Category: Warning

Dark Web Pricelist

The Dark Web is the name for websites and services on the Internet that are hidden. You cannot find them on Google or other normal search engines – only on ones for criminal purposes or if you have the direct URL.

On the Dark Web, people buy and sell assorted criminal products and services such as selling stolen credit cards, providing ransomware as a service, facilities to send out mass scam emails etc.

It’s a bad place filled with bad people.

Below are some example prices charged for stolen information, credit cards etc. as found by researchers in October 2020

Category Product
Credit Card Data  
Cloned Mastercard with PIN $15
Cloned American Express with PIN $35
Cloned VISA with PIN $25
Credit card details, account balance up to $1000 $12
Credit card details, account balance up to $5000 $20
Stolen online banking logins, minimum $100 on account $35
Stolen online banking logins, minimum $2000 on account $65
Walmart account with credit card attached $10
Payment processing services  
Stolen PayPal account details, minimum $100 $198.56
Western Union transfer from stolen account, above $1000 $98.15
Forged documents  
US driving license, average quality $70
US driving license, high quality $550
Auto insurance card $70
AAA emergency road service membership card $70
Wells Fargo bank statement $25
US, Canada, or Europe passport $1500
Europe national ID card $550

 

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Police Report Common Phone Scams

The National Fraud Bureau reports that the most common phone scams are:

  1. False reports of a problem with your computer or device
  2. A fake fraud investigation
  3. An investment opportunity

Number 1 is better known as the Microsoft Support scam as most of the scammers cold call random people, pretending to be from Microsoft Support and warning of a severe computer problem. They offer to fix it and to do so they need access to your computer and will charge a fee for their time or for some software they supposedly have to install.

Since these scams became commonplace, most people know to put the phone down on any such call. A message to the same effect (you have a computer problem – call …) may pop up when you are on a new website and it will exhort you to phone a specified phone number – this will be to a scam call centre so do not call it.

Number 2 is the fake fraud investigation which can take many forms with the scammer pretending to be from your bank or the government or the Police etc. Usually, they warn you that your bank account has been hacked and they will assist you to save your remaining money – i.e. by taking it away from you. Any such callers should be ignored but if you want to check with your bank then use a different phone to call your bank on a known number.

Number 3 is scammers offering investments that have zero risk and give guaranteed returns are always fake and you should seek expert advice before making any investment.

Anything that looks too good to be true is almost certainly a scam.

Stay safe.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Fake Fraud Investigations

These scams usually start as phone calls warning you of something criminal going on. Of course, the scam caller doesn’t tell you she is the criminal.

The scammers intent is to convince you to move your money to an account of their choosing and there’s usually a complicated story to get to that point.

e.g. “I am a Police officer working in the fraud department and we are tracking a criminal team working with an insider at your bank. This insider has been trying to take money from your account and other people’s and we must catch him before he takes any more. We need your help to catch him out”.

So, that’s the setup phase, then comes the reason to move your money.

To protect your money, we need to move it to a safe location that the criminals cannot access. Please move your money to the following sort code and account code and we’ll keep it safe for you and do remember not to contact your bank as they may tip off the criminals.”

Once the scammer has your money then it will be moved again to somewhere offshore where it cannot be traced and your money is gone.

Some people who have fallen for this scam or something similar blame the bank for moving their money, but if they are not told there is a problem and you request the move then why shouldn’t they do as asked.

Banks are aware of this scam and usually ask people trying to move their money out of the bank if they are under any duress or need advice.

Do not take instructions from a cold caller on the phone.

Just because someone claims to be from your bank or the Police doesn’t make it true.

Take care.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Ryanair Travel Agent Booking

Ryanair has complained to the regulators that too many people are booking Ryanair flights via travel agents and that’s causing problems for Ryanair including that some passengers are being overcharged.

This is perfectly legal of course – you can book a Ryanair flight via a physical or online travel agent. Ryanair estimate this to be 10% to 15% of their business – about 25 million flights per year.

They may charge you a premium over the Ryanair direct booking cost – but they do need to make money for their time spent, so is not unreasonable.

Most of concern is that they if they book the flight using their corporate credit card and then the flight is cancelled then Ryanair don’t have the correct details to process a refund and the agent may not pass on the full refund or refund  their own charges.

This is legal, so consider whether to buy a Ryanair flight directly through the Ryanair website or to use a travel agent which may be more convenient but more costly.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Stop Remote Desktop Access

Remote desktop / remote control desktop / remote desktop protocol – this means to take control of one computer from another one.

This can be very useful if say you need to work at home but access some services from your workplace or files off your work computer etc.  It’s also used extensively by IT support staff when diagnosing and fixing problems.

Within a company network it can be safe but if you open your firewall to allow remote access through the firewall then this can be a problem.

Microsoft’s implementation of remote access has vulnerabilities that the hackers know about and they scan IP addresses looking for anyone that has left that door in their firewall available (typically RDP is on TCP port 3389).

Security experts believe that this vulnerability is extensively used by ransomware spreaders who can then bypass the password check and gain access to your systems.

If you use remote access through your firewall – make sure you’re safe or turn it off permanently.

Can There Be Safe Remote Access?

This depends on exactly what you want to achieve but the general advice from many security experts is to use a Virtual Private Network or just don’t allow remote access from outside of your firewall.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature