Category: Warning

How to Spot a Romance Scam

Running romance scams is a full-time job for some scammers and they can be very good at it. In the first three months of 2018, New Zealanders reported losing $7.9 million to romance scams – and the real figure is probably much higher as most people don’t report such scams, due to embarrassment and blaming themselves for falling for a con.

A scammer pretends to be in a relationship with someone online in order to scam them out of money. This is most commonly through dating websites and APPS but also through social media, other websites and APPS where they can find targets. The scammers setup fake accounts on the dating website or wherever needed and usually use other people’s identities and photos as chosen to give them the maximum appeal to their intended victims.

They will have a fake backstory, family, friends and job and usually they’re scamming multiple people at the same time. Once they’ve worked to gain the trust of the person they’ve targeted, they will use various stories to get money or details from that person. They may start by requesting small sums of money to test the waters, and then build up to requesting larger amounts. Sometimes they won’t actually ask for money, but they will talk about problems that can solved by money, because they know that the target will offer financial assistance. In some cases the scammer may try to get the person targeted to unknowingly help launder money for their criminal activities.

How to Identify a Romance Scam

  • Profession of love or strong feelings within a short time of meeting the person online.
  • If your new love mentions health problems, family issues, business troubles or other issues that could be solved with money.
  • Requests for money: You should be wary of any request for money.
  • Changes in communication style: If there are several scammers taking turns to maintain the relationship, their writing styles may change.
  • If a new romantic contact is not willing to meet up or talk via video call, or comes up with a series of excuses to avoid meeting, you should be cautious.
  • Financial assistance to meet in person: Also be careful about offering or giving the person money so that they can meet you in person.

Some scammers are more than willing to play the waiting game before getting a pay off. Scammers may keep a “relationship” going for months or even longer before they begin to request money or drop hints about problems that could be solved with money.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

The Mistaken Delivery Scam

A delivery arrives at your door – it’s a very expensive top of the range mobile phone.

You are surprised but not worried.

Then a courier arrives and tells you the package was delivered by mistake and he needs to return it.

Sounds reasonable and you hand over the package.

What has likely happened, is that a scammer has obtained your personal details and ordered the phone in your name and you have paid for it. Then they try to intercept the delivery before it gets to you but if they fail to do so then a fake courier turns up and asks for the package, supposedly to return it.

If you do receive a package with your name on that you didn’t order – check with the supplier whether it was ordered by you or someone else (possibly as a gift) and return the item to the supplier if it’s not for you.

You can also report this to the Police once you are certain it wasn’t ordered by someone you know.

To make this more complicated, if a scammer has opened an account in your name with your bank or credit card details then the supplier may not be legally allowed to tell you anything about the account – contact the Police.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

APP Shielding

When developers create a new APP and it becomes popular – there are hackers who want to get into the APP for one of several reasons

  1. The intellectual challenge of seeing how it works
  2. To understand how it works so they can create viruses or other malware that can attack it
  3. To find out if they can hijack the APP to do their bidding

An intellectual challenge isn’t threatening to others but the other reasons are criminal and it does happen that even APPS on APPLE and Android Pplay stores can be cheated by hackers and in some cases there has been a major loss of money and reputation as these problems come to light.

To prevent hackers getting into their APP, developers can use various coding techniques (called APP shielding), usually classified as

  1. Obfuscation and
  2. Integrity checks

APP shielding is important in many cases and especially with financial APPS.

App shielding is designed to prevent attackers from modifying your app during runtime or at rest, to protect your app’s memory, make app repackaging extremely complex, and provide additional protection against mobile malware.

What Can APP Shielding Do?

  • Prevents and effectively stops the most common types of cyber attacks on mobile apps.
  • Stop Mobile Malware
  • Advanced obfuscation and integrity checks prevents the APP being reverse-engineered which can lead to it being repackaged and released on the app marketplace under a new name.
  • Protect User Data
  • Stop untrusted keyboards, malicious screen readers or screen recorders from stealing the sensitive data, as well as the data leakage via user or system screenshots.

Recent research shows that :-

  • Of 1.7 million apps on the Google Play store, only 24.5% had any Code Protection.
  • 86% of Malware is delivered through APPS that have been re-packaged.

These numbers are of concern as we trust downloads from Google Play store and APPLE but maybe we shouldn’t be so trusting.

Increasingly, developers tool kits will contain code for implementing APP shielding, so it should become common practice for APP developers.

If you have any experience with APP shielding, do let me know, by email.

Fightback Ninja Signature

Means of Identity Theft

Scams reported to the ACCC (Australian Competition and Consumer Commission) involving identity theft or the loss of personal/banking information have cost Australians at least $16 million in 2018 year and this figure is likely to be just the tip of the iceberg.

Four in 10 Scamwatch reports to ACCC in 2019 involve attempts to gain information or the actual loss of victims’ information.

“If you think scammers might have gained access to your personal information, even in a scam completely unrelated to your finances, immediately contact your bank,” said ACCC Deputy Chair Delia Rickard.

The most common ways scammers obtain personal or banking information are:

  • phishing emails and text messages which impersonate banks or utility providers seeking your login and password details
  • fake online quizzes and surveys
  • fake job advertisements
  • remote access scams in which the scammer has direct access to everything on your computer
  • sourcing information about you from social media platforms
  • direct requests for scans of your driver’s license or passport, often in the course of a dating and romance scam

“No one is really selling an iPhone for $1 or rewarding the completion of a survey with expensive electronic goods or large gift vouchers. They are scams to get your confidential information,” Ms Rickard said.

With the information, scammers can empty their victim’s bank accounts and take out tens of thousands of dollars in bank loans under victims’ names.

Lost personal information also leaves victims more susceptible to future scams as scammers will use the  information to seem more convincing in cold calls to perpetrate further scams.

If you have any experiences with identity theft do let me know, by email.

Fightback Ninja Signature

Doodle Poll Scam

Doodle is a well known online scheduling tool. It is professional and used by a lot of people and has nothing to do with scams and scammers.

But, scammers do like to take advantage of other people and turn good things to a bad use.

There are numerous scams involving crypto currencies and this latest one uses Doodle for their scam messages. It is a typical Bitcoin scam but presumably to bypass spam filters this loser has used a Doodle Poll to send out the messages.

The Poll is supposedly to help ‘Curt’ to find the best date for his meeting but of course there is no meeting – just the usual drivel about Bitcoin millionaires.

Yes! You can get a  free Bitcoin!”.

“Earn up to $1000 per hour or more, starting today!”

As with all scam messages – beware clicking anything and now you have to be wary of Doodle polls as once a scammer finds a new method for delivering their lies – others will copy.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Negative SEO

SEO stands for Search Engine Optimization, which is the practice of optimising your website to get more people to find your web site via search engines. This uses a wide variety of techniques, including:-

  • Choosing the best keywords
  • Using those keywords in many places on the site, even in URLs
  • Organising links from other good websites
  • Good website design conforming to Google design standards
  • Creating and regularly publishing good quality original content
  • Correct use of headers, paragraphs etc.
  • Use of social media to publicise the website etc.

Negative SEO means sabotaging a competitor’s rankings in search engines, by reversing some of the same techniques as listed above but also using other underhanded or even criminal methods.

It is a set of activities aimed at lowering a competitor’s rankings in search results and typically includes one or more of the following:-

  • Creating lots of links from bad web sites
  • Copying content from the website to bad web sites
  • Adding negative reviews of the business
  • Hacking the web site

Bad Links

Adding a few links from bad websites won’t have a big effect but there are ‘link farms’ where large numbers of computers and/or people will create a lot of bad links which can then downgrade the search engines ranking of the website. A link farm can also be part of a group of web sites that all hyperlink to every other site in the group and these can be spotted by the search engines and any members correspondingly downgraded.

Hacking

If a hacker can get into your website, they can cause a lot of damage but in the case of trying to sabotage a web sites ranking, it is more likely the hackers will be more subtle in their activities so as to not draw attention to what they have done.

They can for example add links to bad sites but make them hidden links so only the search engines see them.  They could add hidden content that makes the site look like it is copying other sites.

If they want to be more direct, they could redirect the site so that people trying to get to the site end up at a site of their choice instead.  This is done by changing the DNS server settings that point to the web site.

Another method is to change a file called robots.txt on the web site which tells search engines which sections of a web site to ignore and if set to disallow: / then the whole web site will be ignored.

Copying Content

If someone can copy your content onto other lower ranked web sites then that can affect your web site’s ranking. This takes some expertise to make the copied content look original and your site the copier.

How to Stay Safe

It is difficult to prevent a negative SEO attack, but make sure your web site security is fully implemented and up to date. Then you need to keep an eye on web site statistics and take notice if there is a noticeable drop off in visitors from search engines.

If there appears to be a problem then investigate the links to your website and rom your web site and invest in software tools that can identify what’s going on e.g. Spyglass.

If you have any experience with SEO turned against your business –  do let me know, by email.

Fightback Ninja Signature