Hurray! A crackdown on card fraud!

December 19th, 2014 No Comments By Mof Gimmers

creditcards Hurray! A crackdown on card fraud!Good news everyone – new rules have been revealed which aim to beat down on card payment fraud! Aren’t you thrilled about that?

The European Banking Authority (EBA) has shared their new, tougher guidelines, making payment service providers get serious about customer identification before payments are processed.

There’s good reason for this too – in the last four years, the yearly cost of card fraud in the UK has jumped up from £365 million to somewhere in advance of £450 million! Two thirds of that came from the dastardly practice of ‘skimming’, where small amounts of money are continually removed from an account in the hope that the victim won’t even notice.

Of course, there’s been an increase in digital snidery too, with ne’er-do-wells using malware and the like. There’s also the tried-and-tested tactic of just nicking your card too.

Anyway, all this means is that you’ll carry on as normal while fraudsters will have to learn a new set of tricks to try and get at all your precious money.

GearBest’s customers are not happy

December 9th, 2014 3 Comments By Mof Gimmers

gearbest GearBests customers are not happyYou may have seen GearBest knocking around, selling video games, gadgets, clothes and all that, but it looks like there’s a lot of people that are desperately unhappy with them.

One reader got in touch with us and said: “Ordered from Gearbest 4 items the promised 3-5 days when nothing came I emailed them they gave me a false tracking number… thanks to this scam £186 taken from my account”, adding: “they said payment was made into their paypal account £186 inc insurance, I am so mad and gutted for my kids, i doubt i get my money back they have lied in emails (at least 20!)”

So we decided to look into it a little further and it seems like problems aren’t uncommon with GearBest. There’s been complaints of issues with shipping and money being taken multiple times.

Elsewhere, people who have shopped with GearBest have said: “I FEEL CHEATED! Deducted 3 times from credit card for cancelled item!” which no confirmation emails for products and featuring items that are out of stock, taking the money for them and leaving customers in limbo. On top of that, customers have said that GearBest aren’t exactly forthcoming with information when they’ve been sent queries.

One customer, unsatisfied with the slow return on emailing with problems noted that the helpline requires you to call long-distance, saying that the whole thing was the “worst experience of my life.”

Another complaint said: “Ordered tablets from this website, they’re now asking for pictures of debit card and passport, this is completely unacceptable this is my private information, I have never heard of a website asking for this type of information before, unless a scam.”

We should point out that GearBest is a legitimate business and not a scam site and that there are some positive comments floating around about them. However, at best, GearBest sound like a hassle and at worst, it looks like they may have taken money from customers without fulfilling orders with subsequent and frustrating chasing.

One to avoid if you’re Christmas shopping (and beyond).

Starbucks and their tax issues: Part 425

December 2nd, 2014 No Comments By Ian Wade

starbucks logo 300x300 Starbucks and their tax issues: Part 425Starbucks will not be paying a ‘normal’ amount of tax for the next three years, according to the gloop-peddler’s new UK boss.

British Chief Executive Mark Fox said the giant chain’s UK operations are likely to be profitable within three years, however until Starbucks returns to profit, corporation tax is not applicable.

Fox reckons it’s nothing unusual, but did find it odd that the chain had yet to make a profit from the average £3.50 a coffee.

Tax avoidance is nothing new with Starbucks, when it emerged two years ago that it had only paid £8.6 million in corporation tax, despite a £3 billion in the bank since it first infested the UK in 1998. Back then it was accused of funnelling profits through the Netherlands because lower tax. They’re still under investigation for that.

Fox has admitted to the Evening Standard that Starbucks had been damaged by the tax row, but insisted that Starbucks’ tax affairs were very, very ordinary. He said: “It happens across the sector and therefore it didn’t bother me at all.”

“There was nothing abnormal about the way Starbucks is run in the UK. What is abnormal is that we haven’t been making a profit,” adding: “I look at the business now with eight quarters of growth, I don’t see a damaged brand, I see a brand that is starting to regain its mojo.”

‘Mojo’. Honestly.

Syrian Electronic Army attack OK magazine

November 28th, 2014 No Comments By Ian Wade

hackers Syrian Electronic Army attack OK magazineA number of websites have fallen prone to being attacked by the SEA.

The Syrian Electronic Army (who sound like more like an underground rave set-up than terrorists) claimed to have hacked a number of websites.

The SEA exploited a fault with a content delivery network and soon visitors to the Independent, OK magazine and the Evening Standard websites were given a blank screen and a javascript popup telling them they had been hacked.

The Syrian Electronic Army are a pro-Assad Syrian hacker group. Of course they’d head straight for OK magazine.

The ad network were first in line for blame, due to the sporadic nature of the outages, which are difficult to replicate and spread over a number of sites.

The Independent reckon the hack came via the Gigya CDN, but stress no information on users was compromised.

Ernest Hilbert, a security consultant at Kroll Cyber, agreed that “it was Gigya. It is a DNS takeover, and this is what the Syrian Electronic Army does. Normally, you type in a URL, it goes to a domain name server, and it says ‘those words equal this website’.

“But not every user can get in through one connection, particularly at bigger sites. A CDN means that, because you can’t all fit in through the same door, it sends you to another one, another version of the content. And one of those versions, which hosts copies of all these affected sites, appears to have been compromised by the Syrian electronic army.”

This isn’t the first time the SEA have done this. They have form going back to 2011. They did The Sun and the Sunday Times in June, and The Guardian in 2013, when it sent spoof emails to staff encouraging them to reset passwords through a malicious link. Fancy that!

A million odd gas customers have been overcharged

November 27th, 2014 1 Comment By Ian Wade

British Gas 300x193 A million odd gas customers have been overchargedMore than a million pre-paying gas customers have been overcharged due to faulty meters.

Industry body Energy UK believe customers could have been overcharged by as much as 25p for each top-up. According to them, around 1.5 million meters haven’t been working correctly for as long as seven years, as the meters were not properly calibrated to measure the cost of the gas being used.

In the worst cases, some customers may have been rinsed for as much as £110 extra.

“We apologise unreservedly to customers,” said Lawrence Slade, the chief operating officer of Energy UK. ”We have acted quickly, and we want those affected to get their money back as soon as possible,” he told the BBC.

Gas customers will be refunded by their energy dealers, and their cards will be updated when they next need a top-up. British Gas, have already said more than 700,000 of its customers may have been overcharged.

Regulator Ofgem has called for a timetable for refunds and repairs, and it is thought that refunds will go out before Christmas.

“That overcharging has been going on for seven years shows the second-class service prepayment customers get,” said Gillian Guy, Citizens Advice chief executive, adding: ”Prepayment meter customers are already paying higher charges than direct debit customers, so this is adding insult to injury.”

Magical journey: not so magical

November 24th, 2014 No Comments By Ian Wade

A Christmas wonderland has been closed after one day due to hundreds of complaints. The Magical Journey was a trip designed by designer ponce and Dave Grohl lookalike Laurence Llewelyn-Bowen.

The attraction opened on Saturday at the Belfry, near Sutton Coldfield, and had been bugled up as a ‘snow-covered winter wonderland’. However, customers demanded refunds after dismissing the site as a rip off.

Magical Journey Map 500x419 Magical journey: not so magical

Event director Paul Dolan has apologised and said preparation had been “severely hampered” by recent torrential rain.

“It’s clear to us now that we should have postponed the opening, but we didn’t want to disappoint those families already booked. That was the wrong decision and we apologise.”

Lots of disappointed visitors posted messages on the attraction’s social media pages. Visitor Matt Freeman said on Facebook: “You have used Christmas as an excuse to exploit people and part with hard earned money for what turned out to be a joke. “I shall take this further and as for Laurence Llewelyn-Bowen he should be ashamed of this because quite honestly I could have cobbled something together better than this in my own back garden for half the cost.”

Ben Harvey also chipped in with the comment of the week: “There is nothing for kids to do, the elf who is meant to be Simon Cowell is completely pointless.”

Plus it wasn’t cheap: the top price for a child is £22.50. While most customers threw shade, some users encouraged others to give the Magical Journey “a chance” and to reserve judgement until it re-opened.

In a post on its website, organisers announced the attraction would close for three days for improvements and changes to be made. They’ve also offered refunds to anyone who has already visited the site.

Your webcam is probably being hacked by Russians

November 20th, 2014 5 Comments By Ian Wade

hackers Your webcam is probably being hacked by RussiansToday’s ‘not at all creepy. Oh no’ news now, and basically don’t get your bits out in front of a webcam ever again.

A Russian website is being shut down for streaming images stolen from the likes of baby monitors, bedroom cameras and CCTV.

The site has been featuring live feeds from basically anywhere that’s broadcasting on cam, including a gym in Manchester, a bedroom in Birmingham and an office in Leicester. The site’s database shows listings for 4,591 cameras in the US, 2,059 in France and 1,576 in the Netherlands.

The UK’s information commissioner Christopher Graham urged the Russian authorities to take immediate action to take down the site, but Russia being Russia at the moment, there’ll probably try and make an international incident out of it.

Graham also said he also would be working with the Federal Trade Commission in the US to try to force the site to close if the Russian authorities failed to cooperate.

Interviewed on BBC Radio 4’s Today programme, Graham said: “I’m very concerned about what this [website] shows and I want the Russians to take this down straight away … We now want to take very prompt action working with the Federal Trade Commission in the States to get this thing closed down. But the more important thing is to get the message out to consumers to take those security measures. If you don’t need remote access to a webcam then switch off that function altogether.”

WEBCAM HACK 500x351 Your webcam is probably being hacked by Russians

Graham also said consumers were too laid back about security: “We have got to grow up about this sort of thing,”

“These devices are very handy if you want to have remote access to make sure your child is OK, or the shop is alright, but everyone else can access that too unless you set a strong password. This isn’t just the boring old information commissioner saying ‘set a password’. This story today is an illustration of what happens if you don’t do that. If you value your privacy put in the basic security arrangements. It’s not difficult.”

The Russian site has been online for a month, and has already been the cause of some alert around the world. The UK have known about it for just over 24 hours.

So, watch out next time you do a broadcast. Your audience may be more global than you thought.

biscuits Some consumers cant tell the difference between brandsA lot of people can’t tell the difference between own-branded and branded goods, according to a survey by Which!!!

Which!!! asked 7,855 members various questions, and discovered that around a quarter of them have difficulty telling the brands from the own-brands, and have sometimes ended up buying the own brand goods by mistake! (the clots).

One of the main examples used was the similarity between McVitie’s Ginger Nuts and Lidl’s Tower Gate Ginger Nuts (pictured). Once the brand names had been blocked off, 39% of respondents confused Lidl with McVitie’s.

Other own-brands that the research suggested bore an uncanny resemblance to branded labels included Aldi’s Snackrite Thick Ridged Crisps (similar to McCoy’s), and Lidl’s Newgate Cream of Tomato Soup (similar to Heinz).

According to legal professional Lee Curtis, partner and trademark attorney at law firm HGF, says the basic test for a design right infringement is if the non-brand gives of the air of the real brand, but even if that’s the case, Curtis says: “Most of the main offenders for copying are big supermarkets. Brand owners will be scared of their commercial power and of being delisted – for many, supermarkets are their biggest customers, and they don’t want the hassle.”

Some companies have tried to legalise elements of their branding, but for some to no avail. Such is the case for Cadbury, which last year lost a legal battle to secure exclusive rights to Pantone 3685c purple in chocolate packaging.

broadband slow 319970 Stop fibbing about your broadband speeds say WhichWhich!!! have called on regulators to have a word with how broadband services are advertised.

At the moment, providers are allowed to use a ‘headline speed’ to advertise their services, but in reality only around 10% of their customers will actually get that. According to findings by Which!!!, a quarter of people would have selected another deal had they been better informed about what the actual speeds were.

To cover their backs, however, providers say various factors can affect the speed individual customers get.

According to Richard Lloyd, executive director of Which!!!, it’s not on: “Internet connection is now an essential part of modern life so it beggars belief that providers can sell people short by advertising speeds that only 10% of customers could receive,”

“We want advertising watchdogs to pull the plug on confusing adverts and ensure broadband providers show the speeds the majority of customers will actually get.”

Which!!! called on the advertising watchdogs, the Committee of Advertising Practice (Cap) and the Broadcasting Committee of Advertising Practice (Bcap), to review current guidelines, and now has started a campaign. Uncatchily entitled ‘Give us broadband speed guarantees‘, Which!!! are asking the public to sign up and to put pressure on those that lie.

Damn right.

creditcards Hated online card security systems to get revampedMastercard and Visa are going to replace their online security systems.

The much loathed MasterCard SecureCode and Verified by Visa systems are set to be usurped by a much easier to use set-up.

The systems that ask for further information and an extra password were meant to be a way of halting fraud and making it safer to shop on the internet.

However the systems have also been considered a bit of a faff and open to exploitation.

Initially it all sounded quite comforting. You’d get an extra window asking for fragments of your password and you’d feel all safe and that.

Yet according to customer feedback, customers have struggled to remember additional passwords, and there’s also been issues around whether the pop-up windows were not a front for some evil.

The new system will revolve around customers having passwords texted to them, which they would then type in.

Ajay Bhalla, president of enterprise security solutions at MasterCard, said: “All of us want a payment experience that is safe as well as simple, not one or the other. We want to identify people for who they are, not what they remember. We have too many passwords to remember and this creates extra problems for consumers and businesses.”

MasterCard believe that mobile payments will account for 30% of online retail sales by 2018.

HSBC profits affected by crimes of the past

November 4th, 2014 No Comments By Ian Wade

HSBC HSBC profits affected by crimes of the pastBank trouble again, with HSBC stepping into the spotlight with their tale of mis-selling woe.

The bank’s profits didn’t quite gain the heights that were expected after they’d put aside $1.8 billion (£1.5 billion) to pay back compensation to customers as well as a possible fine for rigging the currency markets.

This does however indicate that regulators are generally stepping up to the mark and shaming bad banks and banking. If only they’d been this tough, say, six years ago.

HSBC reckon they’d spent $700 million more this year on compliance and risk than a year ago, and that level of expense looked set to stay, meaning it would miss one of its main cost targets.

HSBC said its forex investigation provision covered “detailed” talks with Britain’s financial regulator about alleged manipulation in the $5.3 trillion-a-day forex market.

The talks were in relation to systems and controls in one part of its spot forex business in London, it said. Last month HSBC fired two traders in London, sources said.

Shall we see what excuses CEO Stuart Gulliver is bleating?: “The cost base of a global bank like ourselves is higher than it was before, because … it includes a significantly higher compliance and regulatory cost than historically the banks had invested in,”

“It reflects the fact that standards, foreign policy, etc, all evolve in a world that is a lot less certain than it was 10, 15 years ago.”

HSBC added 1,400 more compliance staff in the third quarter and now had 24,800 staff in risk and compliance, or one in 10 of its employees. That’s heartwarming really, that the growth sector of banking-based employment is down to the bank themselves ripping its customers off.

We look forward to all our terms and conditions being updated in the coming weeks across the banking sector while they all fiddle with more margins and charges to claw some money back from our accounts, to atone for their mess-ups.

Look out! There’s more phone fraud knocking about!

October 29th, 2014 1 Comment By Mof Gimmers

telesales telephone Look out! Theres more phone fraud knocking about!Time to get vigilant, dear Bitterwallet reader, because there’s a scam doing the rounds that tricks you into believing you’re talking to a trusted business on the phone.

We wouldn’t be doing our civic duty if we didn’t inform you of it, but if you’re one of those lazy people who can’t be bothered reading an article, then the solution we offer is to never, ever answer a phone call, just to be on the safe side.

For those who insist on answering phonecalls or, indeed, want to learn about doing some fraud for some extra beer money, here’s the low down.

This scam has been dubbed ‘number spoofing’, where ne’er-do-wells clone a telephone number of an organisation and basically impersonate them so that, on your caller ID, you’ll think it is all legit and above board. The people at Financial Fraud Action UK reckon that this has become a bit of a problem in recent weeks.

Of course, this type of scam has been knocking around for years, but it is on the increase and criminals are using it to steal your money. At the moment, according to FFA UK, the main targets are businesses, but personal banking customers are also finding themselves being contacted by these snide gits.

Basically, fraudsters are posing as bank staff or police officers and ask you for your personal and financial details. They usually tell you that fraudulent activity has been detected on your account, which is a bit rich seeing as the scam ends up with fraudulent activity all up in your business.

If the scam artists don’t get your details, they’ll try and get you to send money to another account for ’safe-keeping’. Frankly, if you’re going to fall for that, then you need to start worrying. Remember though – no organisation, including your bank, will ever, ever ask for your password and PIN number in whole. Anyone doing so is absolutely trying it on with you.

Craig Jones, spokesperson for FFA UK, said: “Number spoofing is becoming increasingly common and it’s not difficult for the criminals to fake a caller ID. So if a number appears on your phone’s caller ID display, you shouldn’t assume you know where the call is being made from.”

“Remember that if a caller is trying to draw your attention to the number on your phone display, it’s very unlikely the call is genuine as there is no legitimate reason to point it out.”

Half of Britain victimised by cyber crooks

October 24th, 2014 No Comments By Ian Wade

cyber crime 300x223 Half of Britain victimised by cyber crooksHalf of the UK have been victims of cyber crime! According to a new report.

Well, they say ‘half’, but based on a survey of 2000 web users, 51% said they’d been affected by online scams, phishing, ID theft or some pesky virus.

The report by the Get Safe Online organisation, also said that many victims are left emotionally scarred by the experience.

Which is about right. You DO feel a bit vulnerable and freaked out that some arse has buggered your online-scene up.

Half of the victims said they felt violated by their ordeal and rued clicking on that link for free glans/baps (delete as appropriate). Only 14% of the affected felt they’d achieved any kind of redress after the matter either.

Also, a report by the National Fraud Intelligence Bureau, released to coincide with Get Safe Online Week, claimed that online scams raked in £670m between 1 September 2013 and 31 August 2014.

However an upshot of all this, has meant that those who have been violated then got heavy with web protection and not being so free and easy with their online behaviour.

Tony Neate, chief executive of Get Safe Online reckons this, by saying “Get Safe Online Week this year is all about ‘Don’t be a victim’, and we can all take simple steps to protect ourselves, including putting a password on your computer or mobile device, never clicking on a link sent by a stranger, using strong passwords and always logging off from an account or website when you’re finished.”

“The more the public do this, and together with better conviction rates, the more criminals won’t be able to hide behind a cloak of anonymity.”

Meanwhile Minister for the Cabinet Office Francis Maude threw his weight in and said the figures underlined the importance of doing everything possible to shore up the UK’s cyber defences, saying: “The UK cyber market is worth over £80bn a year and rising. The internet is undoubtedly a force for good, but we cannot stand still in the face of these threats, which already cost our economy billions every year.”

“We have an £860m Cyber Security Programme which supports law enforcement’s response to cybercrime, and we are working with the private sector to help all businesses protect vital information assets.”

Ebola email spreads malware! IS NO-ONE SAFE?!

October 23rd, 2014 No Comments By Mof Gimmers

hackers Ebola email spreads malware! IS NO ONE SAFE?!Even your computer isn’t safe from the threat of Ebola. Hackers and spam merchants are taking advantage of people’s panic about the disease by sending out emails that look like they’re from the World Health Organisation (WHO).

Obviously, they’re not from the World Health Organisation.

These messages encourage you to open an attachment, which will show you how to protect yourself from Ebola. However, instead of helping you, it’ll infect your computer and download malware into your system and then, as ever, will allow people to get at all your lovely personal information and bank details.

There is also a scam doing the rounds which is much less believable, where the email is from ‘an Ebola expert’. If you’re daft enough to open the attachments in that, then frankly, you deserve everything you get.

Message topics to look out for are: ‘What you need to know about the deadly Ebola outbreak’, ‘So Really, How Do You Get Ebola?’, ‘Is there ANY way to cure Ebola?’ and ‘The #1 Food Items You’ll Need In An EBOLA Crisis’.

Seeing as most people are ignoring the small threat of Ebola in real life (unless you work in a newsroom of course, where it is being heralded as the new plague), the best advice is to treat any emails with the same laissez faire attitude you’ve been employing thus far.

Apple admit that iCloud has been compromised

October 23rd, 2014 2 Comments By Ian Wade

apple icloud 300x260 Apple admit that iCloud has been compromisedApple have ‘fessed up about iCloud accounts being compromised by fake log-in pages. This follows an incident wherein Chinese users’ account names and passwords were requested by suspect looking web pages.

After all that celebrity nude action a couple of weeks ago, Apple came up with a two-password verification system to try and increase security.

Alas, reports of organised password phishing syndicates harvesting user information via fake iCloud pages emerged, and Apple had to come clean and say it’s a thing.

A statement released on Apple’s support page has confirmed that these phishers were stealing accounts and passwords, but that remained the dimensions of it. There was no further information as to when these happenings occurred or the severity of them.

Apple have helpfully told users to only use sites if there’s a padlock handy. On the site’s address bar, not around your neck.

They said: “We’re aware of intermittent organised network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”

“The iCloud website is protected with a digital certificate. Users should never enter their Apple ID or password into a website that presents a certificate warning.”

Last month, Apple chief executive Tim Cook admitted that Apple could do more to inform users how to make their iCloud accounts more secure, but was too pre-occupied with flogging new tat than being helpful.