Wednesday, 3 March 2021

Sextortian scams surge during pandemic

In January this year, Avast threat researchers blocked over 500,000 attack attempts from cybercriminals claiming to have recorded videos of unsuspecting victims during private moments online. These attacks, known as sextortion scams, attempt to blackmail victims by threatening to make these apparent recordings public unless a payment is made to the scammer. Avast threat labs researchers advise people to stay calm and ignore sextortion emails instead of reacting to them, as they usually are fake claims. 

Cybercriminals have been using the increase in video conferencing services during the Covid-19 pandemic to validate their false claims and provoke a reaction from the victim. The fraudsters allege to have taken advantage of critical vulnerabilities in the Zoom application, allowing them to access a user’s device and camera. It is important to note that Avast has not found any actual vulnerabilities in the Zoom application.

“Sextortion scams are dangerous and unsettling, and can even have tragic consequences resulting in the suicide of affected users. During the Covid-19 pandemic, cybercriminals likely see a strong opportunity for success as people spend more time using video conference applications and in front of their computer overall,” said Marek Beno, malware analyst at Avast. 
“As scary as such emails may sound, we urge people to stay calm if they receive such a message in their inbox and ignore it, as it is just a dirty trick that cybercriminals use to try to get your money.”

Another common sextortion campaign identified by Avast is an email in which the attackers claim a Trojan was installed on the recipient’s machine, which has recorded their actions with a microphone and webcam, and extracted all data from their devices including chats, social media and contacts. A ransom is demanded and often includes a note about a fake “timer” that started when the email was received in order to set a ransom deadline. This campaign is also fake and uses social engineering to coerce people into paying. 

Read the full article to find out how to recognise and protect yourself from sextortion emails. 

Staying safe from email scams

Fraudsters are constantly coming up with new ways of trying to defraud people in relation to all manner of products and services, including loans, dating, holidays, business opportunities, clairvoyants, pharmaceuticals, lottery prizes, fake COVID vaccines, even recovery of money lost to fraud and a whole lot more. 

Here we look into some of the different types of email frauds that are currently quite common and what to look out for to indicate that an email may not be genuine.

COMMON TYPES OF EMAIL SCAMS

  • 419 Emails: You are offered a share in a large sum of money in return for helping to transfer it out of the country. Once you have given the criminals your bank account details, they empty your accounts.
  • Phishing: An email that purports to be from companies such as banks designed to trick you into revealing your personal information and passwords. REMEMBER: your bank will NEVER contact you out of the blue to ask for your PIN, full password or to move money to another account. 
  • Pharming: Pharming is a term used when you are directed from a link in an email to a website that spoofs a legitimate website in order to access your personal details.
  • Impersonation of UK official websites: For example HMRC, with an email message claiming you are due a refund and requesting your bank account details or directing you to a website link.
  • Impersonation of UK officials: Criminals impersonate a UK official to obtain personal information and steal money, often claiming that you are due a refund or must make an urgent payment. Examples of this scam include TV License, the HMRC Tax Rebate and the Council Tax Scam. 
  • Investment scams and pension scams: Emailed offers of worthless, overpriced or non-existent shares, or a time-limited opportunity to convert some or all of your pension pot into cash. Click here to find out more about these.

HOW TO SPOT A SCAM EMAIL

  • The sender’s email address looks suspicious. Roll your mouse pointer over the sender’s name to check it. If it doesn’t match the website address of the organisation it says it’s from it could be a sign of a scam. 
  • The email doesn’t use your name – it says something like ‘Dear customer’ instead. 
  • There’s a sense of urgency, asking you to act immediately. 
  • There’s a prominent website link that may look at first glance like the proper address but has one letter missing or is spelt wrong. 
  • There’s a request for personal information. 
  • Poor grammar and spelling mistakes. 
  • The entire text of the email is contained within an image rather than the usual text format, and the image contains an embedded hyperlink to a bogus site. Again, roll your mouse pointer over the link to reveal its true destination. But don’t click it!
It is almost impossible to keep up with the variety of fraudulent emails that are increasingly appearing on our computer screens and smartphones. However, by taking your time and following the simple steps below you can better protect yourself from falling victim to attempted email fraud.

TOP TIPS

REMEMBER: IF SOMETHING SEEMS TOO GOOD TO BE TRUE, IT USUALLY IS!

  1. Create a separate password for your email accounts 
  2. Make sure you have strong passwords with 3 random words and change these regularly. Find out more about strong passwords here
  3. Install two-factor authentication (2FA) for your email accounts. This is an additional process to secure your account.

Further actions you can take to keep safe

  • Look after your mobile devices. Don’t leave them unattended in public places, and protect them with a PIN or passcode.
  • Ensure you always have internet security software loaded on computers and update to new versions immediately. 
  • Don’t assume that Wi-Fi hotspots in places like cafes and hotels are secure. Never use them when you’re doing anything confidential online, like banking. Use 3G or 4G. 
  • Never reveal too much personal or financial information (such as in emails, on social networking and dating sites). You never know who might see it or use it. 
  • Always consider that online or on the phone, people aren’t always who they claim to be. Fake emails and phone calls are a favourite way for fraudsters to approach their victims.
  • Don’t click on links or open attachments if the source isn’t 100% known and trustworthy, or it seems strange that you’d be receiving them. 
  • Always access internet banking sites by typing the bank’s address into your web browser. 
  • Never pay for anything by direct bank transfer unless it’s to someone you know personally and is reputable
  • Never respond to emails, texts, letters or social media that look suspicious, including messages with bad spelling or grammar. 
  • Be cautious when going to a website from a link in an email and then enter personal details – the email could be fraudulent. 
  • If someone you’ve never met in person asks you for money, that should be a red flag. Tell them you’re not interested and stop all contact. 
  • When shopping online always sign up to American Express SafeKey, Verified by Visa and MasterCard SecureCode so look for the padlock or unbroken key symbol when you first visit a site. Where possible make your purchase with a credit card or via a credible online payment system (such as PayPal) which protects you in the event of fraud.

If you are at all suspicious, heed your instincts! You are most probably right to be concerned. Report all emails that you believe to be fraudulent to report@phishing.gov.uk. 

Friday, 19 February 2021

COVID-19 vaccine fact check

 


Beware of bogus text and emails about vaccines claiming to be from the NHS.




Click on images above to enlarge.


Bexley Civc Offices - no symptoms rapid testing site

 


Covid-19 no symptoms rapid testing






Neighbourhood Watch members feel a closer belonging to their neighbourhood than non-members

THE GRASSROOTS VOLUNTEER-LED CHARITY HAS SEEN A GROWTH IN POPULARITY SINCE THE START OF THE PANDEMIC DESPITE CRIME FIGURES DECREASING

  • The charity has over 86,000 new supporters registering to receive information from them since the start of the pandemic (March 2020) despite the police recording 5.8 million crimes in England and Wales in the 12-month period to year ending June 2020, a 4% decrease form the previous year.

  • The charity has seen over 1.2 million users visiting their website in the year ending Feb 2021, an increase of 88% from the previous year

  • The charity’s website is attracting 10% more younger supporters (under 34-year-olds) since the start of the pandemic than previously

    Since the start of the pandemic (March 2020) over 86,000 people have opted to receive information from Neighbourhood Watch, and their new website attracts an average of over 100,000 monthly viewers. The vast majority of those users using the search facility to find their local Neighbourhood Watch scheme.

    The charity is attracting 10% more younger supporters (under 34-year-olds) to their website since the start of the pandemic than before.


Website users between March 2020 – Feb 2021 (blue) and March 2019 – Feb 2020 (orange)

Surveys sent to all new members since March 2020 indicate that the charity is attracting a new, younger membership. Over 13,000 new members responded to their survey and of those (indicate ages).

The majority (66%) of new members joined as they were concerned about community safety. 44% said they joined to actively help make their community a better place to live whilst 33% cited a rise in crime in their area as a reason for joining. 

Saturday, 13 February 2021

Bitcoin-Related Scam Emails

We’re warning the public to be vigilant of unsolicited emails promoting cryptocurrency (Bitcoin) investment opportunities. We’ve received over 750 reports this week about Bitcoin-related phishing emails that use fake celebrity endorsements to try and lure victims into investment scams. The links in the emails lead to fraudulent websites that are designed to steal your money, as well as personal and financial information.


How you can protect yourself:
  • Investment opportunities: Don’t be rushed into making an investment. Remember, legitimate organisations will never pressure you into making a transaction on the spot.
  • Seek advice first: Speak with a trusted friend or family members, and seek independent professional advice before making significant financial decisions.
  • FCA register: Use the Financial Conduct Authority’s (FCA) register to check if the company is regulated by the FCA. If you deal with a firm (or individual) that isn’t regulated, you may not be covered by the Financial Ombudsman Service (FOS) if things go wrong and you lose your money.
  • Report suspicious emails: If you have received an email which you’re not quite sure about, you can report it to the Suspicious Email Reporting Service by forwarding the email to - report@phishing.gov.uk
To see examples of the Bitcoin-related phishing emails that have been reported to us, follow Action Fraud on Twitter or Facebook.

Tuesday, 9 February 2021

Bexley Houndwatch - new initiative


Bexley Borough Neighbourhood Watch Association are pleased to announce a new initiative – HOUNDWATCH.


This is designed to help prevent dog thefts, collate and raise awareness of antisocial behaviour, and improve the overall safety of dog walkers.

We ask that you

  • as a dog walker come & join us in fighting crime by registering with us for this new initiative.
  • report anything suspicious that you might see while you are walking your dog.
By providing your email address we will be able to send you crime news alerts from within the borough.

What we need you to do


We need you to report anything suspicious that you might see while you are walking your dog. This information can then be circulated to warn other dog owners registered as HoundWatch members.

If you see a crime happening or there is a threat to life call 999. If a crime has already taken place or you need to report something or someone suspicious ring 101.

In both instances, you also need to report what you have witnessed by sending an email to Neighbourhood Watch/HoundWatch at bexleynw@outlook.com
To register for HoundWatch contact Claire Tack at Bexley Neighbourhood Watch via email bexleynw@outlook.com or ring 020 8284 5537.

Visit our Bexley Houndwatch Facebook Group (public) for more information about this new initiative on dog theft Safety advice, reporting and alerts.

We want to thank you for the support you give to Bexley Neighbourhood Watch.  We are very proud of our community and of the people who live in it.  

Sextortian scams surge during pandemic

In January this year, Avast threat researchers blocked over 500,000 attack attempts from cybercriminals claiming to have recorded videos of ...