Posts Tagged ‘scam’
How the Android fanboys laughed at the Apple fanboys, when there was a text message that could crash iPhones.
Well, the Apple crew can get their own back now, as there’s news of a text that can really stuff things up for Android devices. The rest of us, meanwhile, can wonder why people argue about which phone you should have. Seriously. Go for a walk or something.
Anyway, what’s this flaw? Well, seeing as most Android phones automatically download photos, and there’s a scam going around that enables hackers to take control of your phone via photo messages, and there’s 950 million Android users worldwide, we’ve got a problem.
The picture in question allows nasty sorts to get complete control of Android devices, accessing your camera and everything else. Thanks to Android phones automatically downloading photos in texts, you wouldn’t even need to open it to be vulnerable to the malware.
So what are Google doing about it?
They said: “This vulnerability was identified in a laboratory setting on older Android devices, and as far as we know, no one has been affected. As soon as we were made aware of the vulnerability we took immediate action and sent a fix to our partners to protect users.”
“As part of a regularly scheduled security update, we plan to push further safeguards to Nexus devices starting next week. And, we’ll be releasing it in open source when the details are made public by the researcher at BlackHat.”
There you go then.
We told you about the trouble surrounding Adobe Flash and how the hackers might come after you. Well, the software is now automatically blocked by all versions of the Firefox browser. Remember Firefox? Awww.
Anyway, Mozilla – the people behind Firefox – have brought in the block, which saw cyber-scallies able to do all manner of dodgy things, including stealing documents from a security firm. Mozilla said that this block will stay until ”Adobe releases an updated version to address known critical security issues”.
Adobe have said that they’re taking all this very, very seriously and that they’re working on fixing the bugs and flaws.
Mozilla have given out advice on how to adjust Firefox’s settings so Flash will only run with your permission. You can see that here. Or, you can click here to make sure you have the latest version of Flash, but it is advised that you stop using it at all, for the time being.
You should only activate Flash on sites that you trust.
Facebook’s security chief Alex Stamos, wants Flash killed off completely, saying: “It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.”
Adobe have said that the patches to fix all the Flash troubles should be made available to everyone at some point this week, so until then, stay vigilant or continue with your cavalier attitude. Whatever. We’re not your real dad.
According to the Information Commissioner’s Office (ICO), there’s been a rise in spam calls and texts, with more than 180,000 complaints made about these nuisances in the last year alone. That’s a 12% rise, compared with the year before.
The watchdog also said that they’d issued five fines relating to all this, totalling £386,000, alongside eight enforcement notices, with another 31 firms being “monitored”.
The said: “Most concerns related to accident claims, green energy deals, payday loans and lifestyle surveys. Live calls generate significantly more concerns than automated calls and spam texts.”
One of the reasons there’s been a spike, is that this year, the law was changed, to make it easier for companies to be fined for breaching rules regarding nuisance calls and texts. The ICO have also been doing a load of investigations where allegations of personal data being obtained or disclosed illegally. In one case, a Transport for London employee was prosecuted for illegally accessing Oyster card records.
Launching the report, the information commissioner, Christopher Graham, said: “We’ve seen real developments in the laws we regulate during that time, particularly over the past year. Just look at the EU court of justice ruling on Google search results, a case that could never have been envisaged when the data protection law was established.”
The executive director of Which!!!, Richard Lloyd, said that this was jst “tip of the iceberg”, adding: “This is why regulators, government and industry must work harder to cut off unwanted calls and texts that annoy millions of us every day. The ICO must use its new powers to full effect and hit hard any company breaking cold-calling rules. We also want to see senior executives personally held to account if their company makes unlawful calls.”
As well as being exploited by a Chinese hacker crew, it has now been added to the Magnitude exploit kit, which enables amateur malware authors to build all manner of software which could make your life difficult. There’s already been some attempts to install ransomware on some computers.
Adobe have confirmed that the flaw is being jumped on by hackers, especially those using Internet Explorer on Windows 7 and Firefox on Windows XP. Even if you aren’t using these things, you should still sort your life out and update your Flash.
If you prefer, you can just get rid of Flash. As most computers come with it built-in, even though it isn’t the crucial thing it once was, this means hackers are always tempted to attack it.
If you’re using Chrome, your browser updates it automatically. If not, click here to see if you have the latest version of Flash and, if you don’t, update it now.
Careful on your phone, now! Why? Criminals are sending people text messages that look like they’re from your bank – but they’re not! And of course, they’re after you juicy bank details so they can steal your pennies.
So what’s the skinny? Well, the texts claim that there has been fraudulent activity in your account or, in a more sly move, that your account details need to be updated. A phone number and website are provided, saying that the matter is very urgent.
Of course, the number and website is controlled by scammers, and Financial Fraud Action UK, have warned that this type of hoodwinkery is on the rise, with a spike in the last couple of weeks.
To make the texts seem authentic, fraudsters use specialist software which alters the sender ID on a message so that it appears with the name of a bank as the sender. This can mean that the text becomes included within an existing text message thread on the recipient’s phone.
Katy Worobec, director of Financial Fraud Action UK, said: “These text messages can look very authentic, so it’s important to be alert. Always be wary if you receive a message out of the blue asking you for any personal or financial details. If you’re ever at all suspicious, call your bank on a number that you know. Remember, fraudsters are after your security details – don’t reveal anything unless you are absolutely sure who you are dealing with.”
Of course, what normally happens when there’s fraud, is that your bank will ring you up and tell you what’s going on. There, you’ll go through security and other means to put your mind at ease. If your bank texts you, ever, it is usually to sell you something, so be aware. However, some fraudsters will send a text to say you’ll be receiving a call from your bank’s fraud department, which makes the whole thing more complicated.
Things to look out for
If you get a text, asking you for your personal details and sensitive information, chances are, it is a scam. A bank will never ask for your full password.
If you’re asked to call the number given in the text message, it’d be worth entering the number online, as it is likely to come up as a scam number. If you’re unsure, get a number you trust, like one included on your statement or one from your bank’s official website.
Your bank will never ask you to update your personal details via a link in a text, or tell you how to respond to a text message to confirm a transaction. They will also never ask you to transfer money into another account, ever. So if you get a whiff of anything that sounds dodgy, don’t do it.
The watchdog sent an illegal Vauxhall Astra with broken and missing light bulbs, irregular tyre pressures, oil leaks and faulty windscreen wipers to the centre in Filton, Bristol. The car was supposed to get a major service, which should’ve cost £235.
Investigators soon found that something was amiss, and told North Avon Magistrates’ Court: “It became obvious that not all the checks were done. Things were ticked as having been done that had not been and the consumer was not made aware (of the defects).”
“This is a national company. A consumer puts a lot of trust and faith in a national firm to do a proper job to ensure a car service is conducted thoroughly and professionally and in these circumstances it was not.”
This won’t allay some of the fears that many drivers have, that they’re being ripped off when it comes to getting their cars fixed or given the once over. This uncover sting came about after the number of complaints about the car industry in the area, were rather high.
Halfords pleaded guilty to eight counts of breaching consumer protection laws and the mechanic who carried out the service, has since resigned. Magistrates fined the company £32,000, ordered them to pay £14,862.04 costs and a £120 victim surcharge.
According to research, there’s around 2.8 million of you out there who have downloaded Minecraft applications on their Android smartphones and tablets, which are malicious.
There’s been a host of dodgy apps doing the rounds in the last year, and 33 of them have been spotted in the Google Play store. These apps tend to offer cheats and tips to players, but of course, they’re doing something else that is no good for you at all. Once you download these apps, you end up getting a warning which says your device has been infected with a “dangerous virus”.
These are some of the malicious apps.
If the apps fool you, you’re then asked to sign-up with a premium-rate SMS subscription which tells you that it’ll rid your gadgets of nasties.
It won’t, of course. What it will do is charge you for texts, coming in at £3.40 per week, which is around £177 per year if you don’t sort it out. The bogus virus warning page looks like this.
One of the things that gives away these apps are the myriad of negative reviews and comments they’ve received. If you’re ever downloading any app, it is always worth looking at the score they’ve been given and checking out the reviews on Google Play, right before you hit the download button.
A number of the apps have been removed from Google Play, but that’s not to say they got them all. Obviously, snide developers are probably making more and tying them in the with hugely popular Minecraft game.
Like we said, to stop this happening, always look at the ratings and reviews on any app and get some security software for your Android phone. You can see some of the best anti-virus Android software here.
A bloke called Paul spied the incident from a window on Caledonian Road, saying that the worker used bolt cutters to chop the lock before throwing the bike into the back of his van.
Paul told Metro.co.uk: “UK Power Networks have been working on the road for quite some time. I was on the phone leaning against the window and one of them wasn’t working and looking quite suspicious so my attention falls on him.”
“Then he goes over to the bike and cuts the lock. He waited for some time, then he walked back over and took the bike.”
At this point, our Paul went outside to have a word and of course, he filmed the whole thin. He asked the UK Power Networks employee why he had the bike in the van. He claims; ‘”because it was there dumped”. However, our gallant hero points out that this is a load of cobblers, leaving the worker to deny cutting the lock and repeatedly saying ‘sorry mate’.
A spokesperson for UK Power Networks said: “We take any allegations of wrongdoing extremely seriously and will follow all appropriate procedures to ensure a full investigation is carried out and relevant action is taken.”
“We are currently liaising with the person who recorded the film to ensure the matter is resolved.”
Have a look at this yourself and you can decide whether or not this bloke is a dirty tea-leaf.
A steward for Ryanair found a passenger’s camera on a flight. Now, you’d think they’d hand it in to lost property and that would be the end of it, right?
Well, this particular steward thought he’d have it for himself and flog it on eBay. Fernando Miguel Andrade Viseu didn’t realise these things can be tracked and on the auction, he found he’d got a message from the owner.
The camera owner, a teacher called Aaron Galloway, was going on a break when he forgot his camera on the seat of the plane. He told the crew about it and they said they saw no sign of the £499 Nikon camera.
Galloway got home, looked on eBay and BAM, there it was. And so, he sent the vendor a message.
Viseu replied, saying how dreadfully sorry he was and that the camera would be returned at the airport.
How did it end?
Well, Viseu was promptly arrested and ordered to pay compensation of £145 and carry out 100 hours of community service. Oh, and now he’s on the internet known as a snide.
A spokesman for Essex Police said: “We arrested a 34-year-old man from the Stansted area on Friday February 20 on suspicion of theft. He was taken to Stansted area police station where he was interviewed and subsequently charged with theft of a camera and a Kindle.”
What do Ryanair think of it all? They said: “While we don’t comment on legal matters, we can confirm that this individual no longer works for Ryanair.”
A report from the National Fraud Intelligence Bureau has fired off a warning to you sun-worshippers, saying that some holidaymakers who have booked vacations online have been collectively conned out of £2.2m in 2014.
Crims have been targeting online booking firms to swipe money from unsuspecting folk, and many of those only find out that they’ve been had once they arrive at their hotel, who tell them that there’s no record of their booking.
The NFIB report shows, during a 12-month period, that 1,569 cases of holiday booking fraud were reported to the police’s fraud squad, with most complaints relating to plane tickets, hacking accounts, posting fake adverts online and setting-up bogus sites. Two groups particularly targeted were sports fans and religious groups, paying for fake tickets to religious sites and/or sporting events, where places are limited and people can charge more.
Mark Tanzer, ABTA chief executive, said: “Holiday fraud is a particularly distressing form of fraud as the loss to the victim is not just financial but it can also have a high emotional impact. Many victims are unable to get away on a long-awaited holiday or visit to loved ones and the financial loss is accompanied by a personal loss.”
“We would also encourage anyone who has been the victim of a travel-related fraud to report it so that the police can build up a case, catch the perpetrators and prevent other unsuspecting people from falling victim.”
Another day, another attack on people using gadgets to get on the internet. This time, something called Freak Attack (which sounds like an ace ’80s horror b-movie) is causing a headache for users of Android and Apple devices.
The good news is that there are no reports of this weakness being exploited (yet) and that the relevant companies are working quickly to shore up the flaw… but where has all this come from? Well, researchers reckon that the problem comes from code that came about from old government policies which required software developers to use weaker security in encryption programmes, thanks to that old chestnut of ‘international security concerns’.
The flaw is to do with web encryption technology, which could potentially enable bad people to spy on what you’re doing if you use Safari or Google’s Android browser.
Around a third of all encrypted sites were vulnerable as of yesterday, as sites continued to accept this weaker software, which affects Apple’s browsers, the Android browser, but not Google Chrome browser or the latest versions from Firefox or Microsoft.
Apple and Google have both said that they’ve fixed the Freak Attack flaw, with Apple rolling theirs out next week and Google saying that they’ve sent out the goods to device makers and wireless carriers.
Obviously, this highlights the problems with governments interfering with encryption codes, even when dealing with national security. This old policy has come back to bite it on the arse, as it could well do the opposite of what it was intended to do, and actually give a helping hand to criminals.
Until a rollout occurs, you’d be wise to use Chrome, Firefox or Microsoft’s browser or, indeed, ride your luck until the new security measures are in place, if you’re feeling saucy.
Another day, another hack and this time, customers of TalkTalk are being warned after a load of account numbers, names and personal details were stolen from them. Be on the lookout for people trying to scam you, basically.
In an email sent to all TalkTalk customers, the company said that ne’er-do-wells were using the swiped details to try and trick people into handing over their bank details. If you received the email, you’ll find a special phone line to call if you’ve been targeted.
The number is 0800 083 2710.
This scam was discovered after TalkTalk found that there was a very sudden spike in people complaining to them about scam calls at the end of last year. A spokesperson said: ”We have now concluded a thorough investigation working with an external security company, and we have become aware that some limited non-sensitive information may have been illegally accessed in violation of our security procedure.”
It seems that the hack came about via a third-party who also had access to TalkTalk’s network and, as a result, the company will be taking legal action against the aforementioned third-party.
“We are aware of a small, but nonetheless significant, number of customers who have been directly targeted by these criminals and we have been supporting them directly,” said a statement from TalkTalk.
The scam in question involves customers getting called up and, with the stolen details, the scammers are trying to convince you that they’re a legitimate TalkTalk representative who tries to sell them security software. So, if you’re a customer and someone from TalkTalk rings you up and asks for your bank details, tell ‘em where to sling it.
Remember the fella who bought a photocopy of a MacBook for £300? Some thought it was kinda funny, while others didn’t like to see someone being scammed, leaving everyone else to shout pointlessly on about Android versus Apple.
Well, now that the hubbub has died down, the scammed man in question is trying to do something good with the whole scenario.
Paul Barrington is selling the piece of paper on eBay in a bid to raise money for the British Lung Foundation.
On the seller notes, he’s written: “Item can be a little stiff to close and sometimes a bit slow to start up. Some of the keys may appear slightly smudged and the screen is stuck on the same image.”
Arf. He’s added on the auction page: “This is clearly an auction for a piece of paper… however, this is no ordinary piece of paper because on it is photocopied in glorious black and white the picture of the laptop I thought I had purchased.”
“Now I know what you’re thinking already (trust me, I’ve read the comments) “If it looks too good to be true then it probably is?”. However, this slimline piece of paper is littered with plus points that would make the new owner the envy of his friends and colleagues. First of all how about I tell you that this piece of paper is worth at least £300? That’s right – three hundred quid. I can assure you of that because that is what I paid for it. “You deserve everything you get as you didn’t read the listing properly” I hear the other 50% of commenters cry even though they clearly haven’t read any of the previous comments stating the same thing believing that they were the first to make such a witty retort.”
“This may well be the most famous piece of photocopied paper in the world right now and has featured far and wide with its story and notoriety. I will send the paper in the same ridiculous little box that it was sent to me in and hopefully you will be slightly less disappointed than I was when it arrives.”
“As you all probably know (some of you better than me it seems) I have a small problem with my lungs or in other words they are knackered. This keeps putting me into hospital where I am now on first name terms with all the lovely staff on the ward at North Devon District Hospital. I have got my money back from eBay for the scam that I was duped into. So all of the sale price of this fine Slimline A4 laptop paper will go directly to the British Lung Foundation in the hope that they can use the money to further develop treatment and cures for people like me that just want to get better and carry on with life.”
So there you have it. He’s got his refund and is now trying to raise some money for charity with all that press he got. We’re only to happy to share this and we should hope that other outlets do too.
If you think a deal is too good to be true, chances are, it is. Unless you’re looking in our Deals of the Day, of course. Either way, if someone is offering you a MacBook for £300, you’ve got to be wary.
One man who wasn’t, was Paul Barrington who saw the deal on eBay and thought he’d got himself an absolute steal! He parted with his money and waited. When it arrived, he found he’d spent all that money on a photocopied picture of a MacBook instead.
Look at his sad face.
Of course, MacBooks set you back around £1,500 if you’re buying them new and, if you’re getting one second-hand, they’re not going to be much cheaper.
Paul had apparently sold his treasured surfboard to buy the device, as he wanted to start gigging as a wedding DJ.
He said: “I sold my pride and joy for a piece of paper. It’s the first time I haven’t had a surfboard since I was 10 years old but I need a laptop so I checked the listing and the seller’s rating.”
“He’d been a member for a few years, so there was nothing to be suspicious about. I was excited about winning the auction and just thought, ‘I’ve got a laptop so I can start the business. The package was as light as a feather. Why bother sending a picture in a box? It doesn’t make any sense. I almost had to laugh.”
Paul has of course, reported this scam to eBay who are going to get back to him. Anyone who has dealt with eBay before, stop laughing. Here’s the auction.
Have you been using an app called WhatsApp Plus? Well, stop that at once! You see, WhatsApp have banned some users from using the app for 24 hours because it is a third party application and it violates the ‘terms of service’.
WhatsApp have asked their users to uninstall WhatsApp+ and install the authorised version of WhatsApp from official website or Google Play if they want to resume normal service. This other app isn’t related to WhatsApp, which means it has code that isn’t supported by the company and, worse still, if you get hacked and your details and photos leak, they won’t be taking any responsibility for it.
So if you’ve been sending photos of your junk to people through this third party app, you’re asking for trouble.
WhatsApp are treating the Plus app as malware and, in their FAQ section, they’ve said: “WhatsApp Plus is an application that was not developed by WhatsApp, nor is it authorised by WhatsApp. The developers of WhatsApp Plus have no relationship to WhatsApp, and we do not support WhatsApp Plus. Please be aware that WhatsApp Plus contains source code which WhatsApp cannot guarantee as safe and that your private information is potentially being passed to 3rd parties without your knowledge or authorization.”
In short – stop using it, alright? Good.