Category: Warning

Car Key Cloning

According to a recent survey, 43 per cent of drivers “don’t appear to think twice” about handing over their car keys at a garage, airport parking, car-wash, or at a hotel or restaurant. However, very few people would behave the same way with their house keys.

Also, at home, many drivers leave their car keys in clear view or on a table or a hook near the front door. This can be a temptation to thieves who can try to hook the keys on a pole pushed through the letterbox.

These days, car theft is much less of a problem than its peak of around 20 years ago, but there are still tens of thousands of cars stolen each year. Modern alarm systems have made it much more difficult for thieves to steal cars, but the thieves have also become more high tec.

All new cars sold in the UK have alarms and immobilisers and almost always there is double locking.

Security in most new cars uses radio messages transmitted between the key fob and the car – if criminals have access to both the key and the car they can copy the electronic access, and return at a later date to steal the compromised car. This is not always true as it depends how the signals work.

Police say one in four stolen cars are now stolen using electronic gadgets, which send a signal that stops owners locking their doors by remote.

At Home Theft

You may have seen on TV where criminals can use signal boosters to make your car think the car key is next to the car door and hence unlock. If your key is safely away from the front door of your home or better still in a safe metal box then this form of theft doesn’t work.

Avoid storing your keys by the front door – it may not be fail-safe but get into the habit of leaving your keys well away from your vehicle, such as at the back of the house or buy a safe bag or metal box to store the keys.

Look after your car keys or thieves may find a way to relive you of the car.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Warning: Chain letter Scams

Chain Letters used to be very common as physical letters , in the days before home computing. These do still exist but almost all chain letters these days are by email.

We’ve all received email chain letters – urgent messages that warn us of computer viruses, social media fraud, money making opportunities, urgent charity requests etc. Typically, these emails will exhort you to add your name and forward them to other people – DO NOT. Press the Delete button instead.

Some chain letters can be amusing, but others may contain security threats – viruses or phishing attempts etc.

In recent years, they have appeared on social media as well. Some are carefully crafted and similar to the physical letters but some are very different, consisting of just a few lines directly pitching “Money for Nothing” schemes unashamedly. It is surprising that people fall for these such obvious frauds but some do.  Unfortunately people are so used on social media to just retweeting or reposting without thought that these frauds can circulate quickly.

There are 5 main categories of chain letter:-

  1. A sick child story. A story about how the child needs expensive treatment that the parents cannot afford. The message asks you to donate and to pass on the message so more people can donate.
  2. Fake warnings e.g. that Facebook accounts can all be hacked within seconds or that a new virus is spreading or that an email with a specified title can wipe out all of your files etc.
  3. Big money. A promise of a large financial reward if you take a list of specified steps. This is backed up by a celebrity name e.g. Bill Gates recommends this or Beyonce swears by this etc. Sign up and also your friends but only if you act fast. Always fake.
  4. Petitions, which can be for something obvious such as ban all whaling or can be something very specific. In any case, the idea is to get your name and address which can then be used for a variety of fraudulent purposes.
  5. These used to be very common but less so nowadays. The idea is to threaten bad luck if you don’t pass on the message.

Never forward any message you are unsure about.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

The Danger of Online Pharmacies

An increasing number of people buy their prescription medication on the Internet (with or without a prescription). Often this is because it can be cheaper but also at times because the person believes either they can get the medicine they want without a prescription or that it may be easier to convince someone online to give them what they want.

The big problem with online pharmacies is that many are unregistered and that means unregulated, so buying from them is potentially unsafe. The drugs they provide may be unsuitable for the patient or unsafe or be badly or unhygienically produced – you don’t know what you will get.

Medication should only be taken under the supervision of a healthcare professional as their guidance and knowledge of your state of health is crucial in ensuring you get the safest medications.

For prescription-only medicines, an online pharmacy must receive a legally valid prescription before dispensing the medication. This means you’ll either need a paper prescription or an electronic prescription via the Electronic Prescription Service from your GP.

Some sites do offer prescriber services, where provide a consultation with a medical practitioner who can write prescriptions.

It can be difficult to distinguish between registered online pharmacies and other commercial websites. The General Pharmaceutical Council operates an internet pharmacy logo scheme to identify legitimate online pharmacies and you should only buy from registered pharmacies. However, some illegal online pharmacies fake the logo so you have to check carefully.

Check if a website can legally sell medicines online

Search the Medicines and Healthcare products Regulatory Agency (MHRA) register to check if a website is allowed to sell medicines.

You can search the register by the business:

https://medicine-seller-register.mhra.gov.uk/search-registry

If you have any experiences with online pharmacies do me know, by email.

Fightback Ninja Signature

Surrey Broadband Scam

Surrey Police are urging people to be wary of phone calls leading to scams and victims have recorded more than £180,000 in losses to these scams within months.

e.g. an elderly lady from Surrey was phoned by a man claiming to be from BT and he had called to warn her that they were going to turn her Internet connection off for 24 hours  for improvements.

He directed her to a website to download some test software and informed her that compensation would be paid. He just needed her bank details to make the transfer. With that information, the scam moved up a gear and he convinced her to transfer all the money in her account to one he controlled.

The Police warn that these callers target the elderly and will take any money they can get.

They also warn everyone to be careful on receiving an unsolicited call-

  • Do not give financial details to anyone by phone
  • Do not make payment for a service you did not request
  • Do not allow anyone to have remote access to your computer
  • Trust your instincts – if unsure then end the conversation

If you have any experiences with such scams do let me know, by email.

Fightback Ninja Signature

Domain Names Offered

The domain name for your business is an important choice and it should be protected against hackers trying to steal the domain name or the customer traffic it gets.

Once you have a domain name e.g. mybusiness.co.uk then you face the choice of whether it’s worth buying the same name with different extensions e.g. mybusiness.com, mybusiness.uk, mybusiness.london etc.

If you think you might lose customers to other variants on your domain name, then it may be worth the extra small cost to buy more domain names and redirect the traffic from them to your main site, otherwise it could be pointless.

Some people specialise in buying and selling domain names.

They have two basic ways of working-

  1. They look for variants on high profile web site names and see if they can buy any similar names. These might be misspellings on the original name or very similar names or the same name with different extensions etc. They buy up any they think will sell for a high price.
  2. They do as above but don’t actually buy any domain names.

They can then contact the owner of the high profile web site and offer to sell them the variants and spin a story on how it is essential for the owner to buy all variants on the name.

For the ones who take the risk and buy the domain names, it’s a little akin to blackmail but they take a risk and see which ones pay off and it is legal.

For those who don’t risk their own money (i.e. don’t buy the domain names and just pretend to have them) it is legal but more of a con as the owner can just buy the domain names they want directly without having to pay an inflated cost from the scammer.

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Spreadsheet Macros

Scammers send out huge volumes of emails containing malware attachments and they try to get the recipients to open those attachments. Some of these contain programming code which activates as the file is opened, so this can be dangerous

You can avoid attachments that are actually programmes, but spreadsheets are very useful for financial documents e.g. invoices and statements.

Microsoft Excel spreadsheets usually have the file extension .xls but ones that contain macros are usually .xlsm

Macros are Excel programming code and can contain malware so you need to be beware of these.

e.g. an email claiming to be from Bank of America with a confirmation notice in the format of a spreadsheet with macros i.e. .xlsm format.

Some email systems will automatically turn off automatic macro activation and some anti malware services will do this, but best to be sure by not opening the attached file, however much you may want to know what’s in it.

One particularly nasty phishing campaign used spreadsheets with macros to install a remote access trojan  on the computer’s system. This trojan is known as Grace Wire or Flawed Grace.

That software then steals information from the system and sends it back to the scammer. The attachment also contained malware downloaders that install Dridex and Trick banking trojans.

Do not open attached files unless you are certain they are safe.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature