Category: Warning

The Email Delivery Failure Scam

If you address an email to a non-existent address then you will get a genuine email delivery failure message in return.

That will make sense as you had previously sent out the message that failed.

Usually it just means a spelling mistake but can mean the recipient has deleted that email address or simply that their email mailbox is full.

However, you may also get such delivery failure messages about messages that you didn’t send.

These are usually phishing scam messages and there will be an attachment to download (filled with malware) or a link to click to get you to input your login and password.

These failure message usually have large chunks of technical gobbledegook such as

host mta5.am0.yahoodns.net [67.195.228.109]

Delay reason: SMTP error from remote mail server after pipelined MAIL FROM:<you@gmail.com> SIZE=6745:

421 4.7.0 [TSS04] Messages from 216.120.234.35 temporarily deferred due to user complaints – 4.18.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html

The messages sometimes do not say the message has been rejected, but that it has been delayed or is held in a queue. Makes no difference – it’s just a scam.

Do not click anything or download anything from such email messages.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Google Play Store Hidden Adverts

Researchers from Avast issued a warning about 47 apps they had found on Google Play Store that are disguised as games but contain adware.

Adware is a type of malicious software that inundates you with incessant pop-ups and messages, such as

“CONGRATULATIONS! YOU’VE BEEN SELECTED FOR A FREE SAMSUNG GALAXY S20! CLICK HERE!”.

These APPS are not malicious, but include adware technology that the user does not know about and is used by spammers and scammers to target people. This can result in your smartphone being overloaded with intrusive and sometimes unpleasant adverts.

Besides being annoying, adware can track the websites you visit and access your personal information,.

These apps had already been downloaded more than 15 million times when found by AVAST.

Avast has provided some tips to help you spot malicious apps:

  1. Carefully check the permissions the app requests before installing it. See what the app is asking to access. If it’s asking for data it should not need, consider this a red flag
  2. Read the privacy policy and the terms and conditions. Most people never do, but you can miss key points on what the APP does if you do not read these.
  3. Read the user reviews and if there’s anything worrying or too many bad reviews then consider dumping the APP.
  4. Install strong anti-malware on your device so that adware and other malicious apps are automatically blocked.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

How Hackers Take Email Addresses From Websites

To build up lists of email addresses that can be sold to spammers and scammers, hackers run software that scans websites and looks for email addresses.

This is called email harvesting and is done on a huge scale.

The hackers typically scan websites, mailing lists, internet forums, social media platforms and anywhere else they can find email addresses online.

The characteristic format for an email address is name@domain.com so it is simple for email harvesters to read web pages and look for the @ symbol as it seldom occurs anywhere on web pages except in an email address.

The harvesters can also check for unusual variations on that theme e.g. User[at]domain.com or User[AT]domain[DOT]com

In web pages, an email link is generally of the format ‘mailto:user@domain.com’ so these can easily be spotted and added to their list by the harvesters.

Many web developers try to stop this happening by disguising any email links such as by displaying the email address as a picture that the user must then type in the address to their email system or by encoding some or all of the letters in the email address.

e.g. “&#65;” is letter A, “&#64;” is letter B and so on.

The simplest approach is to use a contact form instead of an email address link. His works for one email address but not so applicable if you have lots of email address links on the same page.

There are many more ways to hide email address links from harvesters, but whatever you try – make sure not to have such addresses showing in clear text.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

The Secure Padlock Myth

When browsing on the Internet, you will be familiar with the padlock symbol that appears just to the left of the internet address. Depending on your browser, the padlock symbol may be green.

That padlock means ‘secure’ and you should never input any confidential information on a website if there isn’t a padlock symbol showing.

However, this does not mean that the website is safe to use – only that a level of encryption is in use between the browser and the Internet address. This encryption is called SSL.

The little padlock does not mean that the website is safe as criminals can easily get SSL for their fake scam websites.

Google has plans to stop using the padlock symbol as the vast majority of websites now do use SSL security, so would have the padlock symbol.

If you want more details on a website’s security, you can click on the padlock symbol and it will tell you the organisation name for the encryption certificate. If it doesn’t match the domain name (i.e. the Internet address) then that is a red warning flag.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

What is Clickjacking

The term “clickjacking” is a portmanteau of the words “click” and “hijacking”.

Clickjacking is where you click on a link on a web page but you have unknowingly clicked on something hidden.

This is a way for scammers to get you to make purchases on Amazon or other retail sites without your knowledge, or to start videos, sign up for subscriptions etc.

This only happens on scammer’s websites, not on reputable business websites, but you can inadvertently end up on such a website by clicking a link in an email or on social media etc.

For example, you receive an email with a link to a video about a news item and you click it – expecting the news item to appear. However, it takes you to a page of news items and you click one but have in fact unknowingly clicked on a link to buy an expensive item on Amazon. The item selected is sold by the scammer and will be removed from Amazon before you can claim a refund.

That Amazon link was transparent and over the top of the link you actually intended to click.

This scam using Amazon relies on you having one-click purchasing turned on and that you are logged in.

Scammers using this technique for to get clicks on a video that they get paid for or likes on a social media site they get rewarded for etc.

The technique used in this scam is sometimes called User Interface Redressing which is a wider term than clickjacking and also includes browserless clickjacking, Likejacking and more.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Does Your Website Attract Fake Traffic

Website owners are always keen to know how much “traffic” their site gets i.e. how many people visit the site, which pages they read etc.

We all know that some of the traffic on the Internet is fake, but most website owners hope it is a small percentage of the real traffic.  However, some companies in the field of advertising believe that up to 50% of traffic achieved through advertising could be fake.

In this context ‘fake’ means it’s not a person looking at your website – it’s another  computer.

This is the reason why so many websites these days insist you answer a Capcha query (click the I’m not a robot button) to prove you are a human being.

Fake traffic is traffic generated by software not by humans. Fake traffic is used to artificially inflate ad revenue by making a site’s audience appear greater than it is in reality.

If an advertising network identifies a website’s traffic as fake, it will likely result in suspensions or even bans on the publisher’s advertising account.

How To Identify Fake Traffic

This is a complicated matter and needs expertise, but you would start by examining the statistics for the website :-

  • A very high bounce rate can indicate a lot of disinterested visitors or bots (computer programmes rather than people)
  • A very low pages/session figure can mean people attracted to the site are only interested in one link then they leave. If combined with a very short average length of visit can mean automated viewing not people.
  • Geography: If your website is in English and you get large amounts of traffic from countries where English is not typically used much, that can indicate suspect traffic.
  • A sudden unexplained increase in traffic can be welcome but if it doesn’t make sense e.g. no extra purchases or comments then it may be caused by automated systems scanning your website.

How to Stop Bots Accessing Your Website

Using a CAPTCHA to ensure visitors are human rather than computer is a good start and there is a file on your website called robots.txt which tells bots whether or not they are allowed to access the website. (Check on the Internet for how to access and edit this file on your website). Reputable business bots will access and obey the instruction in robots.txt but scammers, spammers, hackers and many others will ignore it.

If the fake traffic problem is seriously impacting your website and customers, then there are online services that will filter out such unwanted traffic but that does cost of course.

All sites attract fake traffic and the more popular a site then typically the more fake traffic it will get.

If you have any experiences with this problem, do let me know, by email.

Fightback Ninja Signature