What is Phishing?

First I will explain what Phishing is; Phishing is a way of fraudulently acquiring sensitive information, such as credit card, bank account, login details or any other piece of personally identifiable information by tricking users with official-looking email messages. They appear to have come from legitimate sources by the sender (thief) using official looking logos, company addresses, names and visual links in a hope that the recipient (you) opens the attachment or click on the rogue link to start the criminal activity (hack, infection by Trojan or malware).

What to Look Out For?

Here are a few clues on what to look out for when spotting a Phishing email.

1. Check where the email came from, examine the senders email address. It might have come from a public email address (i.e. xxx@outlook.com or xxx@yahoo.co.uk).
2. Look at bogus attachments, if it has a PDF, Zip or Word document attached doesn’t make it real or legitimate.
3. PANIC!, if an email has created a sense of impending doom if you don’t act TODAY! then be suspicious.
4. Links that sound correct can very easily be faked. This link for example should take you to our website www.rlscomputers.co.uk, when it actual takes you to the BBC website. If you are unsure NEVER click on a link and always visit the website site directly yourself.
5. Grammer is a major clue to Phishing email attacks, sometimes the dialect is a very obvious tell but can be over looked.

What Does a Phishing Email look Like?

I have collected some examples over time, so some of these are old but still lethal (some details have been masked for security reasons).

What Can I Do To Stop it?

You can’t stop all of it, but you can avoid a nasty outcome and reduce it down considerably by following these guidelines.

• Never send sensitive account information (PIN codes, passwords, account reminder phrases or mothers maiden name) in an e-mail message.
• Never go to a sensitive site through an e-mail link; always type the site name in your browser (such as www.paypal.com)
• Never open attachments from a untrusted or unknown source (this includes PDF and Zip files)
• Never share your passwords with anyone.
• If your bank requires verification, do it over the phone or in person.
• Verify any person who contacts you unsolicited, claiming to be customer support from a company (if they have to ask who you are, then they don’t know who you are)
• Always report fraud to the company that the thief is portraying to be or represent.
• SPAM / Junk block the Phishing emails, then delete them.
• Make sure you empty your SPAM or Junk folders and email bin frequently (I do it daily)!

Seek technical advice on this if you are not sure.

Contact
RLS Computer Services – IT Support
01553 776937
Email support@rlscomputers.co.uk

You can report scams to:

Citizens Advice Consumer Helpline 03454 04 05 06 or www.adviceguide.org

Action Fraud (UK’s National Fraud Office) 0300 123 2040 or www.actionfraud.police.uk

National Cyber Security Centre https://www.ncsc.gov.uk/guidance/phishing

What you are about to hear is a telephone recording of that conversation.

We recorded it to show people the tricks and techniques these people use to manipulate users to “Thinking” their PC is infected or faulty by showing them technical information on your PC that would scare you in believing that your PC is indeed faulty or infected with a virus.

View on YouTube: PC TELEPHONE SUPPORT SCAM

Also Read:

Beware Cold Calling IT Scams

Although this is a very clever scam, the malware is typically unsuccessful in actually locking computer files if the ransomware is caught and dealt with promptly by a professional. Unfortunately, all that has changed with a new piece of ransomware that is so severe it has been described as “game changing” within the IT industry.

Today I received a report that a client was infected with a piece of ransomeware called “Cryptolocker” that will first hijack your PC and at the same time begin to encrypt your most popular file types, like Word, Excel, jpg’s, PDF, etc. so you cannot open them. The process is executed in stealth mode and once the process is complete the screen is then hijacked with the following message.

The major twist is that unless you pay the ransom (normally around $300) there is no way to decrypt the files and THEY WILL BE LOST FOREVER.

How to catch it

Cryptolocker is spread through malicious hyperlinks shared via social media and spam emails, like fake UPS tracking and TAX refund notification emails. Once the attachment or link is opened, the computer becomes infected immediately, and the virus begins the encryption process.

Prevention Checklist

• Use a professional, quality antivirus software program (Like from Panda Security) and keep it updated daily and malware free.
• Keeping your operating system up-to-date with the latest patches. You should check if any updates exist for your system.
• For on-going protection, ensure that you are running effective and up-to-date security software and don’t turn off any obvious security measures (e.g. Firewalls)
• Make sure you keep back-up copies of important/precious files (documents/pictures etc.) which would be very hard or impossible to reproduce if they are lost
• Never open attachments or links in emails you don’t recognise or links in shared social networks.
• Scanning all files downloaded online – and only downloading files from trusted sources.
• After following the above steps you feel there is still a problem or if you are not sure what to do, seek further expert advice. Doing nothing could very easily cause you problems later!

What to do if I get infected?

If you are infected STOP don’t do anything more. Turn off your PC and contact us IMMEDIATELY and don’t be tempted to switch it on again until it is sorted.

Is there any way of getting my files back?

Sorry NO, unless you pay the ransom or you have a clean data backup stored in an offsite facility.

I will echo the advice of our Cybercrime Forensics Specialist Group:-

Seek advice on this if you are not sure – the worst thing to do is to do nothing.

Contact
RLS Computer Services – IT Support
0844 334 2020
Email support@rlscomputers.co.uk
or Like Us on Facebook

What is the problem or key issue?

Simple answer: parental awareness. How many times do we need to hear “I don’t know what they get up to…” or “They know much more about these things…”? However, it only takes a scare, whether public or personal, to start the realisation that your kids are at risk. In any one week two-in-five calls we receive relate to Internet risks, which means those computers are either unprotected or with inadequate protection for use by young children.

Here’s an example: we get a call from a parent who starts with a simple “My PC is slow, can you fix it for me…?” We collect the PC, and by analysing the problem find that it has been infected with a virus inherited through Messenger. When the issue is investigated further, and with the parents’ consent, we find well over 300 Messenger friends, the majority of which are unknown to the parents, with such bogus names as “sexy123” and “WillingIAm”, which leaves me in no doubt where these infections have probably come from.

To emphasise the point, we are not just talking about a few computer infections, we are talking about a sophisticated network of paedophiles who use web sites, emails and social networks to trap children into believing they are interacting with peers of the same age group.

“What can I do about it?”

First, pay attention to what your children are doing: if your computer isn’t already in a public area of the home, put it there or, if you use a laptop, get the kids to use it in the living room area or kitchen or wherever you are.

Secondly, heed the advice of the professionals: services like www.thinkuknow.co.uk have plenty of support and advice for keeping your children safe online.

Lastly, heed the advice of the IT professionals. As accredited IT professionals and members of Norfolk Trusted Traders, we have resources, software tools, advice and services — all tailored to protect the PC and your children.

If you would like help, or know what services we offer to help protect your PC, contact us at info@rlscomputers.co.uk

For more information

Think You Know – www.thinkuknow.co.uk

ITV “This Morning” – Crime week article

Adware or ADvertised supported softWARE are programs included with other programs that you download willingly off the Internet (all those freebie tools and programs); these have been produced by semi professional programmers and distributed by online distribution companies. As the programs are free the company distributing them have to make money some how, so they attach a little adware program to the download that produces banner ads or pop ups every time you go on the net, There are several large media companies that ask them to place banner ads in their products in exchange for a portion of the revenue from banner sales (this is perfectly legitimate and is normally made clear in the licence agreement, (the one you click through and don’t read…) however not all pop ups are caused this way and some can be through using particular websites. Not to be confused with legitimate websites offering you additional products or services, these unwanted pop ups can be caused by downloading and installing whilst you are on the net and usually without you knowing.

Now, Spyware is a completely different kettle of fish, spyware as the name suggests peeks into your computer to gather information. Distributed in a similar way as adware its purpose is to report back to HQ with information on your surfing habits, action carried out while browsing, pages visited, programs installed on your computer, etc the company might state that it’s for market research, but you can never be sure and as the program has the capability of capturing this information it makes users extremely uneasy regarding their privacy.

The latest problem with intrusion is “The Dialler” or “Rogue Dialler” this can be strongly linked to websites with an adult theme but not always necessarily and could cost you hundreds of pounds in phone calls. When you visit one of these websites you are asked if you would like to access a member’s area if you agree a dialler program will be downloaded and installed. This dialler program will then dial out on your phone on a premium rate number (anything from £1.50 – £15.00 per min) in order for you to gain direct access to their website.

The answer to this is simple don’t download it, don’t install it, if you need to download these types of programs read the licence agreement or terms and conditions first and see if it includes some kind of advertising clause or data capturing facility and if so, don’t install it or in the case of diallers just don’t install at all. Some serious spyware can be used to capture your sensitive information and as such many anti virus programs now protect against spyware, adware and dialler programs. For more information on internet use and security contact RLS Computer Services on 01553 776937.

By Rob Lucas

RLS Computer Services

More information can be found on the BBC News website