Fraud Alert: Payment diversion

Information provided by http://neighbourhoodalert.co.uk/

Fraudsters are emailing members of the public who are expecting to make a payment for property repairs. The fraudsters will purport to be a tradesman who has recently completed work at the property and use a similar email address to that of the genuine tradesman. They will ask for funds to be transferred via bank transfer. Once payment is made the victims of the scam soon realise they have been deceived when the genuine tradesman requests payment for their services.

Protect yourself

Always check the email address is exactly the same as previous correspondence with the genuine contact.
For any request of payment via email verify the validity of the request with a phone call to the person who carried out the work.
Check the email for spelling and grammar as these signs can indicate that the email is not genuine.
Payments via bank transfer offer no financial protection; consider using alternative methods such as a credit card or PayPal which offer protection and an avenue for recompense.
If you believe that you have been a victim of fraud you can report it online

http://www.actionfraud.police.uk/report_fraud or by telephone 0300 123 2040.

My computer won’t connect to the Internet

If your iPad or computer has been fine then suddenly displays a message saying it cannot connect to the Internet here is a quick fix.

Check Your Router

Your router is the device supplied by your Internet Provider (Sky, Virgin, BT, TalkTalk etc).

Here are a couple of examples:

BT Home_Hub_4
BT Home_Hub_4
Virgin Superhub
Virgin Superhub

Power Off / Wait / Power On

All routers have different lights and we could list them all but the simple approach is the best.

There should be a power switch on the router. Press the switch to switch off the router. Wait 5 minutes. Press the button again. Wait 10 minutes for the router to start up.

Then try your Internet again. Often this fixes the problem.

Although it’s a simple fix we are not sure why this seems to be required so often.

Things to check

  • Overheating
    Make sure there is adequate ventilation around the hub .
  • Firmware Update
    This is a technical solution – can be done normally via the Admin Control Panel.
  • Limit Connections
    Maybe too much traffic.
  • Faulty Router
    It happens in which case get a replacement from your ISP (Internet Service Provider).

 

Gmail Phishing Scam at large

Get me out of here

There is a highly effective phishing technique stealing login credentials for Gmail Users that is having a wide impact, even on experienced technical users.

The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.

You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again. You glance at the location bar and you see accounts.google.com in there.

Once you complete sign-in, your account has been compromised. A commenter on Hacker News describes in clear terms what they experienced over the holiday break once they signed in to the fake page:

“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.

How to protect yourself

Be very careful of clicking on images sent from other Gmail users.  Gmail does occasionally ask you to login, so be very careful if you are asked to do this. If in doubt, close the login browser tab (or just close your web browser). Then try your Gmail again, and you should still be logged in. It was a scam. Inform the sender that their google account has been compromised.

Enable two factor authentication if it is available on every service that you use. GMail calls this “2- step verification” and you can find out how to enable it on this page.

Enabling two factor authentication makes it much more difficult for an attacker to sign into a service that you use, even if they manage to steal your password using this technique. I would like to note that there is some discussion that indicates even two factor authentication may not protect against this attack. However I have not seen a proof of concept, so I can not confirm this.

 

Ransomeware Alert

To avoid being a victim of the latest Cerber Ransom-ware make sure you run updates on all the software on your computer.

In addition to the Windows update, you need to ensure the following applications are also up to date:

  • Flash Player
  • Silverlight
  • Internet Explorer or Edge

What is Ransom-ware?

Illegal software that encrypts the contents of your computer (silently in the background) then asks for money to provide you with a code to unlock the computer.

All your documents, pictures and data will be affected. If you have a backup drive plugged in when this happens, this will also be encrypted.

Will My Anti-Virus protect me?

Possibly. It depends on the product you have purchased. The attack may come from compromised adverts on legitimate web sites, so ensure you have an Ant-Virus solution that blocks malicious adverts. We recommend Kaspersky Anti-Virus. Attacks like this are called Drive-By attacks and you don’t have to click on anything.

What can I do if I have been infected?

Generally the prospects are grim. There are means to decrypt your computer but it depends on which malware was installed. You may have to pay the criminal in the end if the files are really valuable ( A lot of large companies have had to take this route) but there is no assurance it will work. After all you are dealing with criminals. Prevention is the best cure.

Safeguarding against catching viruses and malware.

  • Update your software as soon as possible.
  • Backup your computer regularly and if possible make 2 backups. Perhaps use a external drive plus a cloud backup system like Carbonite.
  • Never leave backup drives attached to computers – ideally have two drives and swap them over weekly and only leave them attached while backing up.
  • Ensure you use unique passwords on all your accounts.
  • Disable the Adobe Flash plugin in your browser – or at least make it run on demand instead of automatically.

Why not ask us to give your computer a security check? We can show you what needs to be done on a regular basis or do it for you.