We have received many reports from customers who have received emails claiming that a cyber criminal has hacked their PC and gained footage from their webcam of explicit sexual acts. They threaten that unless they pay $xxxx (usually in Bitcoin currency) that they will leak this video onto the Internet and activate malware that they have installed on their PC.
Furthermore, In the email subject line you may also note that they have included a previously used password from a website that the user has accessed, this is to further strengthen your belief that this is real and solidify their attack on you.
First, we want to reassure everyone these are hoax, Phishing emails, designed to get you to part with your cash and create fear to make you engage in a knee-jerk reaction to what seems to be a terrifying attack on your privacy.
How to stay safe
Here are a few tips on what to do:
- Never pay anyone in Bitcoin or react (or interact) with a scammer.
- Never click a link or open an attachment to scam emails demanding a ransom.
- Always use complex passwords for the sites you use, especially ones with personal identifiable and sensitive information (i.e. Social Media, Banks, Shopping Sites, etc.)
- Only access sites that are secure (with the padlock and starting with https://)
- Never reply to a scam email.
- If you think your password has been compromised in anyway, change it.
- If you have gone too far and divulged your bank or card details to a scam email or rogue website, then you must inform the bank immediately.
If you want to know more about how to stay safe online please visit https://takefive-stopfraud.org.uk/
If you have been a victim of fraud then report it to Action Fraud by calling 0300 123 2040 or visit https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
Cyber-attacks are on the rise; so, what can we do to protect our identity and keep our information safe? Read my action To-Do-List to keep yourself safe online and out and about.
it was only last week when Northern Lincolnshire and Goole NHS Foundation Trust suffered a major incident after systems were infected by a computer virus and now this week Tesco Bank suffered a sophisticated attack which saw monies taken from 20,000 of its customers’ accounts.
Here are my recommendations to keeping you safe online and out and about.
- Use a quality anti-virus solution and keep it up to date. There is no point scrimping on security here, an anti-virus application will provide several security benefits including malware protection, firewall and browsing protection.
- Always use a strong password, which is a critical factor of preventing access to your information. It doesn’t have to be overly complicated either, simply take this famous pangram “The quick brown fox jumps over the lazy dog” and ask yourself how many ways can you write just part of this sentence (i.e. “TheQuickBrownFox”, “Th3Qu1ckBr0wnF0x”, or “Th3QBF0x”)? You can use your own sentence and create your own short versions to create your password, there is literally endless possibilities and combinations.
- Password protect your PC and lock it when you step away, even if you are just visiting the loo.
One of the biggest concerns most people have is with safe browsing, but what does that mean? I define it as visiting known websites or searching for information on the Internet. To safely surf the Internet you should follow these simple rules:
- Never search for a website that you know the address for, always type the fully URL of the website instead of just the name. For example when visiting the BBC website don’t just type “bbc” into a search engine as you are then presented with a mountain of responses to choose from and the first one isn’t always the correct one, instead type “www.bbc.co.uk” which will take you straight to the site.
- Always use bookmarks for regularly visited websites (i.e. Bank, shopping sites, etc.)
- Never install browser add-ons, toolbars and extentions when you don’t know what they do, this is one of the major causes of browser hijacking to date.
- Turn on Pop-up blocker to stop ads and unwanted browser activity and selectively allow only those sites who need them (i.e. your bank might sometimes pop-up a window to present your latest bank statement).
Out and About
Cyber security isn’t just about what you do at home and work on your computers, it is also about what you do when you are out shopping, visiting friends and using your mobile devices. Here are my recommendations to reducing your chances of being cyber attacked when you’re out and about.
- Check that cash machines haven’t been tampered with, credit card fraud can happen if a criminal has skimmed your card directly from a machine that has been altered to read your card and capture your PIN.
- Always make sure no one can see your PIN number when typing it in, this should always be observed in shops and cash machines. Don’t be afraid to ask people to step back if they are too close.
- Lock you mobile devices with a PIN in case you loose it and enable track and trace.
- Don’t keep PIN numbers written down and if you absolutely have to don’t keep them in the same place as your cards.
- Never let your card out of your sight, even at your friendly supermarket
- If someone asks to use your mobile phone in an emergency just ask for the name of the person they want to call and the number and call it yourself, only handover the handset once you are assured you are dialling a legitimate number and talking to real person.
My last piece of advice I want to share with you is this, DATA is KING, after all cyber crimes are not just about stealing your money, it’s about stealing your information and the more detailed the information the better. So we must back it up and back it up with a quality backup solution. It is admiral to watch someone backup their data to a USB pen drive or external hard drive only to then loose it or break it. If you get hit with ransomware, lose your mobile device or simply delete your data (accidentally or by malware) the chances of recovery has been increased significantly when correctly backing up your data.
For more help with securing your IT systems, why don’t you give us a call on 0844 334 2020 or email email@example.com
Can I Trust Emails From HMRC?
Recently and after our previous blog “http://www.rlscomputers.co.uk/news/?p=300“ we have been asked “Can I Trust Emails From HMRC?“
The answer is not as simple as it might seem, we have already highlighted the root cause of Phishing emails and why fraudsters send them. Therefore it is highly probable using the guides in my previous blogs that someone will attempt to defraud you at some point claiming they are from HMRC.
Okay, so what to look out for:
- If the email is from a legitimate source they would normally point you to the web address both visually and as a hyperlink. For example see my link above “http://www.rlscomputers.co.uk/news/?p=300″ instead of using just “How to Spot a Phishing Email” as the link. This gives you the choice to type the link in opposed to only clicking the link.
- Language, if the email is written responsibly then the language would make sense. You woodn’t find bad landwich and granma from the hmrc (exaggerated example, but you get the point).
- Fake images, alot of HMRC Phishing uses fake or forged images, normally grabbed from Google images. This is NOT a sign of genuine origins so ignore it.
- Greed, we all like money and want more of it, however don’t succumb to emails from HMRC telling you that you have received a TAX refund / rebate. HMRC will never contact you about these via email.
These are a few of the key notes you should remember before opening, clicking, acknowledging emails from HMRC, if you follow them it will keep you safe and in the know that the emails they do send you are quite safe to open and deal with.
Other Useful Links
HMRC Phishing Email Examples: http://www.hmrc.gov.uk/security/examples.htm
Geniune HMRC Contacts: http://www.hmrc.gov.uk/security/contacts.htm
Phishing Emails – Your choice Blog: http://www.rlscomputers.co.uk/news/?p=43
Norfolk County Council Business Scams: http://www.norfolk.gov.uk/Business/Trading_standards/Business_scams/index.htm
Norfolk County Council Consumer Scams: http://www.norfolk.gov.uk/Community_and_living/Consumer_advice_and_protection/Scams/NCC051378