Friday, 11 June 2021

Cyber Crime, fraud and Social Engineering

Fraud is when trickery is used to gain a dishonest advantage, which is often financial, over another person. Cyber crime is any criminal act dealing with computers and networks.

Cyber crime is any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet.

Fraud can be committed against individuals or businesses. Have a look in Action Fraud's A-Z of fraud for information about different types of fraud.

At least 41% of ALL crime in England and Wales is either cyber dependent or cyber enabled. UK residents are 20 times more likely to be defrauded at their computer than held up in the street (National Cyber Security Centre). Over 65s are more likely to lose money to fraudsters than to be burgled (Centre for Fraud Counter Studies).

Online fraud, also known as cyber crime, covers all crimes that:

  • take place online
  • are committed using computers, or
  • are assisted by online technology
Spoofing (masquerading - disguising email or phone number) is a cybercrime that happens when someone impersonates a trusted contact or brand, pretending to be someone you trust in order to access sensitive personal information. Spoofing attacks copy and exploit the identity of your contacts, the look of well-known brands, or the addresses of trusted websites.

Phishing (fraudulent emails) is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
  1. "an email that is likely a phishing scam"

Smishing (fraudulent text) is the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.
  1. "police say they have busted a gang in Maitland suspected of smishing"

Vishing (fraudulent telephone calls) is the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as bank details and credit card numbers.
  1. "many victims of vishing are people who are not tech-savvy"

Data leakage is the unauthorized transmission of data from within an organization to an external destination or recipient. The threats usually occur via the web and email, but can also occur via mobile data storage devices such as optical media, USB keys, and laptops.

Trace an email with its full headers

For an email you received in Gmail, you can see where the email came from by looking at its headers, including how it got from the sender to the recipient's mail servers.

How to read email full headers

  1. Open the email you want to check the headers for.
  2. Next to Reply Reply, click More Moreand then Show original.
  3. Copy the text on the page.
  4. Open the Message header tool.
  5. In "Paste email header here," paste your header.
  6. Click Analyze the header above.

See if message is delayed

  1. Open the email you want to check the headers for.
  2. Next to Reply Reply, click More Moreand then Show original.
  3. Next to "Created at," look to see how much time it took for the email to be delivered after it was sent.
Sources
If you need to send the information in the full headers of an email message (to report possible phishing or spam, for example):

  1. Follow the appropriate instructions below to first display the message headers.
    • Microsoft Outlook for Windows: Double-click the message to open it in a new window. Select the File tab, and then, at the bottom, click Properties. The data is next to Internet headers.
    • Outlook Web App (OWA): Double-click the message to open it. Click the More actions icon (three dots near the top right), and then click View Message Details.
    • Outlook Web App (OWA) in Exchange Online: Click the More actions icon (three dots near the top right), click View, and then click View Message Details.
    • Mail (Microsoft Store App): The Windows 10 Mail client is lightweight and not fully featured. Viewing email headers in Mail is not possible at this time.
    • Outlook for macOS: In your Inbox (or other folder), right-click or control-click the message, and then select View Source.
    • Thunderbird (Windows, macOS): Click View, select Headers, and then choose All.
    • Mail (macOS): With the message selected, from the View menu, select Message, and then select either All Headers or Long Headers.
    • Gmail at IU: See Trace an email with its full headers.
  2. Copy and paste that information into the email message you wish to send.

Do not click on links or attachments in unexpected or suspicious texts or emails.

Reporting cyber crime, fraud or phishing attempt to Action Fraud.

Report suspicious emails: If you have received an email which you’re not quite sure about, you can report it to the Suspicious Email Reporting Service by forwarding the email to - report@phishing.gov.uk.

Report suspected scam texts which they’ve received but not acted upon to their mobile network provider by forwarding them to 7726, which is free of charge.

Ruff time for animal lovers as scale of pandemic pet fraud unleashed by Action Fraud

  Data from Action Fraud,  the national reporting centre for fraud and cyber crime , reveals that £2,638,323 was lost by prospective pet own...