Category: Warning

Are You Prepared for Security Incidents

  1. How well prepared are you to respond to a cyber security incident?
  • Do you have plans in place to respond to, and recover from, the most likely scenarios?
  • Have you practised your response to such incidents, including at senior management level?
  • Do you have the relevant expertise within the business or access to external sources with that expertise?
  • Do you have experts on call and ready to respond to a cyber incident?
  • Will the company be able to keep running in the aftermath of a serious cyber attack?

Cyber attacks are increasingly common and it’s not just large companies at risk, but businesses of all sizes.

Large businesses may have all the requisite controls necessary to deal with a cyber disruption, yet businesses of all sizes are at risk.  Get the protection and planning you need.

Average Investment in Cyber Security 2017/2018

  Micro/Small Businesses Medium Businesses Large Businesses
Mean Spend per year £2,220 £41,600 £149,000
Median Spend Per Year £152 £5,190 £24,700

You can see the difference in average spending on cyber security and this is reflected in the level of preparedness for cyber incidents by these various sized businesses. Charities spent significantly less than commercial business in all three size categories.

Whatever size your business and whatever it’s business, make sure you spend enough to ensure you are able to deal with cyber attacks and recover from them as too many businesses fold within months of such an attack.

The nature of your business may determine the dangers involved with online data and services and also the level of protection needed.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

The Problem of Automated Competition Services

If you host a competition on your website you may find that hundreds of emails or online entries appear but they all have the same format and just have a person’s name, phone number and address.

If there were any questions to answer in the competition they wont be in the submissions.

Q. What is going on?

It’s likely your competition has come to the attention of one or more online automated competition entry services.

These services charge people a monthly fee to enter them automatically into lots of competitions.

Services such as

  • Win24
  • WeWin4U
  • Prizewise
  • Prize500
  • PrizeDrawCentre

For some competitions maybe that isn’t a problem, but for others it can a big annoyance and even overwhelm the number of genuine entries by individuals.

One of the companies listed above guarantees each person at least 1,000 competition entries per year.

Automated competition entries are of little benefit to a website running a competition as there isn’t anyone looking at the website – just software.

How To Avoid Competition Spam

  • Don’t offer an email route to enter the competition – only through a form on the page
  • Don’t have a competition where only name and address are required to enter – include at least one question to be answered and preferably one or more questions that are open rather than having multiple choice answers
  • Use a form with a CAPTCHA to stop the automated entries
  • Consider making users login to enter your competitions, but you might lose some people that way
  • Make it a rule that automated/bulk entries will be disqualified and do disqualify any that get through

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

 

Ransomware Targets

Ransomware is where software is downloaded (against your wishes) to your computer and blocks you from using the computer until you pay a ransom, usually in Bitcoins to unlock the device or decrypt the files.

You may think that Ransomware would be targeted at rich businesses, but that’s not generally the case. Ransomware scammers sometimes target home users, because they probably have little cyber security, don’t keep regular backups and wouldn’t know what to do if hit by ransomware.

Plus, there’s a lot more people than there are businesses.

Ransomware scammers may target businesses because:

  • That’s where the money is
  • Attackers know that a successful infection can cause major business disruptions, which will increase their chances of getting paid
  • Computer systems in companies are often complex and prone to vulnerabilities that can be exploited through technical means
  • Ransomware can affect not only computers but also servers and cloud-based file-sharing systems, going deep into a business’s core systems and data
  • Cyber criminals know that business would rather not report an infection for fear or legal consequences and brand damage.

Ransomware scammers may target public institutions because:

  • Public institutions, such as government agencies, manage huge databases of personal and confidential information that cyber criminals can sell
  • Budget cuts and mismanagement frequently impact the cybersecurity departments
  • Public institutions often use outdated software and equipment, which means that their computer systems are packed with security holes that can be exploited
  • A successful infection can cause huge disruption

The following blog post tells you how to stay safe from ransomware. https://fightback.ninja/test/how-to-stay-safe-from-ransomware/

If you have any experiences with ransomware do let me know, by email.

Fightback Ninja Signature

Automated Competition Entries

Many people like entering competitions – they are a challenge and you might win a worthwhile prize. Some people even make this a full time job – entering as many high value competitions as possible.

A small number make a significant amount of money on a regular basis but for most it’s an occasional win for fun and to supplement their income.

There are automated services online that once you’ve handed over payment and your details will enter you into dozens or even hundreds of online competitions each month.

Are These Services a Good Idea?

Yes and no.

They will get you into large numbers of competitions with little effort and cost.

But there are disadvantages, including:-

  • You may be entered into competitions that you wouldn’t want to enter
  • You may win prizes that are of little or no use to you
  • They can only enter you into competitions that don’t require any skill and that is very limiting
  • Many competitions do what they can to disallow automated entries
  • Most competitions are intended to bring people to a website and the use of an automated service denies that so the competition provider loses out

There is nothing illegal about the automated competition entry services but maybe it’s better to manually enter competitions of your choice.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Online Scams and How to Protect Yourself

A guest post by John Adams

Scams are very common, whether you are running an online business or not. Scams surround us in various forms. Unfortunately, small businesses are more prone to these scams mainly because many do not give sufficient focus to the online security of their business. Moreover, they don’t generally have the same access to cyber experts as do the larger companies.  Here are some common online scams that target small businesses:

  • Phishing or Smishing
  • SEO scams
  • Payment scams
  • Malware
  • Vanity scams
  • Fake invoices

Scammers target everyone around them, whether in business or the public. The scammers create believable stories to convince you to give them your money and if you’re not wary you may fall victim to their practised ploys.

However, the most important thing is that you should know how to protect yourself, as follows:-

  • Accept that fraud and scams do exist. Be alert when you deal with any uninvited person or business.
  • If you are not sure about the legitimacy of a business or person you have met only once, search on the internet for those who may have had a similar experience.
  • Avoid opening/answering any suspicious email, message or pop-up window
  • Do not give out your personal details unless you are very sure who you’re dealing with
  • Make sure your computer and mobile are secured and have updated security software installed.
  • Pick strong passwords and consider changing them periodically
  • Keep your social media privacy settings high
  • Ignore requests for your details or money
  • Watch out for anyone using unusual payment methods e.g. Western Union
  • Shop online only on trusted websites and brands

Protect yourself now to avoid any damage. And if you have fallen prey to an online scam then report it to law enforcement.

James A. Abate provides highly professional criminal defense representation and personal attention during troubled times.

www.jabatelaw.com

Fightback Ninja Signature

The Amazon Brushing Scam

This is a strange scam as it starts with unexpected packages being delivered to you, typically from Amazon but could be from other suppliers.

The fraud starts with a the scammer creating an account on Amazon using a real stranger’s name and address. Then the scammer orders products and they are delivered to the stranger’s home address, which is a surprise for the recipient.

Q. Why would anyone do this?

It’s all about getting good reviews. The scammers use the account they’ve set up to post fake ‘verified reviews’ on Amazon (or another service) that are positive about the products the scammers want to push or may be negative about competitor’s products. The scammers may be the sellers of the products or may be paid to specifically create these fake reviews, or to damage a sellers reputation.

Investigators believe it is largely third-party sellers on Amazon that are buying their own products in order to leave a  five-star review, and using stranger’s  names and addresses to appear as independent customers.

The recipients of the products may be very surprised at goods turning up on their doorstep but they are not charged for the items in questions, so it is theft as such.

Where the problems arise for the recipients is that they may not be able to turn off the deliveries and getting the account cancelled will be difficult as only the scammers know the passwords etc.

There is also a bigger worry – how did the scammers get their details in order to create the account?

If the scammers have that information about you then they may use it to carry out more damaging forms of identity theft.

If you receive packages from businesses such as Amazon that you did not order, then do contact the supplier and change any relevant logins and passwords.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature