DHL Express ‘Parcel Arrival Notification’ Malware Email

Parcel Delivery Malware Email

This email, which purports to be from DHL Express,  is supposedly a pre-arrival notification for a parcel that has been delivered to your local post office. The email instructs you to click a link to download and print a receipt that you can submit when picking up the parcel. However, the email is not from DHL and clicking the link does not download a parcel delivery receipt. Instead, the link opens a website that harbours malware. Once on the bogus website, you will be instructed to click a “download” button. If you do so, malware may be delivered to your computer. The exact nature of this malware may vary.

This type of attack is often used to distribute ransomware.  Once installed, ransomware can lock all the files on your computer and then demand that you pay a fee to online criminals to receive an unlock code. In other cases, the malware may be designed to steal sensitive information such as banking passwords from the infected computer. In recent years, fake parcel delivery notification emails have been repeatedly used by criminals to distribute various types of malware. Be cautious of any email that claims that you must click a link or open an attached file to view details about a supposed parcel delivery.

An example of the malware email:

From: DHL EXPRESS
Subject: Parcel arrival notification 
Hi [email address],
This is a pre-arrival notification of your parcel to our local post office
Kindly Print/Download your DHL-AWD reciept to be submitted during pick-up.
Print/Download DHL-AWD reciept here
Kindly endeavour to be accurate as possible to reduce time of clearance and recipient confirmation.
Please add our email to your contact to guarantee inbox delivery. | 2018 DHL Express | Customer Service |

The people behind the tech support scams – Which? News

 ‘Do you see a Windows key on the bottom-left of your keyboard?’ a deep male voice asked me on the phone. I said yes. Over the next two minutes, the man instructed me to enter a series of commands, until my computer’s home screen erupted into a cascade of warnings and errors.
Fortunately, this was a secure demonstration, and my computer was at no real risk. I had challenged Shantanu Banerjee to conjure up warning signs of viruses on my perfectly healthy computer. He was more than happy to oblige. Until 2015, making up computer viruses out of thin air is what Banerjee, a 25-year-old from Kolkata, did for a living. ‘See what I did there? There is no problem on your computer. Your computer is fit and fine. But my job is to convince you that it has many problems.’
Criminal underworld
In January 2014, Banerjee started his career as a tech support scammer in one of Kolkata’s ‘hundreds of outfits.’ He would still be cheating victims across the UK out of thousands of pounds to this day, if his company hadn’t withheld his month’s salary of £290. Unlike most of his colleagues, who simply left the company when that happened, Banerjee kept demanding his pending wages. That’s when the truly immoral nature of his criminal employers was revealed.
On 3 December 2014, he posted a message on Facebook: ‘I protest [about my salary], but they keep me [hostage] whole night and beat me. Police also not help me, so I am very alone…please help me.’ Once a scammer himself, now seeking help against criminals, Banerjee posted the name and address of the company that he had worked for.
This April, when I reached out to him after reading the post, Banerjee was so disillusioned with his former career that he offered to send me ‘a list of every company in Kolkata who is running a tech support scam.’
 
 India-wide problem
India has made a name for itself as the home of the tech support scam. Over two-thirds of Microsoft’s customers in the UK have encountered such scams, according to a 2016 Microsoft report. A 2016 study by New York’s Stony Brook University found that 86% of all tech scams worldwide originated in India. According to Microsoft research, the average loss suffered by victims is £600. Older consumers tend to be at greater risk of falling for the scam – the average age of victims is 62.
In 2012, the US Federal Trade Commission shut down six Indian tech support companies which had conned people across the US, UK, Australia and Canada, raking in millions of pounds since 2008. Half of them had been operating from Banerjee’s own city of Kolkata. Banerjee was far from alone in wanting to denounce his former employers. Since February 2017, when I began researching such scams for The Hindustan Times, dozens of current and former scammers across India have revealed the names and details of their companies to me. ‘These days, in Dehradun, there are many tech support scams going on. I know all the places in Dehradun,’ one such whistleblower told me. ‘I’ve worked for Live Technician in Jaipur, and the same company operates from Noida, Mohali and Dehradun,’ emailed another. ‘Everywhere I went, I found these types companies, from Gurgaon to Noida and Delhi,’ one contact – who’d spent years in the industry – told me. ‘Every second company in Noida is running a tech support scam,’ confirmed another former call centre worker.
Tech Support Scam Agents
Who are the scam callers? India’s tech support scammers are drawn from its vast pool of English-speaking and computer-savvy youth. Lacking conventional employment, they find themselves plying this dubious trade. The numbers are compelling. Of India’s population of 1.3bn, a third are aged 35 or below. The economy may be growing at 7% a year, but jobs can still be scarce. A million Indians enter the job market every month, but only a tiny fraction find formal employment. That’s why many get sucked into India’s ever-expanding economy of fraud. Huge amounts of money are assured, but the true working conditions prove to be far from rosy.
Every tech support scammer I spoke to had followed a similar pattern. Fresh out of college, they placed their CVs on popular job websites and were contacted by ‘placement agents’ who directed them, for a commission, to obscure technology companies conducting murky business.
Lure of the money
The promise of lucrative incentives tempted many of the people we spoke to. The job-seekers were immediately hired at a respectable entry-level of salary of £250-£350 per month. Some cited commissions of Rs 1,000 (£12) for every £1,000 they earned their company.
‘A genuine job won’t even pay you a monthly salary of Rs 10,000 (£116), said Gaurav Dalmiya, who worked at Live Technician in Noida, a suburb of Delhi. ‘Freshers are hired immediately, if they speak good English. They soon become addicted to easy money,’ said Sanjit Sohni, who also worked at Live Technician, but in the north Indian city of Jaipur.
Only on their first day of training would they learn that their job was to scare foreign computer owners into buying worthless security services. At their training, new recruits are brought up to speed quickly on how to pull off the scam. They are handed a script and made to listen to recorded calls, to help understand the accents of potential victims. ‘In 10 days, I learned everything. Then, for the next 10 days, I rehearsed the script with my more experienced colleagues,’ said Dalmiya. He estimates at least 50 tech support scam centres to be running in Noida’s corporate network.
Tech Support Scam Victim 
Some of the support scammers I spoke to told me that, initially, they’d worried no one would believe the lies they were expected to peddle to overseas victims. ‘If there is a problem in your computer, how would I know about it? Why am I calling you from Microsoft? Microsoft is a computer manufacturer, it doesn’t make calls to its customers about viruses,’ Shantanu Banerjee remembers, thinking back to his first day on the job. But their confidence in the method was revived every time a victim fell for it. ‘If it’s an older customer, then there’s a 90% chance of a sale. If it’s a UK customer, then 100%,’ said Dalmiya, who told me he had to scam at least 10 people a day to meet his $5,000 monthly target for the company. The closer they get to the psyche of their potential victims, the easier their job. Callers have to adapt to regional differences, too. ‘Unlike US customers, those in the UK don’t care for friendly small talk. All they want is for your English to be perfect. You show some respect, you tell them they need to upgrade their firewall, and they will say, “go for it”, and you are in,’ says Dalmiya. ‘UK customers are usually very rich. Old ladies start crying the moment you tell them that there’s a problem with their computer, so you have to proceed delicately,’ according to Aman Sivaram. ‘Most people who get pop-ups are doing something wrong – eg porn. So, we show the customer his browsing history, tell him that his computer is full of problems, and offer to clean it for $500,’ Sivaram says.
Advanced deception
Once they know how to pull off the basic script, the scammers feel ready for all kinds of deception. ‘I used to tell people that their emails were hacked by someone in Russia,’ said Gaurav Dalmiya. Another former technician, Ramesh Pandey, told me he dealt with people needing help after forgetting their Facebook logins. ‘A representative [pretends] he is a Facebook expert and would help the customer, and, in order to do so, he would need to take remote access. Once he gets that, he goes ahead and runs a diagnosis.
Then, the scare tactics start. If the customer refuses to pay, even the FBI is mentioned.’ Big money at the top ‘They said they will kidnap me if I asked them for my salary.’
The support technicians make good money by Indian standards. But, it’s their bosses who are truly raking in the cash. The scammers I spoke to seemed staggered by the amount of money the call centres can make. Some scammers estimated the average monthly haul to be anywhere from £4,000 to £15,000. Others believed it was even more. ‘Just by conning gullible US or UK customers, the company averages $1,000-$1,200 on an OK day, and up to $20,000 on a good day,’ said Pandey.
At some point, though, they realise that no matter how well they know the tricks of the trade, they are unable to meet their company’s escalating sales targets. ‘They have a revenue expectation for every call, and each is reviewed against that expectation,’ says Aman Sivaram. The companies may pay Rs 300-400 (around £4) for every scare-mongering pop-up they place on websites, and they push staff hard to recover such costs. Bullying tactics against staff appear rife in the industry. Incentives are held up, salaries delayed, and punishments meted out – a trend I gathered from story after story that the scammers told me. ‘If you failed to achieve even a single sale, they would extend your shift by two hours. Total slavery. Or, they would make people stand up and raise their hands,’ one call handler told me. ‘They tell you that you can’t go home even after your shift if you haven’t made three sales of $99 each,’ said another. In a darker example, one source told me that, ‘They said they will kidnap me if I asked them for my [pending] salary.’
Luxury for the masterminds
The founders of these companies come across as elusive figures who cultivate an aura of grandeur among their staff. ‘These people have a lot of money, they have contacts in high places, and they have arrangements with the police,’ Shantanu Banerjee told me. Most office-level scammers never get to meet their ultimate bosses. But, they are in awe of the lifestyle the self-professed ‘entrepreneurs’ flash in their Facebook photographs: luxury cars, late-night parties, exotic holidays, beautiful women. Between begging for their own salaries and craving the good life seen in these photos, many scammers realise that, like their victims, they, too, have been fed lies.
Guilty conscience
Some leave the profession with regrets about their past actions, and the victims they left in their wake. ‘What we did was wrong, because the software we sold people is freely available on the internet from Microsoft and others,’ said Aman Sivaram, a former support caller. ‘I am still unemployed, but would rather remain this way than to barter my integrity,’ Ramesh Pandey told me.
Others show no such signs of remorse, and leave the companies to launch their own scam outfits. Anshul Garg tells me he slaved at several call centres before joining a group of disgruntled employees to start their own tech support scam. It doesn’t take much to run a tech support scam, after all: a few tech-savvy people, a rented room, some phones, computers with basic software, and an international bank account.
While these scams remain such a thriving industry in India, consumers in the UK will be at risk. It’s more important than ever to be vigilant to such threats. The names in this report have been changed to protect the identities of those who have helped with this investigation.
Live Technician
A number of sources told us that they had previously worked for a company called Live Technician. We asked Samay Vashisth, CEO of Live Technician, to explain the conduct of his business, in light of the allegations made by its former staff, and following our own calls to its agents. No reports of physical threats had been made to us by any former Live Technician staff, but Vashisth confirmed that many staff salaries had gone unpaid. Vashisth denied his company made fraud support calls. ‘We do genuine business where people search for problems and call us and we sell our packages to them,’ Vashisth told us. ‘Then, we provide genuine service year after year.’ Vashisth said the tech support side of his business had been largely closed down, and it no longer dealt with UK customers.
We explained that we had recently called Live Technician, posing as a UK customer, and had been pushed pricey four-year support. His biography on the company website sits below effusive descriptions of how it provides ‘world-class technical assistance to consumers’. ‘We have a quality control team and we don’t sell anything forcefully,’ he told us. ‘A few agents may do this to get higher incentives, but they get punished if we find anyone doing this.’

We are the Cyber Champions

The certification of 21 new Cyber Champions has followed an event staged by Nuneaton & Bedworth Neighbourhood Watch Association (N&BNWA). All are active volunteers in their own localities serving their neighbours by helping protect them from harm.

When it first started in 982 its focus was very much on enabling neighbours, by banding together and working closely with their local police, to protect themselves from the impact of threats such as burglary, criminal damage and vehicle crimes. How things have changed! Although those original threats have not gone away the greatest current threat is cybercrime.

Responding to this developing threat began in earnest by N&BNWA followed a challenge issued at its 2015 AGM by then Deputy Police & Crime Commissioner Dr Eric Wood – “…… and what are you going to do about it?” We began by making use of DISC (Database & Intranet for Safer Communities) to improve the efficacy of our communication network.

This was followed in 2016 by the organisation, in conjunction with NW colleagues from across Warwickshire, of a Combating Cybercrime Conference. Its aim was that each of the five district NW associations would be able to develop and implement and effective action plan.

By early 2017 N&BNWA had developed and adopted a Combating Cybercrime Policy supported by an operable, rolling action plan. Alert messages and advisory cybersecurity information items are posted regularly on DISC, on Twitter @NunBed and on website www.nbnwa.net Very recently the launch of a Nuneaton wide network of interlinked, closed Facebook groups has considerable enhanced capability to successfully deliver the Combating Cybercrime Action Plan.

And following the Community Champion’s event, so excellently facilitated by Warwickshire County Council Cybercrime Advisor Sam Slemensk, N&BNWA now has a cadre of up-skilled volunteers to support the delivery of the action plan

Time-limited travel deals: No need to hurry – Which? News

The ‘bargain’ package holidays that drop in price after the sale ends By Jo Rhodes 30 Dec 2017 Share on Facebook Share on Twitter Share by email A Which? Travel investigation has revealed that misleading ‘hurry deals’ could be duping travelers into paying hundreds of pounds over the odds for holidays. The time-limited promotions – advertised in national newspapers and circulated by email – promise consumers bargain prices if they book their package holiday or cruise before the cut-off date. However, when we tracked the deals over three weeks in July and August 2017, we found that in 16 out of 30 cases the price was the same – or even cheaper – after the sale had ended.
What’s the hurry? Many of the ads urge travelers to ‘hurry, book now’ and use online tactics, such as ticking countdown clocks, to create a sense of panic in the buyer. Popular holiday companies could be in breach of the Consumer Protection from Unfair Trading Regulations (CPRs) if a retailer’s actions can be shown to be misleading, and likely to cause the average person to rush into a buying decision they wouldn’t otherwise have taken.
Luxury resort chain Sandals was offering a seven-night all-inclusive break to Jamaica for £1,465 per person in its Summer Mega Sale. ‘Save up to 60%… Hurry! Only one day left,’ the strap-line read. However the day after the ‘sale’ ended, the price dropped by £50 per person – and continued to run for another week – so no need to hurry after all. The travel company seemingly runs 60%-off promotions back-to-back under various guises, adding another seven days to the countdown clock.
A spokesperson for Unique Caribbean Holidays Ltd, the UK tour operator for Sandals, told us the company does not intentionally pressure sell or create false book-by dates, and that all its packages are fairly promoted to the customer. It added: ‘We clearly state our sale terms and conditions on our website, which do not breech any advertising guidelines, and in turn do not mislead our customers.’
Similarly a Virgin ‘Holiday Sale’ promoted seven nights at Florida’s Coco Key Hotel from £792 per person if booked by 17 August. ‘Won’t last forever,’ the banner read. On 18 August – a day after the sale had ended – the same package on the same dates had dropped to £677 per person – a £230 saving for two people sharing. A week later the package crept up to £682 per person, but was still considerably cheaper than the ‘sale’ price. A Virgin Holidays’ spokesperson told us that it would never intentionally advertise anything misleading. It added: ‘We are always looking to secure the best possible value for our customers – and should we be able to obtain better offers from our suppliers, these savings will be passed on to benefit the customer.’
Other questionable deals included a lastminute.com stay at a Paris hotel with flights. The day after the promotion ended, the price dropped from £139 to £126 – and this lower rate was still available a week later. Other deals saw prices yo-yo. Two-nights at another Paris hotel was £404 in Expedia’s ‘flash sale’. After the promotion ended, the break went up to £628 – only to drop again a fortnight later when a new 40% off promotion ran. This time the same stay was available for £382 – £22 cheaper than the original ‘sale’ price.
Sale extended Extended sales were also common. We found Inghams Italy offering discounted trips to Capri, Milan and Puglia until 4 August. But the expiry date was pushed back twice, meaning the same prices were still being advertised a month later.

A Kuoni ‘special offer’ also continued to run after the deadline, meaning an all-inclusive holiday to Jamaica dropped by £200 per person the day after its initial sale ended. Kuoni and Inghams said they have reviewed how they promote offers as a result of our findings, which we have shared with Trading Standards and the Advertising Standards Authority.

Read more: https://www.which.co.uk/news/2017/12/time-limited-travel-deals-no-need-to-hurry/ – Which?

ource: Time-limited travel deals: No need to hurry – Which? News

Beware of “Rbauxx” – it is a Fake RayBan Sunglass Selling Website

Beware of "Rbauxx" - it is a Fake RayBan Sunglass Selling Website

The website “www.rbauxx.com” is another untrustworthy online store claiming to sell RayBan sunglasses/eyeglasses, which online users are advised to stay away from. Persons who shop on the untrustworthy website run the risk of their personal, credit card and other payment processing information getting stolen by cyber-criminals and used fraudulently. They also run the risk of receiving counterfeit goods. Therefore, we do not recommend purchasing or visiting the website “www.rbauxx.com”. Persons who have already used their credit cards on the fraudulent website should contact their banks or credit card company immediately for help.

RayBan Sunglasse at www.rbauxx.com

Rayban Store – Discount Rayban Sunglasses $19.99. Just Today Free Shipping And Free Returns Order Over 3 Piece.

The cybercriminals behind the fake website will use another website and change the name, once the current website has been taken down. So, look out for similar fake RayBan Sunglass selling websites.

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward malicious or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Source: Beware of “Rbauxx” – it is a Fake RayBan Sunglass Selling Website

Is your tumble dryer dangerous?

Tumble dryer manufacturers have launched a massive fire safety repair campaign following reports of faulty tumble dryers catching fire. Is your tumble dryer at risk of causing a fire, and what should you do about it? Whirlpool – the manufacturer of popular UK home appliances – embarked on a nationwide repair campaign in spring 2016 following reports of problems with tumble dryers causing house fires. Now MPs on Parliament’s Business Committee have said that manufacturers’ responses to product defects has highlighted flaws in the UK’s product safety regime.

Whirlpool says that around 5.4 million potentially faulty tumble dryers were sold in the UK between 2004 and 2015, and there have been reports of families left homeless following fires caused by faulty tumble dryers. You can take action to check if you are one of the millions potentially affected by a faulty tumble dryer, and prevent the risk of a house fire.

Why is Whirlpool fixing tumble dryers?

Whirlpool has launched a national repair scheme to fix the faulty tumble dryers. Whirlpool says it has contacted 4 million customers directly to ask them to check for a faulty tumble dryer.  If the tumble dryer is faulty, Whirlpool will send an engineer to visit to repair the faulty tumble dryer for free.

What is causing the tumble dryer fires?

In some cases, fluff can come into contact with the heating element in the tumble dryer and potentially cause a fire according to Whirlpool. It says such cases are rare, but affected models will require repair.

What brands are affected?

Whirlpool owns a number tumble dryer brands and there are several that pose potential fire hazards. Affected brands are Hotpoint, Indesit, Proline, Swan and Creda. If you own a tumble dryer sold in the UK from one of those brands between April 2004 and September 2015, you need to check if your tumble dryer needs repairing.

How can I check my tumble dryer?

Whirlpool has launched two online tumble-dryer model checkers – one for Hotpoint and one for Indesit. These also cover the Creda brand. You should visit the website and follow the instructions, entering the model number and serial number of your tumble dryer. You can usually find the model number and serial number on the frame inside the door. Alternatively, Whirlpool has set up a tumble dryer helpline that you can phone on 0800 151 0905 to get advice and check if you have a faulty tumble dryer.

What should I do if my tumble dryer is affected?

If you have a faulty tumble dryer, you’ll be able to arrange for an engineer to visit and repair the tumble dryer. Customers are being dealt with on a first-come, first-serve basis, and can currently expect a resolution within one week of contacting Whirlpool. While waiting for a repair, Whirlpool advises that you can continue to use the tumble dryer but that it should not be left unattended when in use. You should also clean the fluff and lint filter between each use to prevent the build up of potentially fire-causing debris.

If you are concerned, contact the Whirlpool advice line on 0800 151 0905.

Cybercrime: £130bn stolen from consumers in 2017, report says

More than a quarter of cybercrime victims believe they are safe from future attacks.

Of the 978m global victims of cybercrime last year, 17m were Britons targeted by phishing, ransomware, online fraud and hacking. Hackers stole a total of £130bn from consumers in 2017, including £4.6bn from British internet users, according to a new report from cybersecurity firm Norton. More than 17 million Brits were hit by cybercrime in the past year, meaning the nation, which accounts for less than 1% of the global population, makes up almost 2% of the 978 million global victims of cybercrime and almost 4% of the global losses. The losses were more than just financial. Each victim of cybercrime spent, on average, nearly two working days dealing with the aftermath of the attack.

But Norton warns that cybercrime victims are not doing enough to protect themselves online. The report found that they are more than twice as likely as those who haven’t fallen prey to cybercrime to share passwords to online accounts with other people, and almost twice as likely to use the same password for all online accounts. What’s more, a surprising number of cybercrime victims – more than a quarter – believe they are safe from future attacks.

“Consumers’ actions revealed a dangerous disconnect: despite a steady stream of cybercrime sprees reported by media, too many people appear to feel invincible and skip taking even basic precautions to protect themselves,” said Nick Shaw, Norton’s general manager for EMEA. “This disconnect highlights the need for consumer digital safety and the urgency for consumers to get back to basics when it comes to doing their part to prevent cybercrime.”

The head of the UK’s National Cybersecurity Centre warned on Tuesday that it was a matter of “when, not if” Britain would be hit by a major cyber-attack, capable of disrupting critical infrastructure or the democratic process. “Some attacks will get through. What you need to do [at that point] is cauterise the damage,” Ciaran Martin said.

Protecting Our Digital Streets from The New Cyber Mafia

Cybercrime has become the biggest threat to digital information, causing reputational and financial damage to businesses and consumers around the globe. The pace at which cybercrime has evolved since the 1980s is a concern for businesses that have become increasingly dependent on computers to house sensitive and proprietary data.

According to Malwarebytes’ latest report, “The New Mafia: Gangs and Vigilantes,” this new mafia, a technologically advanced type of traditional crime taking place solely online, has caused close to a 2,000% increase in ransomware detections since 2015, rising to hundreds of thousands of detections in September 2017 from less than 16,000 in September 2015. The structure, execution and malice of this type of crime are reminiscent of the mafia criminal organizations throughout history.

The Rise of Cybercrime

Cybercrime has emerged from a burgeoning threat to a global epidemic, inflicting immeasurable damage to businesses and individuals. The 1980s became the decade in which computer crime skyrocketed. Criminals began using their tech knowledge to pirate software, create viruses and steal personal information. In the 1990s, online financial crimes grew significantly, most notably with the theft of more than $10 million from Citibank by Russian student Vladimir Levin. The shift to mainstream consumer use in the early 2000s saw the occurrence of spam emails take root. In 2002, 29% of all emails were spam; by 2008-2010, 90% of all emails were spam.

Today’s cybercriminals have created more sophisticated and well-organized modes of attack. Ransomware attacks in 2017 through October surpassed total figures for 2016 by 62%. And the average monthly volume of attacks is up 23%. These figures show just how quickly the methods of cybercrime can evolve and how problematic they can become through the rise of new tactics, techniques and even gangs.

Emergence of The New Gangs

Hacking transformed the way criminals located and attacked their victims through the 1980s and 1990s. In the early 2000s, criminals started to take notice of the success of global cyberattacks, leading to the emergence of four cybercriminals groups: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire.

Traditional gangs are the internet’s version of organized crime gangs: They provide illegal and/or stolen goods online. State-sponsored attackers aim to steal information and disrupt political activity, all while becoming increasingly interested in corporate theft and sabotage. Ideological hackers gather classified information and leak the data to destroy the credibility of governments or other high-profile organizations, acting under the guise of moral and ethical duty. Hackers-for-hire are akin to paid guns for hire, operating in a highly retail-oriented manner with an emphasis on customer service and reliability.

Fighting Back: Consumers as The New Vigilantes

Acknowledgement of cybercrime needs to shift from victim shaming to empowering. Individuals need to feel encouraged to share and act rather than be silenced by fear. Cybercrime is relatively new so consumers can often feel hopeless since there is little legislation to protect those that have been victimized. As industry leaders fight back against cybercrime, consumers must feel empowered in their own threat knowledge so they can recognize and prevent possible attacks.

Technology will only become more prevalent in our lives as innovations such as the internet of things (IoT), machine learning and automation arrive. Undoubtedly, these mediums will spawn the next generation of cyberattacks. However, individuals and businesses can do something about this: The confidence of consumers and businesses to identify and report cybercrime will reduce the proliferation of cyberattacks.

To succeed against cybercrime, mindsets must change. Individuals must be encouraged to share information and take action. Without accepting, sharing and learning from our experiences, these groups will continue operating in the shadows.

Inside the murky world of Facebook scams – how fraudsters are using famous faces to con people out of cash

More than 1,600 victims lost £342 on average after being duped on Facebook last year. Millions of us don’t think twice about logging-on to Facebook to chat with mates and catch-up with family. But between the pictures of our friends and family there is a lurking danger to you and your cash. Facebook scammers are using celebs to trick you into giving away your cash. Fraudsters and crooks are after your money – and they are using ads featuring celebrities to tempt you into giving it away.

Figures released exclusively to The Sun Online show 1,639 scams were reported to Action Fraud in 2017, with the majority of those related to online shopping. Victims on average lost £342 but in 24 cases Brits reported being scammed out of more than £10,000. What’s more these figures are just based on what’s reported to Action Fraud, so it’s likely there could be countless more victims who have been duped. In October, the Advertising Standards Agency (ASA) banned three Facebook ads from two separate companies, one which offered financial advice and the other a PPI claims firm – all three used his face.

One household name who has tried to take on the crooks is MoneySavingExpert’s Martin Lewis. The popular money expert, who also stars in his own TV show, The Martin Lewis Money Show on ITV since September 2012, has built his reputation on the public trusting him but he has been left horrified that his image has been used on a number of Facebook and other social media scams. He told The Sun Online: “Frankly, I would warn anyone to be careful about sponsored posts on Facebook.

ONE Sun Online reader last month told how he feared he had been scammed for £100 by a promoted Facebook advert. Roy Thomas, 60, said he paid for an ebike after spotting an advert from a company called Dic Space. He paid £98.99 in a “sale” but it still hadn’t arrived after more than 30 days – and hadn’t been able to get hold of the company. He told The Sun Online: “It had looked like a bona fide company, and it looked very professional. It all looked good but after seven days it still hadn’t arrived. In effect, they don’t give you any actual details of the company that is going to be delivering the item, or anything to go off with that, so you can’t contact anyone. I’ve tried contacting the company but never received one bit of contact from them again. I had sent them an email saying I could pick it up, but it fell on deaf ears. It is the wild west where there are legitimate adverts and scores of illegitimate ones, ranging from the slightly misleading to ones which are outright scams and theft.”

Mr Lewis said the ads had caused people who trust his advice to lose money, sometimes thousands of pounds. Calling on Facebook to do more to stop the fake ads, he added: It’s outrageous. I can’t sleep at night knowing that people are being scammed off the back of my name – the opposite of what I am supposed to be doing. People think there must be a way to control it but con merchants don’t give a monkeys about that. We’ve reported these ads countless times and eventually they are taken down but it can take weeks and millions of people are seeing this and something needs to be done.”

And it’s not just Mr Lewis who has been used by scammers. Richard Branson’s image has also been used, this time for a Bitcoin scam

Just this week, Richard Branson’s image appeared on a get-rich-quick scheme ad dealing in Bitcoin. The ad linked through to a fake CNN page, which in turn went through to a scam site wrongly promising users they can win free Bitcoins.

Senior Tory MP Damian Collins, chairman of the Digital, Culture, Media and Sport select committee, slammed the ad. He said: “Fake adverts displayed on social media platforms are a real problem, and one that the social media companies must tackle.”

In response to Mr Lewis, a Facebook spokesperson told The Sun Online: “Adverts which are misleading, false or infringe on third-party rights are in violation of Facebook’s ads policies, and we remove them as soon as we become aware of them. The ads that were previously reported to us by Martin Lewis have been removed and the relevant accounts disabled.”

Last year it also announced it was adding 3,000 extra staff members to make sure it can respond to reports of misleading ads more quickly.

If you see a dodgy scam online, or you are a victim, you should contact Action Fraud by using its online reporting tool or calling 0300 123 2040.

 

Lock Snapping & How to Prevent It

Lock Snapping is a method used by home invaders which involves snapping a particular type of lock cylinder, allowing the burglar to quickly and easily gain access to your home. If the right amount of force is applied to the cylinder, it can break and give access to the locking mechanism.

Lock Snapping has become more common over recent years as it requires no special tools or expert knowledge, just the force of a hammer, mole grips or anything else that can physically grab and take hold of a cylinder is enough to gain entry. Many readily available videos’ online show the shocking force, speed and ease of the technique that burglars are using to break into homes up and down the country. One online video that we’ve seen shows how burglars will gain access to a cylinder even if it isn’t protruding from the handle. In this case the handle is shown literally being ripped off the door, the cylinder exposed, and the locking mechanism compromised using household tools such as a hammer and screwdriver.

A recent short tv documentary showed how a former burglar, without previous experience of snapping locks, could use this method to gain access to a property within 40 seconds, even he admitted how shocked he was at the ease and speed of gaining access, he said that an experienced lock snapper could probably gain access in as little as 13 seconds [Lock Snapping Video]. Another former burglar admitted that even if he had the best lock picks in England, he would rather snap the cylinder because “it’s simpler and easier”.

Police have said it’s estimated that around 22 million doors throughout the UK could be at risk from lock snapping where the lock cylinder can be broken in seconds.

 

What Locks Are at Risk

Key locks that are at risk of lock snapping are those of Euro Cylinder profiles, and locks that extend beyond 3mm of the handle. The further the lock cylinder protrudes from the door the more prone to tampering it becomes as it is easier to grip and take hold of, but even if a lock cylinder doesn’t protrude from the handle it still isn’t immune to tampering.

ASB Anti-Snap Locks

Locks that are of a TS007 3 Star standard (also known as ‘anti-snap’ cylinders) are locks that meet the requirements to withstand lock snapping attempts.

Anti-Snap cylinders have a ‘snap-off’ section integrated which will come away if a burglar was to try and snap the lock, making the cylinder shorter, thus making it more difficult to grasp. With the help of built in grip defenders it makes getting hold of the cylinder even harder. Not only that but anti-snap locks have a hardened bar which won’t snap, it will only flex making snapping almost impossible.

Check that your current locks do not over extend. If they appear vulnerable you may want to consider having them replaced or replacing them yourself. Fitting them yourself is relatively easy, takes little time and requires no specialist tools.

Replacement costs

Upgrading to an ASB lock by a reputable locksmith will cost you £100 to £150 for a single door. Replacing more than one at the same time reduces the cost per door.

If you are prepared to buy the replacement cylinders off line and DIY it will cost you £35 to £45 per door.