May 9, 2022

Cancel Your Credit Card or Is It A Scam?

Stephanie Alderson tells her story:

So my husband had a bad experience with fraudsters a couple of nights ago. He got a call on his mobile from a woman who said she was calling from his credit card company (his actual credit card company). She quoted the last 4 digits of his credit card, his address and email address and was obviously calling his mobile number.

She said there had been several high value charges on his credit card that they thought were fraudulent : Selfridges and a few others.

My husband agreed he hadn’t spent money there. She then said she needed to cancel his credit card. She said she’d sent him a code on his phone and he should read the code back to confirm the cancellation.

He was a bit suspicious, but they hadn’t actually asked for any personal details. All they asked for was a code from his phone which did come as a text message from the phone number used by his usual credit card supplier. He asked if he could phone them back to confirm but she said their phone line was about to shut as it was nearly 6pm.

He was a bit hesitant so she then put my husband onto her supervisor who said it was important he authorise them to cancel his card with the code from his phone to avoid being liable for any future fraudulent charges.

Hubby was naturally suspicious but they hadn’t asked for any personal details at all, just this code from his phone. I’d heard him talking on the phone and so I rang his credit card company who confirmed their fraud lines were open and they were always happy for a customer to ring them back.

My husband hung up the phone without giving the code. It turned out someone had setup an Ocado account earlier that day and had used his card to preauthorise payment as a way to check his card worked. The fraudsters then setup a payment for £6,000 from his card to a website.

The code sent to his phone was genuinely from his credit card company to authorise the payment of £6,000 to that website. So they were never after his personal details. They already had all his credit card info. All they needed was for him to give the code his credit card company automatically sends out for new large transactions.

Pretty sophisticated scam especially as they weren’t fishing for personal details but already had them all from somewhere though we’ve never found out how.

His card was then thankfully cancelled by his genuine credit card company and so no money ever left his account but pretty scary that they had his full details and were so brazen about it.

If you have any experiences with these scams do let me know, by email.

May 8, 2022

White Powder Supercharges Your Morning

This scam email is in the form of a story.

A story of how taking a drink each morning of a special white powder with water will turn your day into an energy filled wonder.

The magic stuff is on sale for just one penny per bag currently but only to special customers like me.

Further on in the story the powder is described as being unrefined sea salt, which makes no sense as sea salt is refined from sea water – that’s how you get the stuff.

The story goes on about how everyone is lacking salt and that causes anxiety and fatigue and wears out your kidneys and so on – but it’s just general meaningless drivel.

In fact, most people in advanced countries eat too much salt and that is a big contributor to high blood pressure and kidney damage.

The scammer has no samples – she just wants you to pay one penny so she gets your payment card details and then steal more from you or sell those details to other scammers.

Pathetic

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

May 7, 2022

Time-Wasters Update

“Make any pain go away in 54 seconds” is a ludicrous but eye catching title for a scammer’s email message. She claims that a horse liniment is the strongest painkiller and has been kept secret from people by the government. It’s also supposed to be safer than normal pain medication and works in 54 seconds. Perhaps some people are so confused they would rather trust a ludicrous story than medical professionals but no-one in their right mind would use a drug that is only approved for horses and not people.

Lots of scammers target brain diseases such as Dementia and Alzheimer’s. Usually, the most obvious giveaway in their emails is that they promise far too much. This latest one claims that scientists have conducted a trial with 7,000 people and cured everyone of Dementia, Alzheimer’s and every other type of brain disease and also recovered their missing memories. Pathetically stupid – obviously there has been no such trial and the supposed proof is a ridiculous video made by an idiot using fake brain scans copied from the Internet.

A strange email started with “I have been listening to your productions and it’s dope. You’ve got the right ideas to dominate your music game”. Obviously the sender has no idea who he’s sending to – the message is generic to attract people for any sort of business connected to music and has probably gone to thousands if not millions of email addresses. Plus, it’s supposed to be a business offer but is from a Gmail personal address. Pathetic.

A message claiming to be from Wells Fargo bank tells me they have seen suspicious activity on my account and I should download the attached file to see the details. But then I don’t have an account with Wells Fargo so I wont be downloading a file no doubt filled with malware.

Yet another 419 scam arrives by email. This one says it’s from Jean Bosvu – the Procurement Supervisor at some unnamed company in Angola and she has $16.7 million waiting for me to collect it. I am supposed to email her back at a different personal address with my personal details as of course she doesn’t even know my name. Ludicrous.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

May 6, 2022

UK Gov Phishing Attacks

A phishing attack is when criminals create fake websites that look like well-known websites such as Marks and Spencer or HMRC or British Gas etc. They use the fake websites to get your confidential information.

Top 10 Government ‘Brands’

Brand No of phishing sites No of attack groups Phishing Site Availability in hours

HM Revenue & Customs 16,064 2,466 10

Gov.uk 1,541 241 15

TV Licensing 172 93 5

DVLA 107 53 11

Government Gateway 46 22 6

Crown Prosecution Service 43 26 15

Student Loans Company 19 11 17

Student Finance Direct 13 3 3

British Broadcasting Corporation 8 7 35

Phishing

When a phishing site is identified that is pretending to be a UK government brand, the hosting provider is asked to take the site down. While some government departments do their own brand protection, most don’t and it is simpler and cheaper for this to be done centrally.

Example of a phishing site impersonating HMRC

The domain name that’s been used is onlinehmrctax @ gov.co.uk. That’s intended to deceive the user into thinking this is a real HMRC site. Not all phishing sites use domains like this and many are hosted in areas of legitimate sites that have been compromised by the criminal. Phishing sites are also automatically added to a number of industry safe browsing lists that are consumed by the major browsers and so even if the hosting provider doesn’t respond, or it takes long time for the site to be removed, users of modern browsers with the default security settings are protected anyway

The availability of an attack is the total amount of time the phishing site is available from when the Netcraft service first becomes aware of the attack through to when it is finally taken down. This accounts for the

times when an attack is reinstated by the criminal after first being taken down by the provider, which can happen multiple times in some cases. It is also often the case that a single attack can involve multiple spoof sites, hosted on the same server. If there are many phishing URLs in a single attack, they can easily skew statistics through the responsiveness or otherwise of the hosting provider. Given a group of attacks are all hosted on the same `server’, we group these together taking the longest time any one of them is available as the availability for that group.

Over the last calendar year, we’ve taken down 18, 067 HMG-related phishing sites.

For comparison, in the previous 6 months 5, the volume was 19; 443 sites, also shown on the chart. It’s clear that we have performed fewer HMG-related phishing takedowns in 2017 and the trend is generally downward. Given how the service is driven, it’s reasonable to assume that it sees a relatively constant percentage of the global phishing and so this strongly suggests that there has been less HMG-related phishing this year than last.

However, it is very likely (in the opinion of the author) that this work has had a direct impact on the viability of criminal phishing targeting HMG brands, making them less lucrative and therefore less likely to be used.

It’s obvious from the table that the vast majority of HMG-related phishing attacks continue to use the HMRC brand. That’s unsurprising given that most adults have a relationship with them and everyone would welcome a tax refund.

May 5, 2022

Are Surveys Always Genuine

Many companies use surveys of the public – stopping people in shopping centres etc. phoning two weeks after you bought a product from them and asking you to help them fill it in or by email request or cold call and so on.

Often, these are genuine surveys and the person standing in front of you or the caller is paid to get you to reply to their questions and sometimes there is a small reward for filling in the survey – such as a small gift voucher.

But many cold call surveys are to get information that can be sold on – e.g. if you say you have pets then your name, address, contact details etc. can be sold to any number of pet insurance companies.

So, after the survey you may find yourself bombarded with calls from businesses you don’t want to deal with.

But there are other reasons they call e.g.

They use the information you provide to trick you e.g. if you tell them the magazines you subscribe to then you may get scam emails telling you that your subscription needs to be renewed but the link goes to a fake website that steals your payment details
Giving someone your name, phone number and birthdate can be enough for the scammer to make charges against your phone number
The scammer starts asking survey questions then switches to a hard sell thereby bypassing the laws on cold calling for sales purposes
A reward of some kind e.g. a discount cruise but where you need to pay a small delivery charge and once the scammer has your credit card details they can make any charges against your card they want.

Cold caller surveys may not be what they seem so be careful or just refuse to answer any questions and do not give out confidential information to such people.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

May 4, 2022

Dark Web Pricelist

The Dark Web is the name for websites and services on the Internet that are hidden. You cannot find them on Google or other normal search engines – only on ones for criminal purposes or if you have the direct URL.

On the Dark Web, people buy and sell assorted criminal products and services such as selling stolen credit cards, providing ransomware as a service, facilities to send out mass scam emails etc.

It’s a bad place filled with bad people.

Below are some example prices charged for stolen information, credit cards etc. as found by researchers in October 2020

Category	Product
Credit Card Data
Cloned Mastercard with PIN	$15
Cloned American Express with PIN	$35
Cloned VISA with PIN	$25
Credit card details, account balance up to $1000	$12
Credit card details, account balance up to $5000	$20
Stolen online banking logins, minimum $100 on account	$35
Stolen online banking logins, minimum $2000 on account	$65
Walmart account with credit card attached	$10
Payment processing services
Stolen PayPal account details, minimum $100	$198.56
Western Union transfer from stolen account, above $1000	$98.15
Forged documents
US driving license, average quality	$70
US driving license, high quality	$550
Auto insurance card	$70
AAA emergency road service membership card	$70
Wells Fargo bank statement	$25
US, Canada, or Europe passport	$1500
Europe national ID card	$550

If you have any experiences with these scams do let me know, by email.