Category: Warning

Drive-by Downloads

Generally on web pages, you have to click a link or a button or do something to enable the page to download malware to your device.

But, if your software is sufficiently out of date or missing security updates, then  it may be possible for a web page to initiate a download of malware without you taking any action and it may not warn you of the download.

This can be very dangerous.

Anti-malware services can generally spot such danger and block the download but the key is to always keep your software fully up to date.

Common drive-by exploits

Hackers looking to create drive-by malware, generally look at the following:-

  • Old operating systems
  • Browsers such as FireFox, Chrome, Opera, and others, especially out of date versions
  • Out of date browser plug-ins
  • Early versions of Microsoft Office
  • Adobe/Shockwave Flash (ActiveX)
  • Adobe Reader
  • WinZip compression

The types of drive-by malware commonly found include:-

  • Trojan horses – these take remote control of the user’s device
  • Ransomware—allows the attacker to encrypt or threaten to destroy data on the device unless a ransom is paid
  • Botnet toolkits—attackers may install a botnet application that on many devices which can then be controlled as one to carry out actions such as sending spam email or participating in DDoS attacks
  • Man in the Middle tools—enables attackers to eavesdrop on the user’s communications
  • Keyloggers—capture keystrokes and feed them back to the hacker.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

Request For Quote Scam

Sending a request for information is a standard way that hackers check whether the email addresses on a spam list they bought are valid.

If they get a mail reject message then they know the email address is fake.

If they get no reply then the address is real but the owner isn’t stupid enough to reply to a spam message and if the reply is helpful then they know the address is valid and the owner is a good case to be scammed.

More enterprising scammers try to get information from business by sending out messages claiming to want product catalogues, price lists, updates on latest products, guarantee information etc.

The latest set of such Request for Quote emails goes further.

They look professional at first glance, have company names, addresses and contact details, use colour and different fonts to create an impact and have good grammar unlike so many scam messages.

Some even have confidentiality notices at the bottom.

We would appreciate if you send us a quotation for the attached items and also indicate the manufacturer name and country of origin, delivery time and terms of payment”.

The messages are fake of course as genuine businesses do not send in requests for quotation without first having made contact and provided all necessary details and verified that you are a genuine supplier of the relevant goods or services.

The messages are elaborate but the scam is simple and the messages should be deleted.

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Social Networking and Identity Theft

Billions of people use social media networks – Facebook, Twitter, Instagram, YouTube, Snapchat, Tik Tok and more.

Many people share lots of information about themselves and sometimes that can give fraudsters what they need to scam them, specifically to steal their identity.

Identity theft is where a fraudster acquires confidential information about you – sufficient that she can access your online accounts, take out credit cards or loans in your name, commit crimes and use your name etc.

This can be a devastating experience for some and once your identity has been stolen it’s very difficult to reclaim it without a lot of help.

How Identity Theft Can Happen Through Social Networking

To make full use of social media you need to divulge some information about yourself but you should be aware of the following risky activities:-

  • In Settings – choosing privacy to be “low” is risky
  • Accepting invitations to connect from unknown people
  • Downloading free APPS – games etc.
  • Sharing your password
  • Clicking on links that lead you to other websites, even if the link was sent to you by a friend or posted on your friend’s profile
  • Clicking on links in phishing messages or replying to them

E.g. A woman receives a message from one of her friends on social media recommending a cat video for which there is a link. She trusts her friend so clicks on the link, but it doesn’t bring up a video. She didn’t know that her friends profile had been hacked and taken over and the link was to a malicious website. A computer virus has  now downloaded to her computer from that website.

She later finds that emails have gone out in her name to all of her contacts asking them to click on the malicious link.

Be careful and stay safe.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Warning: Are You on a Sucker List

Scammers trade a list between themselves of people who have fallen for scams and it’s called a “sucker list”.

Sucker lists, which include names, addresses, phone numbers, and other information, are created, bought, and sold by scammers, spammers and some dishonest telemarketers. Scammers know that people who have been tricked once are easier to trick again. As a result, these people are flooded with letters, e-mails and phone calls about inheritances, lottery wins, health cures, investments etc.

In 2015, almost 200,000 people appeared on 13 different “suckers lists” that were seized by fraud investigators.

The average age of people on the list is 75. You can see how scammers target the elderly and vulnerable.

If you’ve ever been scammed, chances are your name could be on one.

How Do You Know if You’re on a Sucker List?

If you have been scammed online and get more scam messages and mail than others then chances are you are on a suckers list and there is no way to get off the list except by not responding to any scam messages for a long time. Evenetually they may lose interest in you.

How to Avoid Getting on a Sucker List:

Ensure you are registered on mail and telemarketing opt-out or do-not-call lists.

The following article explains how to do register with the various preference services.

http://www.fightbackonline.org/index.php/fightback/17-how-to-fight-back/30-how-to-stop-spam-letters

Don’t reply to offers of money, miracle cures, competition wins etc. If you didn’t enter a competition then  you cannot have won one.

If you are truly being bombarded, consider changing your email address and/or phone number, and keep that confidential/unlisted.

In 2017, sucker’s lists held by National Trading Standards contained nearly 300,000 names.

Be careful not to end up on a sucker list.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Online Trading Scams

1. Pump and Dump Schemes

Scammers artificially inflate the price of one or more selected stocks, then encourage traders to buy in (this is called  “pump”) to take advantage of rising prices. However, the shares are over valued and once the scammers think they have pushed the price as far as possible (before people realise what’s going),  the scammers sell their stock (i.e. “dump” is), collect their regards and disappear. The traders innocently caught up in the scheme will see their stock plummet in value, perhaps as far as to zero.

2. Investment Scams

These are basically the same as investment scams to the public offering unrealistically high returns on anything from property to gold bullion to pharmaceutical remedies to shares guaranteed to rise in price.

These scams can be targeted at online traders and are marketed through email, social media and even magazines. Fraudsters typically promise high returns and use fake celebrity endorsements and images of luxury items to entice people to invest in their scams. The ads then link to professional-looking websites where consumers are persuaded to invest by trading themselves using the firm’s platform.

Many victims report initially receiving returns from the scam to give the impression that their trading has been a success. They will then be encouraged to invest more money or introduce a friend or family member to invest. However, then the returns stop, the customer’s account is suspended and there’s no further contact with the firm.

3. Fake Traders

British and Australian victims of a sophisticated enterprise were apparently lured by fake ads posted on Facebook and mobile phone games featuring celebrities such as Gordon Ramsay, Hugh Jackman and the moneysaving expert Martin Lewis.

But the investments in bitcoin, commodities and foreign currencies all appear to be fake.

Victims of the scam were persuaded to install software on their computers and phones that gave fraudsters access to their bank details.

How to protect yourself

  • Be wary of adverts online and on social media promising high returns from investing online.
  • Always be wary if you are contacted out of the blue, pressured to invest quickly or promised returns that sound too good to be true.
  • Always do your own further research on the product you are considering and the firm you are considering investing with.
  • Check the FCA register of authorised firms. If you use an unauthorised firm, you won’t have access to the Financial Ombudsman Service(link is external) or Financial Services Compensation Scheme (FSCS)(link is external), so you’re unlikely to get your money back if things go wrong.
  • Check they are not a clone – a common scam is to pretend to be a genuine FCA-authorised firm (called a ‘clone firm’). Always use the contact details on our Register, not the details the firm gives you.
  • Check the FCA Warning List
  • Check with Companies House to see if the firm is registered as a UK company and for directors’ names.
  • To see if others have posted any concerns, search online for the firm’s name, directors’ names and the product you are considering.

As a general rule, you should consider getting independent financial advice or guidance before making any kind of serious investment. You should make sure that any firm you deal with is regulated by us and never take investment advice from the company that contacted you, as this may be part of the scam. The Money Advice Service has information on investing and about how to find a financial adviser.

Ask Traders has created a guide to online scams targeting traders. It is free to download at https://www.asktraders.com/the-cyber-security-guide-for-trading-beginners/

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

The Email Delivery Failure Scam

If you address an email to a non-existent address then you will get a genuine email delivery failure message in return.

That will make sense as you had previously sent out the message that failed.

Usually it just means a spelling mistake but can mean the recipient has deleted that email address or simply that their email mailbox is full.

However, you may also get such delivery failure messages about messages that you didn’t send.

These are usually phishing scam messages and there will be an attachment to download (filled with malware) or a link to click to get you to input your login and password.

These failure message usually have large chunks of technical gobbledegook such as

host mta5.am0.yahoodns.net [67.195.228.109]

Delay reason: SMTP error from remote mail server after pipelined MAIL FROM:<[email protected]> SIZE=6745:

421 4.7.0 [TSS04] Messages from 216.120.234.35 temporarily deferred due to user complaints – 4.18.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html

The messages sometimes do not say the message has been rejected, but that it has been delayed or is held in a queue. Makes no difference – it’s just a scam.

Do not click anything or download anything from such email messages.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature