Half of Britain victimised by cyber crooks

October 24th, 2014 No Comments By Ian Wade

cyber crime 300x223 Half of Britain victimised by cyber crooksHalf of the UK have been victims of cyber crime! According to a new report.

Well, they say ‘half’, but based on a survey of 2000 web users, 51% said they’d been affected by online scams, phishing, ID theft or some pesky virus.

The report by the Get Safe Online organisation, also said that many victims are left emotionally scarred by the experience.

Which is about right. You DO feel a bit vulnerable and freaked out that some arse has buggered your online-scene up.

Half of the victims said they felt violated by their ordeal and rued clicking on that link for free glans/baps (delete as appropriate). Only 14% of the affected felt they’d achieved any kind of redress after the matter either.

Also, a report by the National Fraud Intelligence Bureau, released to coincide with Get Safe Online Week, claimed that online scams raked in £670m between 1 September 2013 and 31 August 2014.

However an upshot of all this, has meant that those who have been violated then got heavy with web protection and not being so free and easy with their online behaviour.

Tony Neate, chief executive of Get Safe Online reckons this, by saying “Get Safe Online Week this year is all about ‘Don’t be a victim’, and we can all take simple steps to protect ourselves, including putting a password on your computer or mobile device, never clicking on a link sent by a stranger, using strong passwords and always logging off from an account or website when you’re finished.”

“The more the public do this, and together with better conviction rates, the more criminals won’t be able to hide behind a cloak of anonymity.”

Meanwhile Minister for the Cabinet Office Francis Maude threw his weight in and said the figures underlined the importance of doing everything possible to shore up the UK’s cyber defences, saying: “The UK cyber market is worth over £80bn a year and rising. The internet is undoubtedly a force for good, but we cannot stand still in the face of these threats, which already cost our economy billions every year.”

“We have an £860m Cyber Security Programme which supports law enforcement’s response to cybercrime, and we are working with the private sector to help all businesses protect vital information assets.”

Ebola email spreads malware! IS NO-ONE SAFE?!

October 23rd, 2014 No Comments By Mof Gimmers

hackers Ebola email spreads malware! IS NO ONE SAFE?!Even your computer isn’t safe from the threat of Ebola. Hackers and spam merchants are taking advantage of people’s panic about the disease by sending out emails that look like they’re from the World Health Organisation (WHO).

Obviously, they’re not from the World Health Organisation.

These messages encourage you to open an attachment, which will show you how to protect yourself from Ebola. However, instead of helping you, it’ll infect your computer and download malware into your system and then, as ever, will allow people to get at all your lovely personal information and bank details.

There is also a scam doing the rounds which is much less believable, where the email is from ‘an Ebola expert’. If you’re daft enough to open the attachments in that, then frankly, you deserve everything you get.

Message topics to look out for are: ‘What you need to know about the deadly Ebola outbreak’, ‘So Really, How Do You Get Ebola?’, ‘Is there ANY way to cure Ebola?’ and ‘The #1 Food Items You’ll Need In An EBOLA Crisis’.

Seeing as most people are ignoring the small threat of Ebola in real life (unless you work in a newsroom of course, where it is being heralded as the new plague), the best advice is to treat any emails with the same laissez faire attitude you’ve been employing thus far.

Apple admit that iCloud has been compromised

October 23rd, 2014 2 Comments By Ian Wade

apple icloud 300x260 Apple admit that iCloud has been compromisedApple have ‘fessed up about iCloud accounts being compromised by fake log-in pages. This follows an incident wherein Chinese users’ account names and passwords were requested by suspect looking web pages.

After all that celebrity nude action a couple of weeks ago, Apple came up with a two-password verification system to try and increase security.

Alas, reports of organised password phishing syndicates harvesting user information via fake iCloud pages emerged, and Apple had to come clean and say it’s a thing.

A statement released on Apple’s support page has confirmed that these phishers were stealing accounts and passwords, but that remained the dimensions of it. There was no further information as to when these happenings occurred or the severity of them.

Apple have helpfully told users to only use sites if there’s a padlock handy. On the site’s address bar, not around your neck.

They said: “We’re aware of intermittent organised network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”

“The iCloud website is protected with a digital certificate. Users should never enter their Apple ID or password into a website that presents a certificate warning.”

Last month, Apple chief executive Tim Cook admitted that Apple could do more to inform users how to make their iCloud accounts more secure, but was too pre-occupied with flogging new tat than being helpful.

Internet security at risk from poodles

October 15th, 2014 No Comments By Ian Wade

poodle Internet security at risk from poodlesGoogle’s security team – imagine some detective types with torches, illuminating the dark passageways of the internet – have discovered a potential vulnerability in SSL 3.0.

Google reckon that SSL 3.0 is an insecure, obsolete protocol that has since been superseded. But even when servers support the more secure TLS 1.0, TLS 1.1 or TLS 1.2, the downgrading that takes place between servers and clients can be exploited using a POODLE (Padding Oracle On Downgraded Legacy Encryption) attack.

Bodo Möller from Google’s security team points out that this move will “break some sites” and the advice is to support TLS_FALLBACK_SCSV instead, at least for the time being. OR THE POODLES WILL GET YOU.

Basically an attacker can force this protocol downgrade to take place by preventing the initial connection from taking place. The encryption used in SSL 3.0 is fairly easily cracked and a relatively simple attack can then be used to intercept and decrypt secure cookies.

What that means is that hackers could steal browser cookies and potentially end up controlling your email, bank details and social network accounts.

So yes. BEWARE POODLES! Not only that – these POODLES are similar to another vulnerability called Firesheep. It seems that the internet is under threat from animals that have fluffy fur.

These problems will only affect people who haven’t updated their browsers in a while, so if you’re using Internet Explorer 6, you may find your computer filling up with wool. So update your browser now, y’idiot.

Minimise the risk of fraud with your bank

October 14th, 2014 1 Comment By Mof Gimmers

bank sign Minimise the risk of fraud with your bankThere are millions of bank account holders who are leaving themselves wide open to fraud, according to Britain’s tops banks.

Industry body the British Bankers Association (BBA) has teamed up with the police to launch a campaign which they hope will raise the public’s awareness on all things fraud, looking at the most common scams that will happen online or down the phone.

Based on the results of a YouGov poll, the BBA said that eight million people are vulnerable to voice phishing scams, four million may transfer money to fraudsters, three million could potentially carry out “test transactions” and 1.7 million would hand their bank cards to couriers on their doorstep if they had a convincing form of ID.

Best not to answer the phone or door to anyone, ever.

Anthony Browne, chief executive of the BBA, said: “Being defrauded is a devastating experience for anyone which is why we are launching this campaign. The more people know about fraud, the less likely they are to become victims.”

“Our Know Fraud, No Fraud campaign will help you spot some of the tactics used by scammers. Your bank would never send someone to your home to collect your cash or ask you to transfer funds to a new account.”

So, for your records to be printed out and stapled to grandma’s forehead as a reminder to her and everyone else, here’s the BBA’s List of Things That Your Bank Will Never Ask For.

- Ask for your full PIN number or any online banking password over the phone or via email
- Send someone to your home to collect cash, bank cards or anything else
- Ask you to email or text personal or banking information
- Send an email with a link to a page that asks you to enter your online banking log-in details
- Ask you to authorise the transfer of funds to a new account or hand over cash
- Call to advise you to buy diamonds or land or other commodities
- Ask you to carry out a test transaction online

Dropbox: nearly seven million accounts hacked

October 14th, 2014 2 Comments By Ian Wade

Dropbox Logo 580 75 300x168 Dropbox: nearly seven million accounts hackedNearly seven million Dropbox accounts have been hacked.

The latest in the long line of unending hackery was spotted after hackers were able to get at logins and passwords via a third party affair.

Hackers leaked 400 accounts onto site Pastebin, claiming to make the remaining 6.9 million hacked accounts available to users in return for Bitcoin donations, according to The Next Web.

The post threatened that 6.9 million Dropbox accounts had been hacked, including photos, videos and other files.

Obviously Dropbox don’t want to be seen as quite so vulnerable and so dismissed it, claiming: “These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.

“We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.”

Dropbox reckon that the service consistently expiries passwords for accounts that are being attacked, but could not provide a number of accounts that expired recently.

The news comes as wasteman Edward Snowden claims individuals who care about their privacy should “get rid of Dropbox”, counting it among the services that are “hostile to privacy.”

Either way, Dropbox should change their company logo from ‘your stuff, anywhere’, to ‘your stuff, bloody everywhere’.

call centre 300x168 Another attempt for nuisance calls and spam to be regulatedA change to the regulations surrounding nuisance calls and text messages has been recommended by Ed Vaizey.

The Minister of State for Culture and the Digital Economy wants to make it easier to fine the perpetrators of these heinous crimes.

Mr Vaizey would like to get it all sorted by the next general election, which suggests he needs to get his skates on.

A vague attempt at doing this last year was stopped, after a legal ruling went against the Information Commissioner’s Office (ICO) after it fined Christopher Niebel, the co-owner of marketing company Tetrus Telecoms, £30,000 for bombarding people with hundreds of thousands of texts regarding PPI and accident claims.

Simon Entwistle of ICO reckons: “This will make it much more straightforward for us to take action,”

“At the moment, it takes a large amount of effort to prove substantial distress and this change will make it much more proportionate to the problems these calls and texts cause.”

“We understand firms can have legitimate reasons to make marketing calls, but we reckon that for every one concern lodged with us there are about 1,000 nuisance calls or texts.”

Well, about time frankly.

Spamwatch: Emma Watson

October 10th, 2014 No Comments By Ian Wade

emma watson sofia vergara 300x156 Spamwatch: Emma WatsonPoor old Emma Watson – she’s become the latest front for an internet virus.

Ads claiming to have nudey footage of the Harry Potter star are actually trojans riddled with malware.

Serves you right if you’re that type of person into leaked celebrity baps to be honest.

Bitdefender’s cooly-named Chief Security Strategist, Catalin Cosoi, told Digital Spy: “It all starts with a Facebook comment promising to reveal private or leaked videos of Emma Watson”.

“The comments are automatically posted by users infected with the malware. As is the case with many Facebook scams, victims end up as marketers for cyber-crooks.”

“When users click on the malicious links, they are redirected to a salacious YouTube copycat. Future victims are then asked to update their Flash Player to the latest secured version of Video Player, as an error allegedly prevents them from watching the leaked videos of Emma Watson.”

As if you needed reminding, trojan malware is a bastard, and will rifle through your computer for anything stealable.

Disguised by the Flash Player icon, Trojan downloads the infected components into computer files. The videos themselves are hosted by a fake YouTube account, identified by the Anonymous Guy Fawkes avatar in the left hand corner.

So anyway. Norks on the internet. More harm than good.

NFL in the UK: Banning your bags

October 10th, 2014 3 Comments By Mof Gimmers

Large stadium events are always a bit of a faff, be it the limited amount of beer thanks to some watery lager sponsor, or be it it something to do with only being able to pay for things on certain credit cards.

Everyone knows the drill by now.

However, with the NFL coming to the UK, they’ve pulled a fast one that is almost impressive in its pointlessness. Basically, you can’t take any bag at all into Wembley stadium. Look at this exhaustive list of prohibited bags, which of course, are banned ‘for your safety’, even if you’ve been to big stadium shindigs before and managed to avoid a backpack maiming.

20141010 083454 e1412929164544 281x500 NFL in the UK: Banning your bags

 

If you have a bag for your medicine and whatever, that’s fine, but as the warning leaflet says: “entry will be permitted, however you may experience a delay in entering the stadium.”

So what is fine then? What is permitted? Why, NFL approved bags you can buy outside the ground, which of course, are considerably safer than your average bag.

20141010 083515 e1412929499224 281x500 NFL in the UK: Banning your bags

Of course, a huge sporting franchise taking the Michael at a enormodome is along the lines of “is the Pope Catholic?”, but this is next level ridiculousness.

If you want to watch an informative video and, if you’re going to any of the games and want to know the exact dimensions of purses that women are allowed to take, click here for the NFL’s official take on the whole thing.

MasterCard 300x182 MasterCard prevent cyber attacks before they happenMasterCard is getting hardcore in its ongoing scrap with cyber criminals, but implementing a new solution.

The card giant has come out with SaftetyNet, which is designed to work with a bank or processor’s own security tools, and is apparently so amazing that it can thwart crimes before they happen.

According to Ajay Bhalla, who is our favourite named president of enterprise security solutions at MasterCard this week, said: “With SafetyNet we are really fast tracking the next generation of security solutions, which are designed to stop fraud or attacks before many of our partners have even noticed it is happening,”

We can do this because MasterCard’s SafetyNet operates as intelligent technology which can identify fraud in real time and decline a transaction before any exposure takes place.”

It is thought SaftetyNet uses the significant power of MasterCard’s global financial network to find potential attacks before they take place and in some cases will be able to do so before the bank or processor has noticed.

SafetyNet monitors different channels and geographic regions in order to provide the most appropriate level of support for each market and business partner involved, and works as complementary to the banks own security tools with a new layer of protection.

Bhalla added: “MasterCard is delivering a multi-layer approach to safety and security. For the consumer there are the security tools you can see including the EMV chip on your physical card or the SecureCode screen when at your online checkout.  Through the launch of SafetyNet MasterCard is taking further steps to secure the payment data and transactions at both retailer and issuer”.

eBay phishing scam exposed

September 19th, 2014 No Comments By Ian Wade

eBay have been having a right old time of it lately.

They’ve now been hit by online badmen who’ve been phishing and rinsing unsuspecting customers for their usernames and passwords, by placing fake item listings and redirecting users to external sites.

According to a BBC report, it was brought to attention by an eBay PowerSeller who thought something was a bit fishy about an iPhone 5 listing that took him to a weird address.

He’s also provided a video about, bless him.

The IT professional told the BBC: “It’s guaranteed – you can bet your bottom dollar that somebody’s going to click on that and be redirected to a third-party site and they’re going to enter their details and be compromised.

“You don’t know how many of the hundreds of thousands of people who use eBay will have done that.”

eBay have removed the listings, but it’s likely to be the tip of a vast iceberg, as it tries to find out how many people had been fooled by it. It’s the last thing eBay need, having had a dozen service crashes this year already.

But anyway. Keep ‘em peeled.

Fake government websites banned

September 17th, 2014 No Comments By Ian Wade

asa logo 300x200 Fake government websites bannedThe advertising watchdog ASA – who sadly aren’t a real dog – have banned three cheeky copycat websites.

The sites have been posing as government channels for health insurance cards, passports and birth certificates, leaving consumers baffled, poor and riotous.

The websites – europeanhealthcard.org.uk, uk-officialservices.co.uk and ukpassportoffices.co.uk – duped users into thinking they were official providers of services they were offering, the Advertising Standards Authority (ASA) said.

It also ruled that the websites must not appear again and any future versions must feature disclaimers that say “we’re not real”.

Although, putting a thing on a site saying it’s a fake, sort of defeats the purpose of being a moody front to steal your life.

The ASA said it received large numbers of consumer complaints about websites that offered access to online government services, but which were not official channels and typically charged a premium.

The ASA said the europeanhealthcard.org.uk website charged for an application verification service, while the EHIC was available for free when applied for via the official gov.uk website.

Only stick to the proper gov channels, and if in doubt, call ‘em up and waiting 45 minutes to get through to someone.

Planes: More seats – less legroom

September 12th, 2014 2 Comments By Ian Wade

fat man on airplane 300x255 Planes: More seats   less legroomWhile Ryanair have been shopping and snapping up a load of Boeing planes, it has announced that it will be able to accommodate 197 seats up from the original 189.

The airline’s purchase of the Boeing 737 MAX 200s, will be able to carry more passengers due to slimmer seats and less galley space than the current 737-800s.

Obviously, Michael O’Leary, Ryanair’s CEO, reckons the extra seats would generate around €1million of additional revenue per plane per year. Oh as a bonus, he hopes it will start an old fashioned price war… “which, like all the old price wars, Ryanair will win,” the charmer bellowed.

Ryanair do say that the legroom will in fact be increased due to the seats and smaller galleys. The customers – although not fully disclosed – would have 30 inches of leg room.

However  Airbus said the MAX 200 configuration would mean the removal of three of eight galley trolleys, which would leave just five trolleys for almost 200 passengers.

This is the latest in the ongoing quest to get more passengers on to planes other than just laying them on top of each other, or sitting on laps.

The number of economy seats in Boeing 777s has gone from 15% of its 74 777s taking ten abreast (up from the original nine) in 2010, to 69% in 2012.

Even Airbus have offered up designs which show an 11-abreast seating arrangement on its A380 superjumbo efforts, which would gain 35-40 more seats.

The nutjobs also tried to offer up a design featuring just saddles, but that might have been the result of someone doing some smoking.

Air-rage is increasing as a result of the battery hen scenes on the long-haul flights, with at least three planes having to be diverted in the last month.

Shall we look at a chart showcasing who has the most legroom on their economy flights? Go on, it’ll be fun!

                                  Legroom (pitch)                Seat width

Monarch                 28 ins*                                   17 ins
Thomson                28                                            16.5-17.2
Thomas Cook       28-33                                      16.2-18.5
EasyJet                   29                                            17.5
Ryanair                  30                                            17
Aer Lingus            31-32                                       17
British Airways   31-34                                      17-18
(*with an “extra legroom” option of 32 ins for a fee)

Bournemouth Pavilion Peter Pan December 2014 310px NEW 300x261 Youre going to the panto! (Oh no youre not! etc)Have you, by chance in the last day or so, opened an email and wondered how you managed to get tickets to see a pantomime in Bournemouth?

Well, you haven’t been on hard drugs after all, it’s a scam. A SCAM.

Known as the “Peter Pan virus” (which sounds like some unsavoury sex practice), due to the name of the production in question, it has been doing the rounds of the inboxes in the last 24 hours.

It is possibly the most convincing phishing email as yet, and WHY MUST THESE BOZOS KEEP DOING THIS. WHY?

Claiming to be from BH Live, it displays the recipient has booked nine tickets – NINE – to a 7pm performance of Peter Pan at Bournemouth Pavilion on December 23rd.

Phishing emails typically purport to come from organisations such as banks or HM Revenue & Customs, but this one is a bit sneakier and oddly British in approach. Rest assured, Bournemouth Pavilion are ON IT and have been warning people not to open it.

Thing is, BH Live is real, and one of their leisure entertainment solutions is the Pavilion, who are actually putting on Peter Pan this Christmas.

Although Earth Wind & Fire along with Sooty & Friends (not together, although that would be incredible) look like good nights out, should you find yourself down Bournemouth way.

But you’re not going to the panto, soz. Put all this distressing phishing nonsense BEHIND YOU and delete it.

McDonald’s: now accepting rubbish

September 5th, 2014 No Comments By Ian Wade

Sweden’s McDonald’s have come up with a green festival campaign. The Big Mac hitmakers are now accepting empty cans in exchange for burger-based treats.

Regarder.

mcdonald binbag 500x333 McDonalds: now accepting rubbish

In stores mainly around festival areas and green spaces, they are now accepting cards, cash and cans.

And so that collectors can have a handy guide as to working out the “exchange rate”, McDonald’s have provided bin bags with illustrations um, illustrating them.

For ten cans, you “can” HAHAHA have a hamburger.

However, anyone who has been to Sweden will know that everywhere is quite pricey, so you’d be better off just buying McDonalds instead, but hey – the planet and all that.

Now, who knows anything about Maccies and deforestation?