Category: Warning

How Does Social Engineering Work for Scammers?

In this context, social engineering means to manipulate someone into doing what you want e.g. to type in login and password on a fake website so the scammer gets that information.

So, ‘social engineering’ is the methods used to trick people into doing what the scammers want.

It could be a phishing email asking you to urgently login in to your internet banking account or to call a support number as your computer has been infected with malware or a request from a company executive to urgently transfer money.

Generally, we prefer to trust people so if someone calls saying they are from your bank and they know your name and account – it’s easy to believe rather than to question everything. Maybe you answer their security questions and that gives them the details they need to access your account. It can be as simple and quick as that.

An Example Credit Card Payment Scam

A company selling telecom services receives an email from a possible new customer:

Hello,

This is Bill, I have just moved into the area and I need a new phone line.

Do you accept payment by credit card?

What information do you need in order to quote for the work?

Thanks

Bill

After a reply from the Telecoms Company confirming they do accept credit cards, , Bill’s next email sets up the conditions of the scam.

He’s in hospital waiting on an operation.  Lots of description to make it clear he cannot take phone calls or speak to anyone and very much needs help. He describes what he wants fitted in each room and then describes the removal company that is helping him to move while he’s in hospital and they can let the telecoms company in to do a survey if needed.

The purpose of this is to set-up the Telecoms company to accept an over payment by credit card from Bill then pay the removals company, as they cannot accept credit card payment and Bill can’t pay them any other way while in hospital.

This story is complicated and relies on the kindness of the Telecoms company to take the money and pass it on but also on their desire for business.

The telecoms company agrees, takes the credit card payment and then pays the removals company as per the instructions.  For example taking £1,000 for their work up front and £2,000 to pay to the removals company.

It all sounds quite safe, but then comes the sting.

The card was stolen but not cancelled straightaway and when the credit card company do cancel it then will claim the £3,000 back from the Telecoms Company who will end up out of pocket for the work they’ve done but also for the £2,000 paid to the removals company which was a fake operation.

That’s the credit card over payment scam

There are countless similar stories designed to get the punter to accept an over payment and it never ends well for the punter.

The stories are sometimes rough and have spelling and grammatical mistakes – to elicit sympathy for the scammer and at other times the stories have been polished by repeated use.

NEVER accept an over payment.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

PAX Cyber Coins

Digital currencies  (or cryto currencies)  are big business with BitCoin leading the way and a lot of people have made big money from BitCoin. There are some who lost a lot of course as the price can be highly volatile.

There is a new sort of cyber currency called PAX coins. It’s really a means of betting on other cyber currencies and companies on the PayperEx market but scam emails are circulating about PAX that give a deliberately simplified and misleading view on PAX.

Refer to https://fightbackonline.org/index.php/guidance/12-explanations/92-payperex-exchange-and-pax-cyber-coins for further information on PayperEx and PAX coins.

The scam emails claim ”Finally PAX is here! A True and very special digital coin”

“If you bought 100 dollars where the Bitcoin on that day seven years ago it will be worth 73 million dollars”

And so it goes on linking the past of Bitcoin with the future of PAX, but of course there is no connection or correlation.

PAX coins cannot be bought as such, only traded on PayperEx and the value depends on the value of the items that the PAX coins represent.

Trading on PayperEx is very new and it may be legitimate, but the risks are huge and these emails are just scammers looking for easy money.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

Easy To Guess Passwords and PIN Numbers

Most people have realised that they need to have passwords and pin numbers that can’t be easily guessed – don’t use your birthday or year of birth or the dog’s name or a common word etc.

But latest reports show there are still many people with passwords or pin numbers that are very easy to guess.

28% of people in a recent survey had a password that is in the top 20 most common ones and hence could be guessed very easily.

If they can be easily guessed they you could be hacked and lose money and more.

If your pin number is on the list below then change it urgently.

  • 1234
  • 1111
  • 0000
  • 1212
  • 7777
  • 1004
  • 2000
  • 4444
  • 2222
  • 6969

If you password is ”password” or “123456” or “12345678” then change it urgently.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

The Missed Parcel Delivery Scam

In the weeks leading up to Christmas, huge numbers of parcels are delivered by Royal Mail and if you’re not at home when the postman calls then she leaves a card telling you where and when  you can pick up the item and a phone number for more information.

But scammers have been creating fake ‘missed delivery” cards that look very similar to the original Royal Mail version which is called the ‘Something For You’ card.

The scammer posts the fake card through your door and hopes that you phone the number on the card.

If you do, it’s a very expensive call to a long recorded message and you will may only notice when your phone bill arrives just how expensive it was.

There are other variants on this scam, including one where the delivery is claimed to be highly valuable and you must phone urgently or one where you have to phone and pay a charge for re-delivery. Of course there is no such item.

Take care before calling the number on any mail delivery cards put through your letter box.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

Doorstep Safety

There are many genuine trades people and sellers who knock at your door offering legitimate services and products. But, there are also many scammers who want to talk you into bad deals or just steal your money.

For many older and vulnerable people, doorstep sellers can be frightening or too convincing.

If you don’t feel safe answering the door to someone you don’t know then don’t. Someone calling unexpectedly has no right to your time or courtesy. It’s your choice to answer or ignore.

The following precautions may help:-

  1. Keep your doors locked even when at home
  2. Have a chain on your front door so you can safely open it just a few inches
  3. Have a spy hole (or electronic eye) fitted in the door so you can who’s knocking
  4. Get a Trading Standards sticker ‘NO COLD CALLERS’

Trading Standards say you should never sign anything on the spot, never agree to allow any work to start right away and remember that you normally have a 14 day cooling-off period during which you can cancel any work and receive a refund of money paid.

They also say that you should never agree to have work done by someone just passing by. If some work is needed, get at least two quotations from reputable traders. Your local Trading Standards Service may operate an ‘approved trader scheme’ or use check-a-trade or similar review website.

Bogus callers may turn up on your doorstep and say that they have come to investigate a water leak or they are lost and need a drink of water. Sometimes they may say they have a child who has lost a ball in your back garden. They are probably trying to trick you to let them into your home so they can steal cash and valuable items. Don’t let them in.

It isn’t rude to ask someone to leave – it is your right.

Do Neighbourhood Watches Help to Reduce Door-to-Door Scammers?

The anecdotal evidence is that they do reduce this type of crime. This is largely because people are more aware of possible crimes and do keep an eye out for unexpected visitors to their doors. Also, door-to-door crooks tend to avoid areas where there are any signs of organisation against crime.

Stay Safe.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

KB Says Don’t Be Fooled – Trust Your Gut

A post by K.B. Beaumaaks

I am 52 and considered to be of the baby boomer generation. We were raised in a world without the internet, taught to respect our elders and certain professions were considered very trustworthy. Examples are doctors, teachers, police officers etc…. we  were raised that these are people we could trust no matter what and for the most part this was absolutely true.

I had not one but two similar situations happen to me and I am an educated professional with an upper level income. My scams occurred not with an outsider but a partner…. yep first with my ex husband who was a Doctor of Veterinary Medicine then to a boyfriend who was a Police Officer. Two professions that were “trustworthy professions” I was blinded by the scammers that they were. My point is to trust your gut no matter who the person is. If it feels wrong…. chances are it is wrong.

See below for KB’s posts about her first and second husbands

https://fightback.ninja/kb-married-to-a-scammer/

https://fightback.ninja/kb-and-the-police-officer-scammer/

Generally, the geriatric or elderly community were the ones that were scammed by door to door salespersons or telephone scammers. Today people believe the less educated, the lower income, elderly community are the ones prone to scammers. This is absolutely not true according to The Better Business Bureau.

People today believe what they read on the internet, they impulse shop, they receive emails and phone calls about tax issues or debt collectors and we fall for it believing oh if its on the internet, it must be true.

I have written a book called The Preah Secrets and it deals with my veterinary husband and how I discovered his heist and how I followed my gut to eventually discover his intentions of deceit. I prepared and eventually sought justice for myself. I hope the book inspires others to follow their instincts and remember, scams can happen to anyone by anyone.

Go to http://kbbeaumaaks.com/index.php for further insight and to buy the book.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

PDFs Are Not as Safe As You Think

We are all used to having to be careful opening certain emails, zipped files,  WORD, EXCEL and other types of files in case they contain some kind of malware – virus, ransomware, Trojan etc.

But most people feel safe opening PDF documents.

However, scammers are using PDFs more and more as attachments in email or malicious downloads on websites.

PDFs can contain javascript programming which can have malicious intent and they can contain links which of course could go to any website.

Microsoft Malware Protection Center released a list of PDF filenames that are commonly used in malicious emails and websites. Scammers keep making new names of course.

  • pdf_new.pdf
  • auhtjseubpazbo5.pdf
  • avjudtcobzimxnj2.pdf
  • pricelist.pdf
  • couple_saying_lucky.pdf
  • 5661f.pdf 7927
  • 9fbe0.pdf 7065
  • pdf_old.pdf

Q. How can you protect yourself against malicious content?

Most of the PDF exploits use Javascript so if you disable that then a large part of the problem is blocked.

However, common sense goes a long way in protecting you.

  1. Do not open an email or download anything that is sent to you by someone you don’t know
  2. Make sure your email settings are on high protection and your anti-virus and anti-malware programmes are working
  3. If there’s a file on email you really want to open but aren’t sure then save it and then scan it (usually you right mouse click and select scan – depending on which anti-malware solutions you use)

Of course, you should run regular scans of your computer to ensure no malware has been installed.

How to Turn Off Javascript in PDFs

If you use a programme other than ADOBE for opening PDFs then you’ll need to check how to disable Javascript. If you use ADOBE then see below:-

  1. Start Acrobat or ADOBE
  2. Select EDIT then PREFERENCES
  3. Select the Javascript category
  4. Uncheck the Enable Acrobat Javascript option
  5. Save and exit

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Dodgy Business Loans

The big banks and lenders give business loans but there are also a lot of small operations that claim to offer business loans and sometimes how they operate seems very dodgy.

A recent email from social-credit.co.uk tells us that says we are eligible for funding options.

“We help you gain access to rates as low as 4.9% for Unsecured loans and 2% for Secured Loans (indicative).”

“Gain access to funds in 24 hours”.

There is a website social-credit.co.uk which isn’t about loans but about getting your ‘social credit report’ on a subscription basis.

There used to be a UK company called Social Credit Report but it was opened and closed by Jason Jamie Roberts in 2016.

He is currently a director of four other companies.

The bottom of the email says copyright 2017 loans2grow.co.uk so you might assume that is the actual lending company.

Loans2Grow is  not a UK registered company.

There is a website loans2grow.co.uk which lists the name Intatrade Data Network Limited at the bottom of the home page.

This is not a UK registered company name.

At this point I give up on trying to find a genuine company name – but I would certainly not want to have any business dealings with a business that seems to hide behind aliases.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

KB Married to a Scammer

A post by K.B. Beaumaarks

I am an educated professional with an upper level income. My scams occurred not with an outsider but a partner…. yep first with my ex-husband who was a Doctor of Veterinary Medicine – a “trustworthy profession”.  I was blinded by the scammer that he was.

My point is to trust your gut no matter who the person is- If it feels wrong…. chances are it is wrong.

I had met my ex husband as a client with the many rescue dogs I had.

Started a whirlwind romance (not knowing he wasn’t divorced yet) and eventually marrying him. We built a very successful practice together and when it came down to whose name everything went in, he convinced me to put it all in his corporation name stating I was not allowed because I was not a doctor….. meanwhile he stockpiled and hid money from me.

He asked me to sign so many papers regarding corporate taxes etc and I trusted him. He was my husband. Our accountant was our friend. Long story short, eventually I caught him embezzling our life savings and planning on running away to an island without me.

Once I discovered this, I let the courts take over. How could a spouse do this to me. We were married…….

 

I have written a book called The Preah Secrets and it deals with my veterinary husband and how I discovered his heist and how I followed my gut to eventually discover his intentions of deceit. I prepared and eventually sought justice for myself. I hope the book inspires others to follow their instincts and remember, scams can happen to anyone by anyone.

Go to http://kbbeaumaaks.com/index.php for further insight and to buy the book.