Category: Warning

Warning – Web Coin Mining on Your PC

For normal physical currencies, each country has an appointed currency maker – such as The Royal Mint in the UK that makes currency for the UK and several other counties. But with cyber currencies – who makes it and how?

The creation of new coins is called “mining” and involves large amounts of computer processing and this increases as more currency is created. For Bitcoin, the effort involved in making new currency means very few can manage it.

But, if you could somehow spread that computer processing demand out among thousands or even millions — of unknowing user’s computers, it would make mining a lot cheaper and possibly quicker.

This is exactly what some websites are doing. They use your CPU to mine cryptocurrencies like Bitcoin without your knowledge.

This can happen to you simply from visiting a website that uses JavaScript to start using your CPU for processing.

There are other methods but this is the most common and can be avoided if your browser has JavaScript disabled – but that will also block the functionality on some popular websites.

How to know if this has happened to your computer?

It’s not easy to identify unless your PC is suddenly very very slow and the CPU seems extremely busy while doing nothing.

Some websites can quietly use your CPU to mine cryptocurrency and they limit they effect on your work so you wouldn’t know unless you went out of your way to find out.

On a windows PC you can press CTRL, ALT and DELETE at the same time then select Task manager and see the CPU utilisation levels.

But if in doubt, the easiest remedy is to reboot your computer.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Parisian Gold Ring Scam

 

Paris is a beautiful city and generally it’s a very safe city to visit.

But it does have some notorious scams that regularly happen to tourists.

 

 

You’re walking along noticing the sights and see someone apparently pick up something from the ground.

They seem to have a ring and they come over to you and show their good fortune as they’ve just found a gold ring on the ground.

They ask if it’s yours.

“Non”.

Then they offer to sell it to you for maybe 50 Euros.

If you’re not interested then the price drops and keeps dropping as they will probably agree to just 10 Euros for the ring.

But even that is a bad deal as the ring is just cheap metal with gold colouring.

Don’t pay these scammers anything.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A 2016 survey of 428 businesses that have suffered cyber-attacks in the previous months.

You can see from the statistics above for 2016, that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

The SIM Swap Scam

If you access a website and have forgotten the password, there is usually a link labeled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email.  You click the reset request in the email message and reset your password.

Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.

This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.

The SIM Card Swap

Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.

This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.

They will then have access to your messages, contacts list etc.

Then they try to access your bank account and shopping accounts.

Prevention

To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminal’s intent on defrauding you or stealing your identity.

Text messages are very useful, but remember that they are not encrypted and can potentially be read by anyone.

You can use APPS that encrypt the data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.

If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Australian Fake Kidnappings

This fake kidnapping ploy started in Taiwan with Chinese gangs preying on Taiwanese students and the gangs involved have recently started up in Australia, targeting overseas students.

The parents of the ‘kidnaped’ student get a call saying their son or daughter has been kidnapped and the kidnappers seem to know about the student, thereby convincing the parents who then try to find the money to pay the ransom.

Their attempts to contact their son or daughter fail.

What has happened is that the gangs started by targeting overseas students (especially Chinese students) where the parents will have trouble travelling to the University.

They learned what they could about their targets initially then contacted the targets – claiming to be the authorities, telling them their life is in danger and they could be deported or imprisoned.

They learn more about the target so as to be able to convince the parents and they warn the target not to contact anyone or talk with anyone and to ignore phone calls, emails etc. as these could be false.

This is a nasty business as the parents will be terrified and pay a ransom and the target will be terrified to talk to anyone and in fear of prosecution.

The official advice is that anyone who receives such threatening calls they should contact the authorities immediately and certainly not just pay a ransom.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

 

Call Connection Services

Would anyone choose to pay £3.60 to be connected to a phone number that is well-known and free of charge?

The answer to that is that they wouldn’t do it deliberately.

However, imagine for example, your car breaks down and you’re stopped in a difficult place and in a hurry somewhere and it’s dark. A quick check on Google on your phone gives you a number for the RAC breakdown service and you call it.

Only afterwards do you realise that you called a call connect service rather than calling the RAC directly.

They advertise on Google and elsewhere to catch out people who are in a hurry or just inattentive to what’s actually on screen.

Your call will have cost about £10 more than it needed to.

Call connect services offer simply to put your call through to whoever you wanted – in this case the RAC breakdown line but they charge a lot for doing so. The RAC has free numbers but in the rush you missed that and the penalty for lack of attention is a bill you didn’t need.

Some of the call connection companies that place these adverts on Google etc. are up front about the fact you can dial directly and save money but some hide this fact.

Always call direct to save money and beware of ads on Google etc. designed to catch you out.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Craigslist Scams

Craigslist is a very popular classified advertisements website and it has had problems with scammers in the past.

 

Craigslist publish the following guidance on how to avoid scams.

  • Deal locally, face-to-face —follow this one rule and avoid 99% of scam attempts.
  • Do not extend payment to anyone you have not met in person.
  • Beware offers involving shipping – deal with locals you can meet in person.
  • Never wire funds (e.g. by Western Union) – anyone who asks you to do this is a scammer.
  • Don’t accept cashier/certified cheques or money orders – banks cash fakes, then hold you responsible.
  • Transactions are between users only, no third party provides a “guarantee”.
  • Never give out financial info (bank account, social security, paypal account, etc).
  • Do not rent or purchase sight-unseen—that amazing “deal” may not exist.
  • Refuse background/credit checks until you have met landlord/employer in person.

How to Recognise Scams

Most scam attempts involve one or more of the following:

  1. Email or text from someone that is not local to your area.
  2. Vague initial inquiry, e.g. asking about “the item.” Poor grammar/spelling.
  3. Western Union, Money Gram, cashier check, money order, paypal, shipping, escrow service, or a “guarantee.”
  4. Inability or refusal to meet face-to-face to complete the transaction.

Examples of Scams

  1. Someone claims your transaction is guaranteed, that a buyer/seller is officially certified, OR that a third party of any kind will handle or provide protection for a payment:

These claims are fraudulent, as transactions are between users only.

The scammer will often send an official looking (but fake) email that appears to come from Craigslist or another third party, offering a guarantee, certifying a seller, or pretending to handle payments.

  1. Distant person offers a genuine-looking (but fake) cashier’s cheque.

You receive an email or text (examples below) offering to buy your item, pay for your services in advance, or rent your apartment, sight unseen and without meeting you in person.

A cashier’s cheque is offered for your sale item as a deposit for an apartment or for your services. The value of the cashier’s cheque often far exceeds your item—scammer offers to “trust” you, and asks you to wire the balance via a money transfer service.

Banks will cash fake cheques and then hold you responsible when the cheque fails to clear, sometimes including criminal prosecution.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

The Danger of Internet Connected Gadgets in Your Home

Some homes are now filled with dozens of appliances, devices and children’s toys which can be connected to Wi-Fi and some are useful while others are just for fun, but if they are not fully secure the consequences can be unpleasant .

Often set with a default password or no password, these devices can  provide an easy route for cyber attackers to get into your systems and look for confidential information.

The Internet of Things

The “Internet of Things” is a name for the adoption of Internet enabled devices in the home. The idea being that more and more household objects will communicate over the Internet. Common such items now include thermostats controlled by an APP, smoke alarms that phone you, toys that access Internet stories and music, the Alexa and Google Home devices that you can say instructions to and they use WI-FI to control other devices or find information or translate something. This also includes Internet-connected “wearable” devices, such as fitness bands which upload your GPS co-ordinates and telemetry to the Internet so you can access the data on your PC.

Many companies are working on more of these Internet of things devices.

These devices can give out information to interlopers that you may not consider e.g. the recent case of American Special Forces soldier wearing fitness bands and their location being broadcast on Google.  OOPS.

How to Make Your Connected Home More Secure

  • Secure the wireless network. Use the WPA2 protocol if your broadband router allows that option.
  • Give your Wi-Fi network an unusual name that doesn’t identify your address e.g. General Electric.
  • If guest access is enabled on the network – disable it.
  • If your router is capable of creating two separate WI-FI networks then use one for computer devices and a separate one for household gadgets.
  • Always use strong passwords that cannot possibly be guessed by anyone e.g. a string of random words.
  • Login name is often admin or administrator by default – If you are able to change the login name then change it to something that cannot be guessed.
  • Disable any remote access for gadgets. If you ever need it for allowing the supplier to fix a fault then you can re-enable it temporarily.

Some of these gadgets have appropriate Internet security and insist on strong passwords etc.  but others have little or no thought of security, so you must take care to plug any holes in security.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature