Protect yourself from scammers

Thinking of doing something with your pension pot?

Before you go any further, read these five tips to protect yourself from scammers.

If you think you’ve been scammed – act immediately

If you’ve already signed something you’re now unsure about, contact your pension provider straight away. They may be able to stop a transfer that hasn’t taken place yet. Then call Action Fraud on 0300 123 2040 to report it.

If you have doubts about what to do, ask The Pensions Advisory Service (TPAS) for help. Call them on 0300 123 1047 or visit the TPAS website for free pensions advice and information.

If you’re aged 50 or over and have a defined contribution pension (a pension not based on your final salary), Pension Wise is there to help you investigate your retirement options. Visit the Pension Wise website to find out more.

 Cold called about your pension? Hang up!

Unsolicited phone calls, texts or emails about your pension are nearly always scams. Scammers will often claim they’re from Pension Wise or other government-backed bodies. These organisations would never phone or text to offer a pension review.

 ‘Deals’ to look out for’

Beware of unregulated investments offering ‘guaranteed returns’. These include exotic sounding investments like hotels, vineyards or other overseas ventures, and deals where your money is all in one place – and therefore more at risk. Visit the FCA’s ScamSmart website to see if the deal you’re being offered is a known scam, or has the hallmarks of a scam. Don’t be rushed into making a decision. Scammers will try to pressure you with ‘time limited offers’ or send a courier to your door to wait while you sign documents. Take your time to make all the checks you need – even if this means turning down an ‘amazing deal’.

 Using an adviser? Make sure they’re registered with the FCA

Scammers sometimes pose as financial advisers. Check your adviser is registered on the FCA website and that they’re authorised to give advice on pensions. If you deal with someone who is not regulated you may not be covered by the Financial Ombudsman Service or Financial Services Compensation Scheme if things go wrong. And don’t be taken in by smart websites or brochures – professional-looking marketing materials are not a guarantee of a company’s authenticity.

 Don’t let a friend talk you into an investment – check everything yourself

People have fallen for scams because they’d been recommended by a friend. Do your homework, even if you consider yourself or your friend to be financially savvy. False confidence can lead to getting stung and with a pension, it might be years before you discover you’ve been scammed.

 

Don’t let a friend talk you into an investment – check everything yourself

People have fallen for scams because they’d been recommended by a friend. Do your homework, even if you consider yourself or your friend to be financially savvy. False confidence can lead to getting stung and with a pension, it might be years before you discover you’ve been scammed.

Stop children bingeing on social media during holidays, parents urged | Society | The Guardian

Children’s commissioner says too much time is spent online as she launches ‘five a day’ campaign. Children’s access to Snapchat should be limited, the children’s commissioner says. Photograph: Lucy Nicholson/Reuters.

Source: Stop children bingeing on social media during holidays, parents urged | Society | The Guardian

‘LinkedIn Update’ Phishing Scam Email

If you use LinkedIn, keep an eye out for an email that claims you must click a link to update your account. The email, which has the subject “LinkedIn Update” claims that LinkedIn is updating its “Services Agreement and Privacy.

The message warns that your account will be deactivated if you do not click the link and update your account. However, LinkedIn did not send the email and your account will not be deactivated if you don’t click the link. Instead, the email is a phishing scam that is designed to steal your LinkedIn account login details. If you click the link, you will be taken to a fraudulent website that has been built to emulate the real LinkedIn login page. Once on the fake site, you will be asked to enter your account email address and password to log in. After entering your details, you’ll see a message claiming that you’ve successfully completed the supposed update.

Online criminals can now use the information you provided to hijack your LinkedIn account. Once they have gained access to your account, the criminals can use it to send spam, scam, and malware messages to your LinkedIn contacts in your name.  They may also gather more of your personal information from your account and use it to pose as you and attempt to steal your identity. LinkedIn users are regularly targeted in such phishing scams.

LinkedIn has information about phishing scams and how to report them on its website.

Which smartphone is the most secure? – NCSC Site

Andy P (EUD Security Research Lead) says: “When talking about end-user device security, one of the questions I hear most often is ‘Which smartphone is the most secure?’ . Now, since Jon’s told us we’re not allowed to say ‘It Depends’, we’d better have a good answer. So here’s what I think.”

‘The most secure platform’ isn’t really a useful metric. It’s an old adage that the most secure computer is the one turned off, disconnected, and locked in a safe. Pretty secure, and not very usable. But it illustrates the point that there’s plenty more to think about than just security when deciding which device you’re going to use to get your job done (or play Minecraft on). Instead, I believe the question we should be asking is ‘Is it secure enough?’.  Once you’ve established which of your potential options are in that category, you can then pick the one that best meets your other requirements, such as cost, features, battery life, availability of your favourite apps and so on.

Source: Which smartphone is the most secure? – NCSC Site

It’s a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android

 

A variant of the Marcher banking trojan is targeting Android users by masquerading as a mobile Adobe Flash Player app.

This version of the malware arrives via popcash[dot]net, an advertising network which is known to serve “popunder” ads that display behind a main browser window so that the user sees them when they try to exit.

The ads drop malware payloads that pose as Adobe Flash Player. If a user clicks on the dropper URL, they see a message warning them that their Flash Player is out of date.

The dropper also loads the malware “Adobe_Flash_2016.apk” onto the user’s device, a program which then guides the user to disable security features and allow app installations from unknown sources.

Successful installation prompts the malware to conceal its icon from the home screen, to register the infected device with its command-and-control (C&C) server, and to send important information about the infected device including a list of installed apps to its server.

Source: It’s a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android

Cyber Safe Warwickshire – AA Data Breach Exposes Details Of Over 100,000 Customers

A breach at UK car insurance company, the AA, has exposed information on more than 100,000 customers, including names, email addresses and partial credit card details, according to security researchers.

The company said a ‘server misconfiguration’ was responsible for the information being openly available on the web for a few days in April of this year.

The AA have been criticized for its handling of the incident: After claiming no sensitive information was included in the exposed cache, the company was called to task when security researcher Troy Hunt said he found 117,000 unique email addresses, names and partial credit card info among the details.

The company never notified its affected customers, he added.

Source: Cyber Safe Warwickshire – AA Data Breach Exposes Details Of Over 100,000 Customers

‘Petya’ cyber attack targeting ‘everyone’: How to protect yourself

Cyber security experts are warning that consumers can also be targeted by the ransomware that has affected huge organisations around the world.

A new variant of known malware Petya is believed to be behind the chaos, which initially hit Ukraine, before spreading to companies in a number of other countries, including the UK.

However, it’s not just big businesses that are under threat.  Consumers are also at risk and should be wary if they are running operating systems that are vulnerable to the exploit, in other words if you have not patched,” Raj Samani, chief scientist & fellow at McAfee, told the Independent.

Roblox – a guide for parents | Safer Internet Centre

Childnet Education Officer Tom offers some top tips for parents to help young people stay safe on Roblox.

“In Childnet education sessions, young people and parents often mention Roblox, the popular gaming site. Young people regularly tell us how much they enjoy the different games and levels within it. This blog explains a bit about Roblox,  what to be aware of as a parent and offers our top tips on how to ensure your child stays safe. This is will include:

  1. Communication: how Roblox can be used to communicate with other users
  2. Content: what content is available on Roblox that might not be suitable for children
  3. Costs: what ways children might accidentally run up costs while using Roblox

Plus we will share our top tips for staying engaged with your children’s use of Roblox and making the most of the safety features available on the service.

Source: Roblox – a guide for parents | Safer Internet Centre

Apple Mac computers targeted by ransomware and spyware

Mac users are being warned about new variants of malware that have been created specifically to target Apple computers. One is ransomware that encrypts data and demands payment before files are released. The other is spyware that watches what users do and scoops up valuable information.

Experts said they represented a threat because their creators were letting anyone use them for free. The two programs were uncovered by the security firms Fortinet and AlienVault, which found a portal on the Tor “dark web” network that acted as a shopfront for both.

How to stay secure while staying connected on vacation – Help Net Security

The wide availability of Wi-Fi networks can make it difficult to unplug and disconnect on vacation, but if consumers take that extra step and unplug they can experience a more secure trip.

Despite the benefits experienced from unplugging, most individuals still prefer to stay connected when on vacation. But when individuals put convenience over security, by using unsecured Wi-Fi access points that are easily hackable for example, they leave themselves open to the possibility of having their personal information compromised.

Source: How to stay secure while staying connected on vacation – Help Net Security