Tag: government

Government Cyberaware

https://www.ncsc.gov.uk/cyberaware/home

Cyber Aware gives the UK government’s tips on how to stay secure online.

  1. Create a separate password for your email and separate passwords for any important online accounts e.g. financial ones
  2. Make sure the passwords are strong e.g. use three random words hat no-one else could guess
  3. Saving your passwords in your browser means you wont need to remember so many different passwords
  4. Turn on two-factor authentication for important accounts where it is available
  5. Keep your devices up to date with latest security
  6. Backup all important files regularly. Most devices can do this automatically for you.

Your personal email account contains lots of important information about you and is the gateway to all your other online accounts. If you forget an account password, your email address is the means to reset that password and this makes your email password critical to you.

If your email account is hacked all your other passwords can be reset, so use a strong password that is different to all your others.

Weak passwords that can be guessed or are a word in the dictionary can be hacked quite easily.

The longer and more unusual your password is, the stronger it becomes and the harder it is to hack. The best way to make your password long and difficult to hack is by using a sequence of three random words you’ll remember and no-one else can guess.

You can make it even stronger b including special characters such as @£# etc.

Starting with your most important accounts (such as email, banking and social media), replace your old passwords with new ones.

Two-factor Authentication

2FA is a free security feature that gives you an extra layer of protection online and stops cyber criminals getting into your accounts – even if they have your password. It reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a text or code when you log in, to check you are who you say you are.

Check if the online services and apps you use offer 2FA – it’s also called two-step verification or multi-factor authentication. If they do, turn it on.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Government Moves to Stop Pension Scammers

architecture-2892_640

Millions of pensioners are being targeted annually  by cold callers in the wake of the recent changes to allow more freedoms for pensions.

Baroness Altmann, a former pensions minister, has said that she repeatedly tried to ban cold calling for pensions but was blocked by officials who claimed that it “wasn’t possible”.

However, things have changed as Philip Hammond, the chancellor, intends to announce plans to make cold calling of pension savers illegal in his first Autumn Statement as part of a wider crackdown on scams.

Cold callers often offer investment opportunities, such as investing your pension pot in a new housing estate or garages or a hotel in an exotic location.

Pension scams have been a growing concern for policymakers since Mr Osborne’s flagship changes to pension rules in April 2015 that gave millions of over-55s full freedom to cash in their cash and this created new opportunities for fraudsters.

An estimated £19 million was lost to pension fraud in the first year of the pension freedoms, as people cashed in around £6bn of their retirement savings.

  1. What Are The Government’s Plans?

All cold calls where a business has no existing relationship with the individual will be forbidden.

  • Those include scammers targeting people who inadvertently “opt in” to receiving third-party communications.
  • Enforcement action by the Information Commissioner’s Office could include fines of up to £500,000.
  • The government wants to give pension providers more power to block suspicious transfers and to make it harder for scammers to set up a pension plan to facilitate fraudulent transfers.

The Police have said that the amount of money being taken from pensioners in scams relating to pensions scams has almost doubled in the past year from £10m to £18m.

The government is expected to outline further steps on its proposals in the 2017 Budget.

Phillip Hammond claims the move, will protect millions of vulnerable people and cut off the main route through which cowboys trick people out of their life savings.

In his first major Commons set-piece statement, the Chancellor will pledge to bring an end to the misery brought about by the millions of scam calls that happen every year in the UK.

ninja_signature

Government Fights Back Against Cyber Attackers

 

The government has been surprised by the level of Internet attacks on  government systems, the defence industry, the NHS and on critical business such as the electric companies, water companies etc. and even attacks on household names such as Tesco.

It can be hard to pin down who’s to blame for these attacks but they say there are basically 3 groups involved – government sponsored cyber specialists,  criminals and people who just take up the challenge of hacking.

The obvious guess as to the state sponsored cyber hackers is China and more recently Russia. Both countries deny this of course.

The British government has employed cyber specialists for some time to prevent these attacks from succeeding but the time has come for a big increase in spending on this and to officially warn the cyber attackers that the UK will not only defend itself against such attacks but will respond aggressively to any such attackers.

Philip Hammond confirmed that UK security services would cause “damage, disruption or destruction” against those that attack the UK. These “offensive” capabilities would include proactive cyber attacks as well as the ability to defend against incoming disruption attempts.

This seems to be a significant ramping up of the country’s ability in this arena and in particularly that they will go on the offensive where required.

This is a five year strategy and effectively doubles the current spending on cyber defence.

The government claim it is making progress in cyber defence

e.g.1. where it used to take a month to shut down a website spreading viruses it now can be done in 2 days

e.g.2 websites pretending to be government departments can be shut down in hours where it used to take days.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

ninja_signature

US Government Takes Down PCCare247 Scammers

pccare247

The US government set up a sting operation to gather evidence against a company called PCCare247 which was defrauding people.

The Scam

This is a variant on the classic windows support engineer scam.

A cold caller tells you your PC has a virus, offers to prove it then offers to fix it for several hundred dollars or equivalent  in the local currency.

This variant is that PCCare247 advertised heavily that they help people sort out PC issues, but when someone called then PCarre247 would find faults that didn’t exist and charge a lot of money to rectify the non existent problems.

The Sting

Agent  Sheryl Novick phoned PCCare247 . “I saw some sort of pop-up and I don’t know if there’s a problem,” she told a PCCare247 tech named Yakeen. He offered to check her computer for possible problems and he convinced her to download a piece of software that let him take control of her PC.

Yakeen ran Event Viewer on the PC – this always shows lots of errors but they are trivial and should be ignored.

“It has 30 errors,” he told her and that her PC had been hacked by someone who was committing cyber fraud using it and also that there was a virus on the PC.

Yakeen promised that he could “remove all the hackers, remove all the errors and the virus from the computer and recover all the data?” All Novick needed was $400.

Novick agreed to a lower price and provided her credit card.

Yakeen didn’t know that Novick was actually a Federal Trade Commission (FTC) investigator and she had recorded the entire encounter, which had been conducted using a clean PC located within an FTC lab.

PCCare247 used the cash from this scam to build more business, spending more than $1 million advertising accounts on Google. The money bought “sponsored search results” that appeared when users searched for terms, including “virus removal.”

The FTC obtained a restraining order (TRO) against PCCare247, which made it all but impossible to do business in the US. Most of the company’s cash had already been transferred to Indian banks, but the TRO did shut down the company’s domain name, local phone numbers, and credit card processing. New money would not be flowing.

Well done the FTC.

http://fightbackonline.org/index.php/fightback/16-stories/24-us-government-takes-down-pccare247-scammers

The Telephone Preference Service

TPS Logo
The Telephone Preference Service is provided by the government and lets you register your phone number. Once registered it is illegal for cold callers to call your number (legally, telemarketers must not to call a TPS subscribed number after 28 days, but you should start noticing a gradual decline from registration).

Registration is free and only takes 2 minutes.  The service was setup because there so many cold callers from companies about PPI, Accident Claims, Overseas Scams, Spam SMS and Other Nuisance Calls.

The original legislation was introduced in May 1999. It has subsequently been updated and now the relevant legislation is the Privacy and Electronic (EC Directive) Regulations 2003.

Q. Who can register?

TPS is for consumers at their residential address, sole traders and, except in Scotland, partnerships, but not businesses.  There is also a separate corporate telephone preference service for companies to register their phone numbers to prevent cold callers.

Q. Who pays for TPS?

No money is received from the Government to run the Service, the direct marketing industry pays for it. They will also take complaints against cold calling companies but they don’t do enforcement – that’s down to the Information Commissioners Office.

If you are plagued by cold callers – then register with TPS online, but beware of callers pretending to offer this service – they are usually scammers.