Scams / Online Security

First we need to identify the types of scams and potential dangers online.

We will show you the dangers and we will show you how to spot these potential dangers.

  • Phishing scams
  • Ransomware
  • Spyware
  • Adware

Phishing scams – “phishing” is a baiting technique – hence the name – used to obtain sensitive information, such as usernames, passwords, credit card details or even money by masquerading as a trustworthy source, such as social web sites, banks or online payment processors.  Phishing emails may contain links to fake websites infected with malware.  Hackers could create clone or copycat sites, where you are asked to fill in any personal information, which is then emailed to them.  At particular risk are social networking sites, such as Twitter and Facebook.  The risks are…

  • Being duped into paying excessive prices for official services, such as passports, birth/death certificates, driving licences, etc., which can be bought at the correct price from government department or local government site  

  • Being told that using a copycat site will make the process easier and quicker

To search and buy official services safely, take time to look for the official website by checking that it ends in ‘,gov.uk’, has the department, agency or council’s authentic logo and contact details and the prices are cheaper.  If you do opt to use an unofficial site, make sure the payment page is secure by checking that the address begins with ‘https://’ (the ‘s’ is short for secure) and there is a locked padlock in the browser window.

Ransomware – ransomware is computer malware that denies access to files by insidiously executing a cryptovirology attack, which adversely affects the computer and then demands a ransom payment to put it right.  Cryptovirology is the process whereby a field is created by the attacker using two keys, a public key for the malware and a private key outside the malware, to confuse the antivirus analyst; the public key allows the malware to perform one-way backdoor operations that only the attacker can undo.  The risks are…

  • Opening a malicious email attachment

  • Visiting a corrupt site, often of a pornographic nature

  • Clicking on malicious links in an email, instant message, social networking site or other website

  • Opening infected files from web-based digital file delivery companies

  • Opening corrupt macros in application documents such as Microsoft Word or Excel

  • Connecting corrupted USB devices

  • Inserting corrupted CD/DVDs into your computer

Avoid ransomware by not replying to, or clicking links within, spam/unsolicited emails from unfamiliar companies or individuals; only visiting website you know to be reputable; ensuring you have antivirus software and firewall running before going online and regularly backing up your data.

Spyware – is software, often built into free software, that aims to gather information about a person or organisation without their knowledge, that may send this information to another entity or assert control over a consumer’s computer without their knowledge.  Its aim is usually to capture passwords, banking credentials and credit card details and then send them over the internet to fraudsters.  Typically, spyware is installed when a user installs a piece of free software that they actually wanted.  Once it is installed, the spyware will “piggyback” on the installation, collecting data from the user’s activities.  The user can likewise be tricked into installing spyware through a Trojan horse, and also by it masquerading as free security software. It has been known for Spyware authors to pay shareware developers to bundle their own spyware with legitimate software, and also to repackage freeware and bundle it with their own spyware.  Drive-by downloading is another method employed to install spyware onto an unsuspecting user’s computer.  You can minimise the risk of unwittingly installing spyware by downloading only reputable software.

Spyware can be installed for reasonable purposes, such as parental monitoring or installation on corporate laptops to monitor the browsing activities of employees.  It can also employed by advertisers, who use cookies to collect browsing information for the purpose of target advertising for contextual marketing campaigns.

Adware – like spyware, (adware is sometimes referred to as spyware) adware is often built into free software, generating revenue via embedded advertisements that appear in pop-up windows or on toolbars browsers.  Adware usually includes code that tracks a user’s personal information and passes it on to third parties without their permission or knowledge.  

Adware that collects data with your consent should not be confused with Trojan horse spyware programs that collect information without your permission. If Adware does not notify you that it is gathering information, it is regarded as malicious – for example, malware that uses Trojan-Spy behavior.

HOW TO AVOID THESE THREATS

Warning signs to look for online

  • If they contacted you first or out of the blue ask yourself why?
  • Take a couple of minutes to really
  • If it seems too good to be true it normally is online
  • Always try to pay with paypal or a credit card rather than bank card even on sites that are 100% safe it gives you extra security and peace of mind.
  • If they are asking for a quick decision or limited time offer
  • Mobile number as a contact instead of a company landline is a huge warning sign
  • If you have won a prize in some competition you never entered
  • If you cannot find anything about a company when you Google it
  • If you are asked to provide personal information
  • If the email address for the organisation is from a free provider, like Yahoo or Hotmail
  • PLUGINS/ADDONS/EXENTIONS

Specific known scams

  • Cheque, Plastic Card and Online Bank Accounts (not PSP (Payment Service Provider))
  • Other Advanced Fee frauds
  • Other Consumer Non-Investment fraud
  • Online Shopping and Auctions
  • Dating Scam
  • Computer Virus/Malware/Spyware
  • Hacking – Social Media and  Email
  • Rental Fraud
  • Ticket Fraud
  • Unclassified (Includes all other fraud by false representation or obtaining services dishonestly, that are not covered elsewhere.)
  • Facebook ads payments via paypal


HMRC Email

  • HMRC will never send notifications of a tax rebate/refund by email.
  • It is always best to call them on a number you have yourself not the number given to you on any email.
  • Never click a link as that can automatically inject holes in your security.
  • Look for any spelling mistakes


PAYPAL Email

  • Paypal will never ask you to change your password
  • If you didn’t contact them directly they will not contact you.
  • Paypal will only ever send you a monthly summary of your transactions
  • Always go to paypal.co.uk yourself and login to see any change that are required
  • Never click links within this email

Fake websites

  • First thing to look for on any website is the Green padlock next to the address bar.
  • The green padlock indicates that the website is secure which is verified externally.
  • Along the side of websites, if you see a form that is actually a picture it is likely to be unsafe.


Fake product trials / Services

  • Similar to fake websites, however these will ask for your credit card or bank details
  • If it is a trial they do not need card details as it is FREE.
  • IF IT SEEMS TOO GOOD TO BE TRUE IT NORMALLY IS!

Pop Up Threats (on the internet)

  • Websites can not detect viruses on your computer as they do not have access.
  • Ignore all warnings saying that you need protecting close down the tab or browser.

Programs to keep you safe

  • Windows Defender (windows 8/10)
  • Malwarebytes Anti Spyware
  • Antivirus software