computers mine for the cyber currency Monero. It is thought that up to half a million computers have been taken over for this purpose.

Make sure your computer is protected against these attacks through the use of anti-virus and anti-malware, take regular backups in case of data corruption or ransomware attacks.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Strange Happenings at was set-up some time ago to warn people about the many varieties of romance based scams that go on.

There is a lot of information to help people to avoid being scammed, but recently the site seems to have been taken over by a business that advertises dating sites.

These are legitimate sites, so no real problem but it is odd that such a business would acquire a scam warning site.

The scam warnings are still on the site but there are also lists of reviews of dating sites and recommendations on dating sites to use.

Perhaps it was a temporary issue but the Report a Scam button didn’t work for me.

Do you know anything of what’s going on with this site? Let me know.

Fightback Ninja Signature

Bitcoin Machines in Shops

We’re all used to ATMs in supermarkets and shops. Some charge for getting your money and some do not.

But recently, Bitcoin ATMS have started to appear in betting shops, general shops and elsewhere.

These don’t give you money – instead, they let you buy Bitcoins.

Bitcoin is a cyber currency that has been in the news a lot recently due to its rising price, thefts of Bitcoins and its use by online criminals.

These new machines are used by people wanting to invest in Bitcoin cyber currency but also there  is anecdotal evidence that they are used by criminals.  Some shopkeepers estimate that 50% – 80% of use is by drug dealers and other criminals wanting to change large amounts of cash into something they can access elsewhere, plus the cash is effectively laundered i.e it appears legitimate.

Once purchased, Bitcoins can be changed back into any currency in many places around the world.

The shopkeepers where the Bitcoin machines are situated sometimes get a  flat fee of £100 – £400 per month and sometimes they can get up to to 30% commission.

This shows that the charges the buyer has to pay to the machines must be very high to allow for such commission to be paid to the shopkeeper.

The machines generally have a limit of about £500 per transaction, but no limit on the number of transactions per person.

For criminals, these machines are ideal repositories for their ill-gotten gains.

The price of Bitcoins rose rapidly throughout much of 2017 but it is very volatile and could easily crash at any time and become almost worthless.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Battle Against Illegal Medicine Websites

There are countless Internet sites selling drugs and medicines, without prescription, that should only be available with a Doctor’s guidance and prescription.

The reasons people buy medicines from Internet sites can be just about saving money but can also be about anonymity, fear of approaching a doctor, ignorance of the dangers involved and so on.

There is a government campaign called #fakemeds with a website at

You can use this website to check if a website you are thinking of buying from is registered to sell medicines and you can report suspected fake medicines and suppliers.

The potentially dangerous products seized by the Medicines and Healthcare Products Regulatory Agency (MHRA) had not tested for safety and have been found in some cases stored in dirty, rat-infested warehouses and garden sheds. In 2016, MHRA seized more than 4.6 million fake medical products and closed thousands of websites selling medicines illegally.

The three key messages are

  1. More than half of all medicines bought online are fake
  2. Side effects can include heart attacks, strokes and death.
  3. Buying from dodgy websites also increases the risk of being ripped off through credit card fraud or having your identity stolen.

The #fakemeds campaign is run by MHRA and a recent study in co-operation with Slimming World shows:-

  • One in three slimmers have tried slimming pills purchased online.
  • Three quarters of slimmers (77%) were enticed by promises of rapid weight loss, more than half were attracted to being able to order discreetly (57%) and more than four in ten (44%) ordered online because they didn’t want to speak to a GP or pharmacist.
  • Nearly two-in-three (63%) suffered unpleasant side effects after taking slimming pills bought online. These side effects included diarrhoea, bleeding, blurred vision and heart problems. Worryingly, four out of five (81%) didn’t report these side effects to anyone.
  • Four out of 10 respondents said they had used the slimming pills knowing there were health risks, with more than six out of ten (62%) doing so because they were ‘desperate to lose weight’.

Be careful buying medicine online and if you should get a prescription for the product then do speak to your doctor and do not risk your health on cheap dodgy products.

More than 5,000 websites illegally selling prescription drugs were shut down in 2016.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

How Does Social Engineering Work for Scammers?

In this context, social engineering means to manipulate someone into doing what you want e.g. to type in login and password on a fake website so the scammer gets that information.

So, ‘social engineering’ is the methods used to trick people into doing what the scammers want.

It could be a phishing email asking you to urgently login in to your internet banking account or to call a support number as your computer has been infected with malware or a request from a company executive to urgently transfer money.

Generally, we prefer to trust people so if someone calls saying they are from your bank and they know your name and account – it’s easy to believe rather than to question everything. Maybe you answer their security questions and that gives them the details they need to access your account. It can be as simple and quick as that.

An Example Credit Card Payment Scam

A company selling telecom services receives an email from a possible new customer:


This is Bill, I have just moved into the area and I need a new phone line.

Do you accept payment by credit card?

What information do you need in order to quote for the work?



After a reply from the Telecoms Company confirming they do accept credit cards, , Bill’s next email sets up the conditions of the scam.

He’s in hospital waiting on an operation.  Lots of description to make it clear he cannot take phone calls or speak to anyone and very much needs help. He describes what he wants fitted in each room and then describes the removal company that is helping him to move while he’s in hospital and they can let the telecoms company in to do a survey if needed.

The purpose of this is to set-up the Telecoms company to accept an over payment by credit card from Bill then pay the removals company, as they cannot accept credit card payment and Bill can’t pay them any other way while in hospital.

This story is complicated and relies on the kindness of the Telecoms company to take the money and pass it on but also on their desire for business.

The telecoms company agrees, takes the credit card payment and then pays the removals company as per the instructions.  For example taking £1,000 for their work up front and £2,000 to pay to the removals company.

It all sounds quite safe, but then comes the sting.

The card was stolen but not cancelled straightaway and when the credit card company do cancel it then will claim the £3,000 back from the Telecoms Company who will end up out of pocket for the work they’ve done but also for the £2,000 paid to the removals company which was a fake operation.

That’s the credit card over payment scam

There are countless similar stories designed to get the punter to accept an over payment and it never ends well for the punter.

The stories are sometimes rough and have spelling and grammatical mistakes – to elicit sympathy for the scammer and at other times the stories have been polished by repeated use.

NEVER accept an over payment.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

PAX Cyber Coins

Digital currencies  (or cryto currencies)  are big business with BitCoin leading the way and a lot of people have made big money from BitCoin. There are some who lost a lot of course as the price can be highly volatile.

There is a new sort of cyber currency called PAX coins. It’s really a means of betting on other cyber currencies and companies on the PayperEx market but scam emails are circulating about PAX that give a deliberately simplified and misleading view on PAX.

Refer to for further information on PayperEx and PAX coins.

The scam emails claim ”Finally PAX is here! A True and very special digital coin”

“If you bought 100 dollars where the Bitcoin on that day seven years ago it will be worth 73 million dollars”

And so it goes on linking the past of Bitcoin with the future of PAX, but of course there is no connection or correlation.

PAX coins cannot be bought as such, only traded on PayperEx and the value depends on the value of the items that the PAX coins represent.

Trading on PayperEx is very new and it may be legitimate, but the risks are huge and these emails are just scammers looking for easy money.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

Easy To Guess Passwords and PIN Numbers

Most people have realised that they need to have passwords and pin numbers that can’t be easily guessed – don’t use your birthday or year of birth or the dog’s name or a common word etc.

But latest reports show there are still many people with passwords or pin numbers that are very easy to guess.

28% of people in a recent survey had a password that is in the top 20 most common ones and hence could be guessed very easily.

If they can be easily guessed they you could be hacked and lose money and more.

If your pin number is on the list below then change it urgently.

  • 1234
  • 1111
  • 0000
  • 1212
  • 7777
  • 1004
  • 2000
  • 4444
  • 2222
  • 6969

If you password is ”password” or “123456” or “12345678” then change it urgently.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.