Cyber criminals have launched a new malware campaign which aims to install malware on victims’ computers via an email alert supposedly sent by the City of London Police.

The cyber attackers have been sending out thousands of automated emails with the subject ‘Homicide Suspect’. The email provides some vague information around the subject, telling the reader that they are raising awareness around a recent case of homicide, it tells the reader that they need to open the attachment to find out more information.

If the reader clicks on the attachment, malware is immediately installed on the device and the cyber attacker is able to gain access to information stored on it.

Not all Anti-Virus companies are currently recognising this as a cyber attack which means that anti-virus software isn’t necessarily protecting the computer from this type of malware. This makes it even more important for people to be vigilant; not clicking on emails or attachments from unknown senders.

Pauline Smith, Head of Action Fraud said: “Cyber attackers will stop at nothing and will take every opportunity they can to take advantage of people’s computers and mobile devices”.

“Be careful about what emails you choose to open and be aware of the risk of opening any documents attached. These criminals will play on your curiosity and coax you in to opening what is inside, please just delete these types of emails straight away”.

World Rugby are warning fans to be vigilant regarding a growing number of scams in the form of fake lotteries or sweepstakes claiming to be connected with or authorised by Rugby World Cup 2015, Rugby World Cup Limited (RWCL) and/or World Rugby.

Fans are being contacted (mostly via email), in the name of (or using trademarks associated with) RWCL, Rugby World Cup 2015 and/or World Rugby (formerly known as the International Rugby Board). Some correspondence falsely informs people that they have won a competition through an automated ballot.

Prizes are supposedly being awarded in a range of currencies that include pounds, dollars and rand, and can be claimed via the payment of an administrative fee, or by submitting personal details to an unofficial e-mail address.

Won tickets

Other correspondence tells people that they have won tickets to Rugby World Cup 2015 matches, with ‘winners’ getting the chance to travel to England and Wales to watch the Rugby World Cup 2015 tournament..

Buying online Rugby World Cup 2015 tickets – what to look out for

• Who? Who are you buying from? Is this person likely to have Rugby World Cup 2015 tickets to sell? Some unauthorised sellers may not have tickets to sell. To check whether a company or a certain website is an official Rugby World Cup 2015 channel and has therefore been allocated tickets and authorised to sell them to the public, use the ‘Official Checker’ tool which is located at www.rugbyworldcup/buyofficial

• When? When will you get the ticket? Contact the seller to confirm that they actually have the ticket to supply to you, and confirm you will get it in good time before the event. Some unauthorised websites will take your money, and try subsequently to get you a ticket – but may not guarantee to supply. To eliminate risk, buy from the official channels. More information is available at www.rugbyworldcup.com/ticketing

• What? What are you actually getting? Does the ticket have restrictions – for example on age?

• Where? Where will you be sitting? If you are buying several tickets, will all seats be located together?

• How much? How much will you be paying? Some sites charge delivery or administration fees, so the first price you see may not be the one you end up paying.

• How much is the face value of the ticket? When tickets are resold, unauthorised sellers might charge a price that is different to that printed on the ticket. If the charges do seem high, it is a good indication that the tickets are being sold through unofficial channels, so check the ‘Official Checker’.

• What if? What happens if something goes wrong? For example, will you get your money back if the ticket doesn’t arrive? Make sure you understand what you are covered for if something goes wrong.

Action Fraud UK has reported that the personal details of up to 2.4 million Carphone Warehouse customers have been accessed by hackers and 90,000 credit cards exposed, the mobile phone firm has admitted.

Carphone Warehouse, which is owned by Dixons Carphone said the “vast majority” of customers are unaffected, but if you’ve done business with OneStopPhoneShop.com, e2save.com, Mobiles.co.uk, TalkTalk Mobile, Talk Mobile or Carphone Warehouse then you might be involved.

The security breach was discovered on Wednesday last week but the company only released details about it on late on Saturday 8th August and confessed that the personal information of millions of customers – including bank details, addresses, names and dates of birth may have been accessed by hackers.

Up to 90,000 customers may also have had their encrypted credit card details accessed, it said in a statement.

The company has sent an email to anyone who may be affected by the hack, alerting them that they should notify their bank and check for any suspicious activity on their account.

Sebastian James, chief executive of Dixons Carphone, said: “We take the security of customer data extremely seriously, and we are very sorry people have been affected by this attack. We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”

What can those who have been affected do?

• Contact your bank/credit card company, so that they can monitor for suspicious activity on your account.
• Change your password for your online account. Use three words or more and include a symbol and use upper and lower case letters and numbers. You should change passwords often and never use the same one twice.
• Monitor your account for any suspicious or unexpected activity.
• Beware of targeted phishing emails. If you receive unsolicited emails never reply with your full password, login details or account details. Don’t click on any links as you could end up downloading a virus.
• Be wary of anyone calling asking for personal information, bank details or passwords. If in doubt, just hang up.
• Watch out for signs of identity crime. Visit Experian, Equifax or Noddle to check your credit rating to make sure no one has applied for credit in your name.

For further information please visit Dixons Carphone website.

The message shown below is a real example of a Nigerian or 419 Scam, received by email in August 2015. The message promises the recipient a share in a large sum of money and invites recipients to contact him by phone or email. This sum of money does not exist. Recipients who initiate a dialogue with the scammer by replying to this message will eventually be asked for advance fees supposedly required to allow the deal to proceed. They may also become the victims of identity theft.

If you receive this or a similar message, DO NOT reply. If you have already replied, DO NOT comply with subsequent requests to send money or provide personal information

“Hello,

I am Mr Benjamin Basha, I served in the Libyan presidency on defence and my status put me in a position of responsibility and authority.

I am interested in doing business with you as I am in possession of some funds, US$ 65, 000, 000 .00 (SIXTY FIVE MILLION UNITED STATES DOLLARS), which I wish to invest as a matter of urgency through you.

If you are conversant with public issues, Libya recently went through terrible strive/civil war. I was mandated as Head of Delegation to purchase arms/ ammunitions by the government of Libya (Gaddafi Government).

I had already finished negotiations and this said sum was already transferred into an escrow account to a Bank in Hong Kong, which I am the only signatory to this escrow account.

I was in the Republic of Malta, (Republic of Malta is just 221 miles from Tripoli, Libya) for the arms/ ammunitions negotiations when I learnt of the death of Colonel Muammar Gaddafi. I immediately stopped all negotiations on the arms purchase as the funds was already in an escrow account as funds meant for Offshore investment with the space of the Fund Manager left blank.

Presently, the existence of this money is unknown to anybody and is backed up by a Certificate of Clean fund issued by the Hong Kong Government absolving the money from drugs or money laundering activities. I find it necessary to invest this money offshore in viable business ventures through your company or your personal guidance and assistance. I have worked on the whole arrangement and only expect your favourable response to put the machinery into motion that will further our mutual personal and business relationship.

I am currently in the Republic of Malta on political asylum grant as such I cannot move these funds out of the Escrow account in Hong Kong as the law prohibits an asylum seeker of such activity or even to operate an account.

You may contact me on the phone number or email address provided below so I can give you details of the whole arrangement I have made which are absolutely smooth and will ensure no delays once we work hand in hand with each other.

I await your esteemed response while counting on your sense of confidentiality, as it is my desire for this to be done as directly as possible. I will offer you 20% of the total money and the remaining 80% will be for my investment in your country. Please, kindly contact me on telephone number +356 3550 0046 or Email:  benjaminbashar189 (at) gmail.com“

This was received a few days ago from allegedly the US Treasury Dept. Do not open the attachment or reply to them with the information requested. This is a phishing attack aimed at the scammer getting you to divulge your personal details in order to remove money from your bank account. It is easily identifable as fraudulent due to poor grammar.
“From: Us Treasury Dept <ustddepptt (at) aol.com>
To: Addressees name removed
Sent: Monday, August 3, 2015 11:05 AM
Subject: US TREASURY DEPT

Dear  Addressees name removed,
This is writing to inform you that we received instruction and your payment hence we have been instructed  to transfer directly into your  bank account or make a delivery to your home without hitches since are handling it directly.

The fund was sent to us after an investigations and discussions with African leaders by United Nations and IMF Leaders and top usa delegates so without wasting much time you are to be considered lucky to receiving your fund finally.

Reconfirm to us immediately the following information’s below to avoid   transfer mistake;

Your  Names and Address:
Your Your phone number:
Your Full banking informations
Your International passport or Drivers licence copy for identification

As soon as we receive them I will proceed with the release and payment  of your funds in full value.

You can also call me on the phone on 830 399 4598

Jacob Lew
Secretary,US Treasury Dept”

The following has been reported in the UK in the last few days.  If you have any sons, daughters or grandchildren off to university then please check this out

Seasonal rental fraud is an emerging trend with students looking for suitable accommodation around August, before the start of the new term.

Fraudsters use a variety of websites to advertise available properties to rent, often at attractive rates and convenient locations. Adverts will seem genuine, accompanied by a number of photos and contact information to discuss your interest.

Due to demand, students will often agree to pay upfront fees to secure the property quickly, without viewing the property, only to discover that the fraudster posing as the landlord does not have ownership of the property, or often there are already tenants living there.

Protect Yourself

• Only use reputable letting companies.
• Do some online research such as using Google maps to check the property does exist.
• Make an appointment to view the property in person.
• Always view the property prior to paying any advance fees.
• Look out for warning signs, such as landlords requesting a ‘holding deposit’ due to the property being in high demand.
• A landlord will usually conduct some due diligence on any successful applicant. Be wary of handing over cash without the landlord requesting employment or character references.

Police are advising Facebook users to watch out for a scam that tricks people into hacking into their own accounts.

The hoax works by telling people that following a series of instructions will guarantee them access to anybody’s account.

It tells victims to open up Facebook in a web browser and go to the Facebook page of the person they want to hack. Then, it says, the user should right-click anywhere on the page and from the popup menu select “Inspect Element”. This brings up an HTML editor at the bottom half of the web browser.

In this editor, the scam instructs readers to copy-paste a string of code given.

But far from giving the user access to another account, following the guidance merely provides the scammers with all the details they need to access the would-be hacker’s account.

Once the fraudsters are in control of a user’s account, they can use it to post more fake instructions, or launch new scams.

Facebook has warned users not to paste any strange code into browsers.

“If you see this kind of scam on Facebook, you should report it by clicking the arrow in the upper-right corner of the post and selecting ‘This is Spam.’

“If you have fallen victim to this scam, you should contact Facebook immediately and consider changing your password.”

These are some examples of parcel delivery scams that have been received in the last week or so. Both contain zip files as attachments. The second has a Russian email address. Do not open these as they will likely introduce Malware to your computer.

Example 1:

“From: Paula Land
Sent: Saturday, July 25, 2015 6:24 AM
To: Paula Land
Subject:

Dear Consignee,

Contact your nearest DHL postal office to receive your shipment. Your airway bill is also attached, kindly review to locate shipment tracking information.

Paula Land

Main +1 754 300 2840| Fax +1 454 300 2840

Paulal (at) k12.co.us

898.XiuWen Road

Rose Hill, Kansas 67133 | USA

Example 2:

From: FedEx International MailService <robert.bray (at) m2.souz5.beget.ru>

“Dear Customer,

This is to confirm that one or more of your parcels has been shipped.

Delivery Label is attached to this email.

Warm regards,

Robert Bray,

Sr. Operation Agent”.

Beware the following email which is from a scammer but pretending to be from Linkedin. If you click here as instructed it will allow the scammer to download malware onto your computer. Do not reply and simply delete. This was brought to our attention on 23rd July 2015, by someone who received this in the Algarve.

“From: “LinkedIn” <joachim.bortz (at) t-online.de>

Subject: Mail Activity Report

Date: 23 Jul 2015 09:35:16 WEST

To: Email address of receipient

A hacking group calling itself The Impact Team is threatening to expose the identities of 37.5m users of notorious extramarital dating website Ashley Madison

Ashley Madison, the website for people seeking extramarital affairs, has suffered a major cyberattack, with hackers threatening to expose the names of adulterers unless the site is taken offline.

The controversial on-line dating agency which has 37.5m users – including 1.2m Britons – carries the tagline: “Life Is Short. Have An Affair”. The service is founded on confidentiality and privacy, claiming to be a “100pc discreet service” and boasting a “Trusted Security Award” on its homepage.

The hackers, going by the name “The Impact Team”, posted a small sample of sensitive data, along with a statement demanding the takedown o Ashley Madison and Establishment Men an online dating site that claims to connect “young, beautiful women with successful men”. The data and the statement have since been taken offline.

Avid Life Media, the company that owns Ashley Madison, confirmed the hack and apologised for “this unprovoked and criminal intrusion into our customers’ information”.

“We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world,” the company said in a  statement.

“As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.”

The Impact Team said it decided to publish the information in response to alleged lies Avid Life Media told its customers about its “full delete” feature, which allows members to completely remove their profile information for a $19 fee.

According to the hackers, although Ashley Madison promises “removal of site usage history and personally identifiable information from the site,” credit card details – including real name and billing address – remain online.

“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms,” said The Impact Team in a statement seen by Krebs onSecurity if their demands are not met, the hackers are threatening to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails”.

Avid Life Media said it has now removed the all posts related to the hack, as well as all personally identifiable information about its users published online, under the Digital Millennium Copyright Act. It is also working with forensics experts, security professionals and law enforcement agencies to investigate the incident.

“Any and all parties responsible for this act of cyber–terrorism will be held responsible,” it said. “We will continue to provide updates as they become available.”