Category: Fight Back

Neighbour Hood Watch Crime Survey

Neighbourhood Watch logo

Throughout lockdown Neighbour Watch have been sending a short survey to their Associations across England and Wales every two weeks, asking them whether people in their area perceive that crime had gone up, down or stayed the same over the previous 2 weeks and what crimes people felt had increased or were more concerned about.

The results of each of the surveys were collated and sent to the Home Office to add a community perspective to the police recorded crime data they receive from police forces.

Initially most respondents (53%) reported that crime in their area had decreased since lockdown started. With people being at home the majority of the time there was a reduction in burglaries and in personal crime on the streets.

The types of crime that people felt were rising are fraud, car crime and thefts outside of homes.

Crime increased on driveways, in gardens and sheds, with thefts from and of motor vehicles and of garden furniture.

Fly-tipping increased significantly.

As time went on, antisocial behaviour was reported as a growing problem – perhaps due to young people unable to attend school and adults unable to work.

Drug-taking and dealing became more obvious as drug dealers and those buying from them were more noticeable.

Burglaries were taking place at the homes of key workers and their vehicles were targeted in car parks whilst they were at work.

As some of the lockdown restrictions were relaxed, concerns about antisocial behaviour started to rise further – litter and fires from barbecues at beauty spots, noise nuisance from neighbours and more people breaching lockdown rules.

So, basically crime continued throughout Lockdown although some types of crime reduced and some increased.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

 

Wayne and Jill Scambaiting

Every year tens of thousands of people in the UK are conned by online scammers, but it is not only the authorities taking action – “scam baiters” take the fight to the scammers.

Wayne and Jill are scam baiters. Jill explained her approach and some examples on a BBC Victoria Derbyshire programme.

“We waste scammers’ time, we waste their resources and we make them believe they are not as good as they think they are,” “Scammers are always going to be there but if we can take them down a peg and take a victim away from them any time we can, then we are doing something good,” says Jill.

The scam baiters often publish online their interactions with the scammers as a way of warning people.

The aim is for these to appear in search engine results, so potential victims will be alerted if they type in the scammer’s name.

The Scam baiters don’t make money from their actions – they do it to stop others being scammed. For Wayne, the motivation is simply the “buzz” he receives from knowing he can help someone.

Wayne’s Set-Up as a Scam Baiter

Wayne works under various aliases, mostly named after characters from his favourite children’s television shows of the past.

He often makes himself seem more vulnerable – and potentially gullible – by pretending to have recently broken up from a partner.

Both Wayne and Jill always wait to be approached by scammers, rather than seeking them out. Their names are on a so-called “suckers list” – effectively a database of people thought to be easy to con – which is passed around by scammers online.

The latest to get in touch is a man who emails Jill to say she has won the lottery in Africa. Pretending to be husband and wife, Wayne and Jill make a joint contact back, the aim being to waste the scammer’s time by arguing about which one of them gets the money. Surprisingly, Jill considers her biggest success to be the time she received a death threat from a scammer she had targeted.

“If you get a death threat you know you’ve really wound someone up. I had one scammer driving round Madrid for a day trying to find ‘Lynn’, who had gone to Madrid.

“Of course, I hadn’t gone to Madrid, I was in my front room. Jill tells it as a funny anecdote, but it underlines the seriousness involved.

“I take great care in protecting my online persona,” she says. “I bait with email addresses that aren’t traceable. I don’t use any of my real-life information. All of my characters are based somewhere hundreds of miles away from where I live.”

Click http://fightback.ninja/scambaiting-with-the-crown-prince/ for an example of Scambaiting.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

F-Secure ID Protection

Identity theft is where a criminal gets personal information on someone and pretends to be that person so they can take out credit cards, bank accounts, loan agreements etc. in that person’s name.

Identity thieves generally don’t care about the age of their targets as long as they are over 18 (so they can buy alcohol etc. with the fake identity) but increasingly the over-60s age group are being targeted.

www.f-secure.com/gb-en/home/products/id-protection

F‑Secure ID PROTECTION alerts you if your personal information appears in a data breach and gives you expert advice on how to prevent a data breach from becoming identity theft. The APP also protects your identity by offering a secure password manager.

F-Secure say that with a combination of human intelligence and dark web monitoring, they will be the first to know if your personal information has been exposed in a data breach.

If a data breach occurs and your information is exposed, they provide expert advice for each individual type of personal information.

To register for the service, you have to pay and you give them your email address which is what they monitor. They watch for any data breaches and check if your email address or other details have been exposed.

A data breach is where hackers gain unauthorised access to an organisation’s information which can include their customer’s data i.e. possibly your personal information.

It costs £3.99 per month or £26.90 per year to monitor up to 5 email addresses for data breaches.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

Protect Email Addresses on Websites

To build up lists of email addresses that can be sold to spammers and scammers, hackers run software that scans websites and looks for email addresses.

This is called email harvesting and is done on a huge scale.

The hackers typically scan websites, mailing lists, internet forums, social media platforms and anywhere else they can find email addresses online.

The characteristic format for an email address is [email protected] so it is simple for email harvesters to read web pages and look for the @ symbol as it seldom occurs anywhere on webpages except in an email address.

The harvesters can also check for unusual variations on that theme e.g. User[at]domain.com or User[AT]domain[DOT]com

How to Protect Email Addresses

There are a series of steps you can take to protect any email addresses on your website from being harvested. These range from the simple to seriously complex and which method you should use depends on how much of a problem you have with harvesting.

Method 1 – Replacing the email address with a picture showing the email address

Method 2 – Separate the Email Address From the Website

The email address can be in a redirect statement

Method 3 – Mask the Email Address

This can be done by using HTML encoding e.g. using @ replaces the @ sign.

All characters can be encoded in this manner which makes the address difficult for the harvesters to find.

Method 4 – Use Javascript

The address can be divided into several parts that are dynamically composed by the browser when the website is called up.

Method 5 – Use a Captcha

A CAPTCHA is a type of challenge–response test you can add to a website page to ensure it is being read by a person not by software.

These have become very common on many websites so most people are used to them now.

Method 6 – Use a Contact Form

Instead of posting an e-mail address on a web page, create a contact form. This can capture more information in a structured manner from the user and lets you hide the email address in a separate script file.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

US Catches Scammers on Instagram

Olalekan Jacob Ponle, known as “mrwoodbery” to his Instagram followers, flaunted his wealth, including a new Lamborghini he had in Dubai.

He was arrested by Dubai Police for alleged money laundering and cyber fraud.

A number of African criminals were caught in the dramatic operation, including 37-year-old Ramon Olorunwa Abbas, “hushpuppi” or just “hush” as he was known by his 2.4 million Instagram followers.

Police in the emirate say they recovered $40m in cash, 13 luxury cars worth $6.8m, 21 computers, 47 smartphones and the addresses of nearly two million alleged victims.

Mr Abbas and Mr Ponle were both extradited to the US and charged in a Chicago court with conspiracy to commit wire fraud and laundering hundreds of millions of dollars obtained from cybercrimes.

It is a spectacular crash for the two Nigerian men who extensively documented their high-flying lifestyle on social media, raising questions about the sources of their wealth.

They unwittingly provided crucial information about their identities and activities for American detectives with their Instagram and Snapchat posts.

Business Email Compromise Scam

The criminals used various scams including the 419 Advance Fee scam but the most lucrative was Business Email Compormise.

They are accused of impersonating legitimate employees of various US and tricking the recipients into transferring millions of dollars into their own accounts.

In one case, a foreign financial institution allegedly lost $14.7m in a cyber-heist where the money ended up in hushpuppi’s bank accounts in multiple countries.

The FBI affidavit alleges that he was involved in a scheme to steal $124m from an unnamed English Premier League team.

“The scammer would gather contextual details, as they watched the legitimate email flow,” explains Crane Hassold, Agari’s senior director of threat research.

“The bad actor would redirect emails to the bad actor’s email account, craft emails to the customer that looked like they are coming from the vendor, indicate that the ‘vendor’ had a new bank account, provide ‘updated’ bank account information and the money would be gone, at that point.”

They try to convince a recipient to wire money to the other side of the world or they go “phishing”, stealing a user’s identity and personal information for fraud.

Over Confidence

On Instagram, hushpuppi said he was a real estate developer, but the “houses” he talked about were actually codewords for bank accounts used to receive proceeds of a fraudulent scheme.

In April, hushpuppi renewed his lease for another year at the exclusive Palazzo Versace apartments in Dubai under his real name and phone number.

The FBI obtained records from his Google, Apple iCloud, Instagram and Snapchat accounts which allegedly contained banking information, passports, communication with conspirators and records of wire transfers.

I expect their many victims would be pleased for the criminals to rot in jail for a very long time.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Email Verifier Website

The website at (https://emailverified.org/) is very simple and has two services:-

  1. To verify an email address
  2. To check a phone number to see if it is an automated service (known as a robocaller)

There is no explanation on the website of how these checks are made – they are assumed to be checking the entered phone number or email address against industry blacklists, but that could be wrong.

You enter an email address and get either ‘Email is Valid’ or ‘Email is Invalid’ response with no explanation.

Or you enter a phone number and either get ‘Phone number is clear’ or ‘This phone number is a robocaller’ response.

The website also doesn’t state whether it does anything with the phone numbers and email addresses entered – maybe they are added to blacklists or maybe not.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature