Archives: Cybercrime Alerts

A new centre to protect the UK against cyber-attacks was officially opened by the Queen on 14^th February 2017.

The National Cyber Security Centre (NCSC) in London is designed to improve Britain’s resilience to attacks and act as an operational nerve centre.

“We want to make the UK the hardest target,” Ciaran Martin, the centre’s chief executive, told the BBC.

The NCSC – part of intelligence agency GCHQ – says the UK is facing about 60 serious cyber-attacks a month. There were 188 attacks classed by the NCSC as Category Two or Three, against national security, during the last three months.

And even though the UK has not experienced a Category One attack – the highest level, an example of which would have been the theft of confidential details of millions of Americans from the Office of Personnel Management – there is no air of complacency at the NCSC’s new headquarters in Victoria.

“We have had significant losses of personal data, significant intrusions by hostile state actors, significant reconnaissance against critical national infrastructure – and our job is to make sure we deal with it in the most effective way possible,” Mr Martin says.

As well as protecting against and responding to high-end attacks on government and business, the NCSC also aims to protect the economy and wider society.

The UK is one of the most digitally dependent economies, with the digital sector estimated to be worth over £118bn per year – which means the country has much to lose.

Hackers have targeted Britain with a serious of cyberattacks following a “step change” in Russian aggression, Ciaran Martin, head of GCHQ’s new National Cyber Security Centre (NCSC) has chillingly claimed.

Mr Martin said there were 188 serious attacks in the past three months, many of which threatened national security.

He highlighted the surge in Russian activity as the Kremlin sought to “assert power and influence against the West”

Martin said: “Part of that has been attacks on political institutions, political parties and parliamentary organisations.

“In the case of government departments, [it is] getting into the system to extract information on UK government policy on anything from energy to diplomacy to information on a particular sector. “With companies, it could be to steal intellectual property and sometimes you would get states in that business.”

Britain is set to pump billions of pounds into the cyber battle against Russia as the threat increases.

British Chancellor, Philip Hammond, said: “The new centre had blocked 34,550 ‘potential attacks’ on government departments and members of the public in the past six months – about 200 cases a day.

Released on the day of Safe Internet Day,7th February 2017 the study points out that “the increasing number of threats that children encounter online is now having a negative effect.”

Two thirds of the children surveyed in a European study admitted being afraid to use the Internet for fear that a stranger to the bully, ask them to do something illegal or can access

The survey, sponsored by computer security firm Kaspersky Lab and developed by Opinion Matters, involved 5000 children between the ages of 10 and 15 residing in Germany, France, Spain, Italy and Benelux.

Released on the day that marks the Safer Internet Day, the study points out that “the increasing number of threats that children face online is now having negative effects”, with 67% of children “to admit they are afraid or are concerned when they are online . ”

Data reveal that 29% of children said they were afraid that a stranger might intimidate them, while 23% confessed they were afraid that an unknown person would ask them to do something that they are not comfortable with.

Already 22% fear that a stranger ask them to do something illegal and 21% that unknown people can access information they put online even after they have deleted.

Action Fraud UK have reported that fraudsters have been continually requesting victims purchase Apple iTunes gift cards as a means of payment for cons involving Her Majesty Revenues and Customs (HMRC).

The fraudsters are using the following contact methods to defraud people:

Voicemails: Fraudsters are leaving victims automated voicemails stating they owe HMRC unpaid taxes. When victims call back on the number provided, they are told that there is a warrant out for their arrest, unless they make payment via iTunes Vouchers.

Spoofed calls: Fraudsters are cold calling victims using a spoofed 0300 200 3300 number and convincing them that they owe unpaid tax to HMRC.

Text messages: Fraudsters are sending text messages requesting victims to urgently call back on the number provided. When victims call back, they are told that there is a case being built against them for an outstanding debt and they must pay immediately.

Fraudsters are using iTunes gift cards to collect money from victims because they can be easily redeemed and sold on. The scammers don’t need the physical card to redeem the value and instead get victims to read out the serial code on the back over the phone to them.

How to protect yourself

• HMRC will never use text message to inform about a tax rebate or penalty.
• HMRC will never ask for any payment in the form of iTunes Vouchers.
• HMRC will only post out a P800 tax calculations, in circumstances of under or overpayment of taxes, if you’re employed or get a pension.
• Payments using iTunes Vouchers may not be recoverable.
• Telephone numbers and text messages can easily be spoofed. You should not trust the number you see on your telephone display as proving the caller is genuinely calling from HMRC.
• Be protective of divulging other personal details such as National Insurance number, passport number and bank details over the telephone.

If you receive an unexpected call, whereby the caller requests an advance fee in the form of iTunes gift cards, the call should immediately be terminated.

Key findings of a new study conducted by Keeper Security that analysed 10 million hacked accounts from breached data dumps for the most popular passwords.

Users’ bad habits are still one of the biggest problems for the IT industry, weak passwords and their reuse on multiple websites every day potentially expose a billion users to cyber-attacks.

I’m not surprised by the results of a new study conducted by the security firm Keeper Security that analyzed 10 million hacked accounts from breached data dumps for the most popular passwords.

Below the Top 10 Keeper Security’s 2016 most popular password list:

123456

123456789

qwerty

12345678

111111

1234567890

1234567

password

123123

987654321

Most used passwords continue to be 123456 and 123456789 despite the numerous awareness campaigns on a proper security posture, “123456” accounts for 17 per cent of the overall amount of hacked accounts the firm used as data sample.

“Looking at the list of 2016’s most common passwords, we couldn’t stop shaking our heads. Nearly 17 percent of users are safeguarding their accounts with “123456.” What really perplexed us is that so many website operators are not enforcing password security best practices.” states the report published by Keeper Security. “We scoured 10 million passwords that became public through data breaches that happened in 2016.”

The bad news is that the list of most popular passwords hasn’t changed over the years.

“The list of most frequently used passwords has changed little over the past few years. That means that user education has limits.” continues the study.

This aspect highlights the lack of a security policy that contemplates also the use of strong passwords and enforces it. Four of the top 10 passwords on the list are composed of just six characters or shorter, it’s very easy to brute force them it the system is not properly protected.

“Today’s brute-force cracking software and hardware can unscramble those passwords in seconds. Website operators that permit such flimsy protection are either reckless or lazy.”

The list also includes passwords like “1q2w3e4r” and “123qwe,” it is likely that some users attempt to use unpredictable patterns to generate strong passwords. Unfortunately dictionary-based password crackers include these variations.

The last point emerged from the report is that email providers don’t correctly monitor the use of their services made by botnet used for spam.

After accusations of being a fake news vehicle during the US presidential race and turning the result in favour of Donald Trump, Facebook is reacting and reports that it will debut scanning tools in Germany.

Facebook will debut a tool for verifying false news in Germany in time for the federal elections scheduled for this year in that country. Users who suspect that some content is fake may mark it to be sent to a non-profit organization called Correctiv that will validate the information. Even if false, the item is marked and appears an explanation of Correctiv to justify how he came to this conclusion, reports the The Next Web .

Users who try to share fake news will also receive an alert that the content they are broadcasting is not true. Finally, this type of news, once identified and marked, will appear in the bottom of the feeds, reducing the probability of being seen.

A Facebook spokesman confirmed that the initial focus will be on Germany, but that the company wants to extend these tools to other countries. Angela Merkel will face an anti-immigration party that has been growing a lot in recent times, in elections that are well-disputed.

The Internet has become an essential channel for e-commerce. Its instant global reach and anonymity make it possible to sell nearly anything to anyone at any time. Counterfeiters know it and are increasingly exploiting the unlimited opportunities offered by the World Wide Web. Fake products such as clothing, cosmetics, pharmaceutical products, electronics or automotive parts, can be easily found online at a cheaper price than the original ones.

Despite these products looking like a bargain, they pose serious risks to your safety and health. Learning how to identify these scam websites selling counterfeit goods is vital to protect yourself and those around you from this growing threat!

The quality of counterfeit products seems to be improving, the products now looking like exact copies of the original brand. There are a growing number of online B2B exchanges and e-commerce sites offering these products, many advertised via social media and search engines. Counterfeiters have become smarter at promoting these fakes and use advanced marketing techniques such as paid search ads, search engine optimisation, unsolicited emails or the use of branded terms in domain names.

When shopping online, you are more likely to fall victim to counterfeiters. In a digital environment, without the physical product to look at and feel, it can be more difficult for you to spot the differences. Some illicit websites selling counterfeits are so sophisticated that it is hard to detect that they are scams. Infringers are also exploiting mobile app stores as an ideal shop front. Again, users are less likely to question the legitimacy of an app, especially if it appears in an official app store.

Every time you buy fake products you are wasting your money away on poor quality copies that can be very dangerous for your health and safety, and those of the ones around you. The damage these sales do to brands, businesses and economies goes beyond revenues: profits from counterfeiting fund other forms of serious organised crime like human trafficking, money laundering or labour exploitation, and its production factories violate in most cases labour and environmental laws and basic human rights.

The best way not to F***(ake) Up and put an end to the fast-growing market of counterfeit products sold on the Internet is to stop buying counterfeit goods online.

When you buy fakes you are putting at risk your health and safety and those of the ones around you

These products are made without regard to the health and safety standards applicable on the EU market. Some consumer goods might contain harmful substances and toxic levels of chemicals that can result in heart attack, coma or even death.

The National Fraud Intelligence Bureau’s (NFIB) Proactive Intelligence Team have identified an emerging fraud where social media platforms are being used to attract members of the public to donate money to animal welfare charities overseas that do not exist.

The NFIB has discovered that criminal groups based in Spain or Cyprus and are using social media to target donors from the UK. The money is then laundered from the UK to overseas and rather than be used to tackle animal cruelty it is simply used to support a criminal lifestyle in the sun.

They will canvass for contributions through their existing social networks which will expand over time, attracting more donors.

The NFIB were informed that the people committing this fraud are merely supplementing their income as they are always linked to organised crime groups in the UK and overseas.

Protection advice

Sometimes the article or post on social media may indicate the payments are for charitable organisation or a “worthy cause”. Sadly not in all instances are these genuine, and if any doubt please undertake your own due diligence.

If the collection is for a charity you know is genuine, check the collection is authorised by asking the charity directly, using contact details from the phone book or a website that you know is genuine.

Watch out for poor grammar and spelling.

Send your donation to the charity directly. This may mean going to a little more trouble, but at least you can be sure your donation will get to where it’s intended.

If you have any concerns you can also get further information from Gov.uk.

According to Computer Weekly magazine, ransomware or malware that locks up data and demands payment for its release is set to evolve and make up the majority of cyber attacks in 2017, according to most predictions by security commentators.

Ransomware, typically in the form of encryption Trojans, grew rapidly in popularity with attackers in 2016, and these attacks are expected to cannibalise other more traditional attacks based on data theft in 2017.

The pursuit of profit is the primary motivation of cyber criminals, and ransomware is the simplest and most effective way to achieve this, said researchers at Panda Security.

But not only is the number of ransomware attacks expected to continue to increase, the malware involved is also expected to become more sophisticated, predict security experts at SecureWorks.

“Though most ransomware attacks are not targeted, it is likely there will be an uptick in targeted attacks in 2017,” said Alexander Hanel, a security researcher at SecureWorks.

“Compromising corporate environments through targeted attacks allows the attackers to request more money than they would receive from a typical user. That makes enterprise targets more attractive,” he said.

In 2016, a wave of ransomware attacks hit targets ranging from hospitals to a major metropolitan municipal railway system, said Hanel. “The proliferation of ransomware families and the success attackers have had in compromising systems makes it highly likely these types of attacks will continue in 2017,” he said.

The emergence of open source ransomware programs hosted on GitHub and hacking forums is expected to further spur the growth of these attacks in 2017.

“These programs are freely available for anyone who has the basic knowledge needed to compile existing code,” said Ondrej Vlcek, chief technology officer at security firm Avast.

“Even if the wannabe perpetrator doesn’t have the skills to create their own malware from free code, this can now also be readily outsourced. There is already a ransomware as a service [RaaS] model, which provides automatically generated ransomware executables for anyone who wants to get rich by infecting potential victims. The bottom line is that creating or buying your own ransomware has never been easier. So ransomware is here to stay and is expected to be a bigger problem yet in 2017,” he said.

While law enforcement action is expected to have some effect on general ransomware, security experts predict 2017 will see a rise in ransomware targeting mobile devices.

In the light of the fact that mobile users generally have their data backed up on the cloud, mobile ransomware will aim to steal users’ bank credentials and take money directly from their accounts, according to virtual private network (VPN) service provider NordVPN.

Security experts generally advise against paying ransoms because there is no guarantee the data will be restored.