Valve won’t help you with Steam trade scams

June 29th, 2015 No Comments By Mof Gimmers

steam logo 300x300 Valve wont help you with Steam trade scamsHey gamers! Here’s some lousy news - Valve aren’t going to help you if you’re victim of a Steam trade scam!

“Our community assigns an item a value that is at least partially determined by that item’s scarcity. If more copies of the item are added to the economy through inventory rollbacks, the value of every other instance of that item would be reduced,” say Steam’s policy.

“We sympathize with people who fall victim to scams, but we provide enough information on our website and within our trading system to help users make good trading decisions.”

Valve concludes that “all trade scams can be avoided”.

So basically, they’re saying ‘it really is your own stupid fault if you get scammed, soz like’. Seems a bit odd to put the onus on the user, but there you go.

If you’re going to trade, then you might want to do some reading up on scams first, so you don’t get burned, because they’re not going to help you out one bit

600 million Samsung mobiles could be spied on

June 18th, 2015 2 Comments By Mof Gimmers

Samsung Galaxy Note 3 Back 300x168 600 million Samsung mobiles could be spied onIf you have a Samsung Galaxy, of any sort, your device could be spied on, thanks to a vulnerability in the in-built SwiftKey keyboard.

The keyboard comes installed in advance of 600 million of Samsung’s mobile devices, and apparently, it can be very easily hacked, which in turn, can give away a lot of your vital information.

This is according to Ryan Welton, who is a researcher with cyber-security firm NowSecure. He reckons that the flaw could allow hackers to see what you’re up to and can access your GPS, camera and microphone, as well as enabling them to secretly install malicious applications.

NowSecure say they told Samsung about this back in November, but no-one has done anything about it, so they’ve gone public.

In a statement by SwiftKey a while ago, they said, “the way this technology was integrated on Samsung devices introduced the security vulnerability.” However, they soon deleted that. The Guardian ran a quote from Joe Braid, chief marketing officer of SwiftKey, saying, “Unfortunately, we were only made aware of the issue on Tuesday. We are working as hard as possible to support Samsung and help it fix the issue.”

Samsung have since said that they “take emerging security threats very seriously… and [is] committed to providing the latest in mobile security.”

If you’re worried about this, there’s a host of other keyboards you can download from the Google Play store or, if you want to bolster your device’s security, here’s the Bitterwallet guide to the best security and anti-virus programs you can download.

Banking text scams are on the rise

June 11th, 2015 1 Comment By Mof Gimmers

scam Banking text scams are on the rise

Careful on your phone, now! Why? Criminals are sending people text messages that look like they’re from your bank – but they’re not! And of course, they’re after you juicy bank details so they can steal your pennies.

So what’s the skinny? Well, the texts claim that there has been fraudulent activity in your account or, in a more sly move, that your account details need to be updated. A phone number and website are provided, saying that the matter is very urgent.

Of course, the number and website is controlled by scammers, and Financial Fraud Action UK, have warned that this type of hoodwinkery is on the rise, with a spike in the last couple of weeks.

To make the texts seem authentic, fraudsters use specialist software which alters the sender ID on a message so that it appears with the name of a bank as the sender. This can mean that the text becomes included within an existing text message thread on the recipient’s phone.

Katy Worobec, director of Financial Fraud Action UK, said: “These text messages can look very authentic, so it’s important to be alert. Always be wary if you receive a message out of the blue asking you for any personal or financial details. If you’re ever at all suspicious, call your bank on a number that you know. Remember, fraudsters are after your security details – don’t reveal anything unless you are absolutely sure who you are dealing with.”

Of course, what normally happens when there’s fraud, is that your bank will ring you up and tell you what’s going on. There, you’ll go through security and other means to put your mind at ease. If your bank texts you, ever, it is usually to sell you something, so be aware. However, some fraudsters will send a text to say you’ll be receiving a call from your bank’s fraud department, which makes the whole thing more complicated.

Things to look out for

If you get a text, asking you for your personal details and sensitive information, chances are, it is a scam. A bank will never ask for your full password.

If you’re asked to call the number given in the text message, it’d be worth entering the number online, as it is likely to come up as a scam number. If you’re unsure, get a number you trust, like one included on your statement or one from your bank’s official website.

Your bank will never ask you to update your personal details via a link in a text, or tell you how to respond to a text message to confirm a transaction. They will also never ask you to transfer money into another account, ever. So if you get a whiff of anything that sounds dodgy, don’t do it.

halfords logo comp 300x175 Halfords Autocentre fined £47,000 after uncover investigationAn undercover operation found that a Halfords Autocentre failed to fix 11 out of 20 defects that had been deliberately left by Trading Standards.

The watchdog sent an illegal Vauxhall Astra with broken and missing light bulbs, irregular tyre pressures, oil leaks and faulty windscreen wipers to the centre in Filton, Bristol. The car was supposed to get a major service, which should’ve cost £235.

Investigators soon found that something was amiss, and told North Avon Magistrates’ Court: “It became obvious that not all the checks were done. Things were ticked as having been done that had not been and the consumer was not made aware (of the defects).”

“This is a national company. A consumer puts a lot of trust and faith in a national firm to do a proper job to ensure a car service is conducted thoroughly and professionally and in these circumstances it was not.”

This won’t allay some of the fears that many drivers have, that they’re being ripped off when it comes to getting their cars fixed or given the once over. This uncover sting came about after the number of complaints about the car industry in the area, were rather high.

Halfords pleaded guilty to eight counts of breaching consumer protection laws and the mechanic who carried out the service, has since resigned. Magistrates fined the company £32,000, ordered them to pay £14,862.04 costs and a £120 victim surcharge.

android logo 300x225 Android ransomware pretending to be FBI warningThere’s a spate of cases where Android users are finding that ransomware has been posing as a warning from the FBI, to frighten you off from looking at dirty stuff online. These come via spam emails, and there’s been 15,000 cases thus far, which are very convincing.

If you end up activating one of them, the ransomware demands $500 from you to restore access, which is a kick in the gusset. Of course, UK Android users should be wary of anything that comes from the FBI, because why would they be bothering with Steve from Cleethorpes or whatever.

It gets worse – if you try to independently unlock your devices, the amount goes up to $1,500.

This particular malware pretends to be an update from Adobe Flash Player and when you press ‘OK’ to continue, you see an FBI warning which you can’t navigate away from. It tells you that you’ve been breaking the law by visiting pornographic websites and, in a clever (but nasty) move, the scammers include screenshots of what they claim to be your browsing history. Then, it claims to have screenshots of your face and says that they know your location.

Basically, the malware doesn’t actually encrypt the contents of your phone, but instead, makes your device’s home screen button and back buttons completely inoperable. Turning your phone on and off won’t help either. It really is a nasty piece of work, but you can attempt a reboot in safe mode.

How to start your Android device in Safe Mode

- Ensure that your device’s screen is on and then press and hold the power button.
- In the dialogue box that opens, touch and hold ‘power off’.
- Touch ‘OK’ when you see ‘Reboot to safe mode’ box.
- Your device will start up in safe mode.

Also, to be safe, it is worth having your antivirus software on the go. If you don’t have antivirus software installed on your Android device, here are the best apps to download.

Beware Minecraft scam apps!

May 26th, 2015 No Comments By Mof Gimmers

According to research, there’s around 2.8 million of you out there who have downloaded Minecraft applications on their Android smartphones and tablets, which are malicious.

There’s been a host of dodgy apps doing the rounds in the last year, and 33 of them have been spotted in the Google Play store. These apps tend to offer cheats and tips to players, but of course, they’re doing something else that is no good for you at all. Once you download these apps, you end up getting a warning which says your device has been infected with a “dangerous virus”.

These are some of the malicious apps.

minecraft scam 500x500 Beware Minecraft scam apps!

If the apps fool you, you’re then asked to sign-up with a premium-rate SMS subscription which tells you that it’ll rid your gadgets of nasties.

It won’t, of course. What it will do is charge you for texts, coming in at £3.40 per week, which is around £177 per year if you don’t sort it out. The bogus virus warning page looks like this.

minecraft scam 2 500x332 Beware Minecraft scam apps!

One of the things that gives away these apps are the myriad of negative reviews and comments they’ve received. If you’re ever downloading any app, it is always worth looking at the score they’ve been given and checking out the reviews on Google Play, right before you hit the download button.

A number of the apps have been removed from Google Play, but that’s not to say they got them all. Obviously, snide developers are probably making more and tying them in the with hugely popular Minecraft game.

Like we said, to stop this happening, always look at the ratings and reviews on any app and get some security software for your Android phone. You can see some of the best anti-virus Android software here.

Best Android anti-virus and security apps

May 26th, 2015 1 Comment By Mof Gimmers

android lollipop Best Android anti virus and security appsThere’s always a risk of getting a grim virus on your Android device and, seeing as we all use our tablets and phones so frequently, it is worth making sure our gadgets are safe.

Seeing as Google Play is a bit of a mess and there’s a lack of curating going on, on their part, it is hard to find the best apps for you.

One of the reasons there’s such a dizzying amount of apps around is that anyone can submit their apps to Google’s Play market, and that includes scammers and those who want to brick your phone and all that. Apps can also be downloaded from all over the place, not just Google’s store.

With Android being more open than other operating systems, this is often a good thing – but as ever, there’s always someone who wants to spoil it for everyone.

So with that, let us look at what we think are the best Android antivirus apps around. Search for these in the Google Play Store, read the reviews from other users and see what is best for you.

THE BEST ANDROID ANTIVIRUS AND SECURITY APPS

Avast Mobile Security & Anti-Virus (click)

One of the most highly rated anti-virus apps is the Avast Mobile Security & Anti-Virus, which provides you with a load of background tools to thwart any bleakness you may stumble across. The app is free, too! This is probably the best you can get.

Qihoo 360 Mobile Safe (click)

Another good freebie, the Qihoo 360 Mobile Safe has a big array of useful tools and fares well with other users. This is arguably as good as the Avast app.

Kaspersky Internet Security for Android (click)

Yet another good free app, Kaspersky Internet Security is a solid app that offers protection for your Android devices. Well worth checking out.

Ikarus Mobile Security (click)

This app will cost you £7 inc VAT, and is a lightweight security app that should give you what you need to protect your Android device. That said, we feel it isn’t quite as good as the aforementioned freebies.

Norton Mobile Security 2014 (click)

A popular and famous name, the Norton Mobile Security 2014 app has a lot of helpful tools to manage and secure your phone and again, it is a free download.

make up 300x225 Arsenic and human waste found in fake make upDo you like putting human urine on your face? How about rat poo? Do you want to daub yourself with a mixture of the aforementioned, especially when it is mixed together with arsenic? If you’re into that, you should totally buy a load of fake make-up.

If not, then the police are saying that you should avoid fake beauty products, which are being sold all over Britain.

A campaign has been launched called ‘Wake Up – Don’t Fake Up’, which aims to warn consumers about the fake beauty product industry, which is reportedly worth £90m a year. This isn’t some dodgy person flogging counterfeit perfume out of a suitcase on a street corner – thanks to the internet, these products are everywhere.

Sadly, consumers are being conned as, online, you can’t hold the product to see inspect it and stock images are being used with these knock-off goods, so they look like the real deal.

The police’s lab tests have shown all manner of horrible stuff in them. Fake perfumes have been tested and, in them, they’ve found cyanide and urine.

Many counterfeit cosmetics are made in unsanitary factories, which means whatever vermin is creeping around there is taking a dump in the products, which you then wipe all over your face. Not cool.

Something is being done about this, though – in the last 18 months, the Police Intellectual Property Crime Unit (PIPCU) has suspended more than 5,500 websites which were flogging fake-up, and they seized more than £3.5m worth of products.

Detective Superintendent Maria Woodall said: “Many people don’t know about the real dangers counterfeit beauty products pose to their health. That is why this week we are urging the public to Wake up – don’t fake up! Criminals are exploiting every opportunity to fool customers into buying counterfeits in order for them to make some quick cash – putting people’s health, homes and lives at risk.”

“Beauty products are meant to enhance your features, however the fakes can in fact do quite the opposite. Our general rule is: if it seems too good to be true then it probably is.”

Starbucks app hack may be losing you money

May 18th, 2015 No Comments By Mof Gimmers

starbucks logo 300x300 Starbucks app hack may be losing you moneyDo you use the Starbucks app which allows you to pay for drinks and food? You should change your password, because there’s a hack about which could be taking money from you.

The hack sees ne’er-do-wells able to take funds from customer credit cards, bank accounts and PayPal accounts. You see, the app is linked to an online payment service and hackers have found a way in, so they can take advantage of the cash auto-reload function and online gift cards that a lot of people use.

Basically, they can transfer money to themselves.

So what’s the deal? Well, Starbucks say that they know there’s a problem, but rather than this being their fault, they say this is an issue with weak passwords. While they’re seemingly not willing to do anything about this security flaw, they are saying that customers won’t be held responsible for any charges that someone else is responsible for.

Starbucks said in a statement: “If a customer believes their account has been subject to fraudulent activity, they are encouraged to contact both Starbucks and their financial institution immediately.”

“Customers are not responsible for charges or transfers they did not make. If a customer’s Starbucks Card is registered, their account balance is protected.”

If you’re worried about this, change your password and disable the auto-reload feature, and you should be fine.

Costa Coffee suspend cards after hack

April 24th, 2015 No Comments By Mof Gimmers

costa coffee Costa Coffee suspend cards after hackCosta Coffee have suspended millions of Coffee Club Card online accounts after a load of their loyalty scheme members fell foul of a security breach.

The drink vendors said that they’d identified “some unusual activity” on some customers accounts while they were doing security checks.

A Costa spokesperson said that the number of people affected was in the “low to mid-hundreds”, but were confined to the UK. It will take a couple of days to reset everyone’s passwords and, until they’ve completed this, all online accounts will be suspended.

Mercifully, Costa don’t hold any customers financial data.

“We have already contacted those customers affected and emailed all registered Coffee Club members to make them aware of the situation. Customers can still continue to collect and redeem points as usual,” Costa Coffee said in a statement.

Now, feel free to complain about people spending too much money on coffee in the comments.

Holidaymakers conned out of billions

April 13th, 2015 2 Comments By Mof Gimmers

holiday 300x233 Holidaymakers conned out of billionsGoing on holiday this year? Lucky you. Unless, that is, you’re being swizzed out of money by internet ne’er-do-wells.

A report from the National Fraud Intelligence Bureau has fired off a warning to you sun-worshippers, saying that some holidaymakers who have booked vacations online have been collectively conned out of £2.2m in 2014.

Crims have been targeting online booking firms to swipe money from unsuspecting folk, and many of those only find out that they’ve been had once they arrive at their hotel, who tell them that there’s no record of their booking.

The NFIB report shows, during a 12-month period, that 1,569 cases of holiday booking fraud were reported to the police’s fraud squad, with most complaints relating to plane tickets, hacking accounts, posting fake adverts online and setting-up bogus sites. Two groups particularly targeted were sports fans and religious groups, paying for fake tickets to religious sites and/or sporting events, where places are limited and people can charge more.

Mark Tanzer, ABTA chief executive, said: “Holiday fraud is a particularly distressing form of fraud as the loss to the victim is not just financial but it can also have a high emotional impact. Many victims are unable to get away on a long-awaited holiday or visit to loved ones and the financial loss is accompanied by a personal loss.”

“We would also encourage anyone who has been the victim of a travel-related fraud to report it so that the police can build up a case, catch the perpetrators and prevent other unsuspecting people from falling victim.”

Chrome snoop-apps banned by Google

April 8th, 2015 3 Comments By Mof Gimmers

spy title cropped Chrome snoop apps banned by GoogleA number of Chrome add-ons have been stealing your sensitive data. Google have noticed this and shredded over 200 of them from the Chrome store.

These small extensions can be helpful additions to Chrome and Firefox when it comes to browsing, but some of them were problematic when you get under the hood of them. Google teamed-up with the University of California to analyse and nix a number of these apps.

They found that 5% of everyone visiting a Google page have at least one malicious extension, and most of those have a number of add-ons which are malicious.

One of the problems, according to researcher Alexandros Kapravelos, is that the dodgy extensions use the same techniques to collect your data as the legit ones.

“Even when we have a complete understanding of what the extension is doing, sometimes it is not clear if that behaviour is malicious or not,” he said. “You would expect that an extension that injects or replaces advertisements is malicious, but then you have AdBlock that creates an ad-free browsing experience and is technically very similar.”

Investigation launched into pensions

March 30th, 2015 No Comments By Mof Gimmers

pensions 300x187 Investigation launched into pensionsAn investigation has been kicked off by the Information Commissioner’s Office (ICO) after claims were made that the data of millions of people’s pensions are being sold to cold-calling firms and shady fraud types. The ICO have said that the rumours they’ve heard are “very worrying” and they will be talking to regulators and the police.

As you’ll know, there’s been changes which means that, from next month, people can cash-in their savings when they retire, rather than buying an annuity. These changes have seen increased concern about an upswing in fraud.

According to reports, people’s pension details are being sold off for as little as 5p without consent. Over at the Daily Mail, reporters said they were offered information about 15,000 pensions without checks being made. This backs up previous ICO warnings that these reforms could lead to more scamming.

Steve Eckersley, the head of enforcement at the ICO, said: “It suggests a frequent disregard of laws that are in place specifically to protect consumers. We will be launching an investigation immediately. We’re aware of allegations raised against several companies involved in the cold-calling sector, and will be making inquiries to establish whether there have been any breaches of the Data Protection Act or Privacy and Electronic Communications Regulations.”

If any company is found guilty, there could be fines of £500,000 dished out and criminal prosecutions could be brought forward to anyone found obtaining personal data.

Eckersley added: “The information we’ve been shown supports the work we’ve been doing to target the shady industry that operates behind the nuisance of cold calls and spam texts. We’re already aware of the potential for a huge spike in the number of scam texts and calls linked to pensions when the law changes in April, and have already taken action against a company that was sending out misleading messages.”

“What we’ve seen here confirms those fears. Personal data is such a valuable asset, particularly financial information. The worst case scenario here is this information getting into the wrong hands and being used to target individuals at a critical point in their financial lives.”

twitch 300x300 Twitch hacked: credit card details stolen along with other informationTwitch, bought by Amazon last year which allows people to make money from streaming themselves playing video games, has been hacked.

Everyone is looking at Lizard Squad, who hacked Xbox as well as Lenovo. They’ve got previous with Twitch as well, when they carried out a DDoS attack, which was only resolved when (get this) four Twitter users gave in to the Squad’s demands to post selfies with “Lizard Squad” daubed on their foreheads.

However, this latest hack doesn’t look like the handiwork of Lizard Squad because, mainly, they crow about their actions very readily and they’re not really about stealing personal information, which is what’s happened here.

It appears that login details, passwords and some credit card information has been stolen in this particular hack. Twitch themselves have confirmed the hack, saying that all users will be forced to reset their passwords. They said: “For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account.”

There’s no word on just how many people have been affected by this, but seeing as Twitch has over 45 million monthly viewers and in advance of 1 million people streaming videos, it is likely that this’ll be a large number of people who have had their security breached.

Twitch say that they’ve warned users and told them that the information that may have been swiped includes usernames, email addresses, the IP addresses from where people last logged in, credit card types, truncated card numbers and expiration dates, first and last names, phone numbers, home addresses, and dates of birth.

If you’re a Twitch user, it’d be worth changing the password for any sites you use that has a similar password to the one you use with this lot.

Apple and Android vulnerable to Freak Attack!

March 4th, 2015 No Comments By Mof Gimmers

apple android Apple and Android vulnerable to Freak Attack!Another day, another attack on people using gadgets to get on the internet. This time, something called Freak Attack (which sounds like an ace ’80s horror b-movie) is causing a headache for users of Android and Apple devices.

The good news is that there are no reports of this weakness being exploited (yet) and that the relevant companies are working quickly to shore up the flaw… but where has all this come from? Well, researchers reckon that the problem comes from code that came about from old government policies which required software developers to use weaker security in encryption programmes, thanks to that old chestnut of ‘international security concerns’.

The flaw is to do with web encryption technology, which could potentially enable bad people to spy on what you’re doing if you use Safari or Google’s Android browser.

Around a third of all encrypted sites were vulnerable as of yesterday, as sites continued to accept this weaker software, which affects Apple’s browsers, the Android browser, but not Google Chrome browser or the latest versions from Firefox or Microsoft.

Apple and Google have both said that they’ve fixed the Freak Attack flaw, with Apple rolling theirs out next week and Google saying that they’ve sent out the goods to device makers and wireless carriers.

Obviously, this highlights the problems with governments interfering with encryption codes, even when dealing with national security. This old policy has come back to bite it on the arse, as it could well do the opposite of what it was intended to do, and actually give a helping hand to criminals.

Until a rollout occurs, you’d be wise to use Chrome, Firefox or Microsoft’s browser or, indeed, ride your luck until the new security measures are in place, if you’re feeling saucy.