Category: information

Paypal Security Warnings

The title of the email is “Important Update: Upgrade Your Browser”

The message starts with a warning in large letters.

Action required to continue accessing PayPal.co.uk.

This could easily be a scammer’s email trying to get you to click on a link supposedly to PayPal but in fact to a scammer’s page.

However, these warnings are real. The email is from PayPal and the links are to PayPal pages.

Why the warning?

There is a standard called “The Payment Card Industry Data Security Standard (PCI DSS)” and it is an information security standard for organizations that handle credit cards from the major card schemes.

They have upped their security requirements from 30th June 2018 and payment takers including PayPal want to meet that new standard.

The message from PayPal says upgrade your browser but you have to click to get more detailed information on what needs to be changed.

PayPal want to ensure everyone using PayPal in the UK uses TLS 1.1 or better still TLS 1.2 rather than the original TLS 1.0 in their browser. TLS is about how the data is encrypted.

How to Upgrade

This is different for each browser but for Chrome means going to Settings then System then Advanced then finding TLS on the list and ensuring only TLS 1.2 is enabled and TLS 1.0 is off.

The PayPal messages contain links for detailed information on each browser.

How to Check Your PayPal Email is Genuine

Scammers will notice these emails going out from PayPal and likely try to replicate them but with links to their own fake pages.

  1. Check the email is from PayPal.co.uk and not any other domain
  2. Check the links do go to PayPal pages (hover the cursor over the link to see where it will go)
  3. You don’t need to login to anything to make the changes as it’s just the browser settings you will change.
  4. Do I have to follow PayPal’s instructions? Only if you want to keep using PayPal payments.

Stay Safe

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A 2016 survey of 428 businesses that have suffered cyber-attacks in the previous months.

You can see from the statistics above for 2016, that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

The State of Scamming in Australia

Government statistics show that 161,528 reports of scammers were raised with the Australian Authorities in 2017, of which 8.7% involves financial loss.

Total lost estimated to be $90 million.

The biggest chunk of this was to investment scams (approx. $34M), then dating and romance scams (approx. $22M), then business and employment scams (approx.$7M).

Following those were advance fee fraud, buying and selling scams, false billing, inheritance scams, remote access scams, threats to life and finally betting scams.

The age group that lost the most money was the over 65s.

The most common scams reported are:-

  1. Phishing
  2. Identity theft
  3. False billing
  4. Lottery scams
  5. Buying and selling scams
  6. Rebate scams
  7. Remote access scams
  8. Advance fee Fraud
  9. Threats to Life
  10. Online Shopping Scams

Beware of those scammers.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

 

Hacktivism

Hacktivism (a portmanteau of hack and activism) is the subversive use of computers and computer networks to promote a political agenda or a social change. Its ends are often related to the free speech, human rights and freedom of information movements.

Opinions differ as some people believe hacktivism is a growing force and will become more active and take on bigger challenges. But, others believe it is a spent force and will die away slowly over the coming years.

Mr. Robot

“Mr. Robot” is a TV series that tells the story of hacker Elliot Alderson  and his role in an anarchist collective called “fsociety,” whose followers wear masks that resemble “Rich Uncle Pennybags” from the Monopoly board game. Mr Robot is now making its fourth series.

The series was inspired by a notorious computer hacker named H who has gone from trying to bring down the authorities — to working for them.

As a key member of the hacking group known as Anonymous and a founder of its elite “LulzSec” unit, Hector Monsegur helped launch cyber attacks on government and corporate targets including the US Senate, the FBI and major credit-card companies.

But when he was arrested in 2011, Monsegur — known online as “Sabu” — began secretly cooperating with an investigation that led to a wave of arrests across the US, Great Britain and Ireland.

Today, Anonymous still goes by the motto it unveiled in 2009: “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”

Hector Monsegur

But Monsegur, 35, says society has little to fear from the online anarchists in Guy Fawkes masks as “Anonymous is irrelevant.  “All it is now is a figment of hipsters’ imagination.”

Monsegur pleaded guilty to seven felonies as part of his deal with prosecutors and spent nearly eight months in Lower Manhattan’s infamous Metropolitan Correctional Center before being sentenced to time served in 2014.

The following year, Monsegur, landed a job working remotely as a “white-hat hacker” for Seattle-based Rhino Security Labs, helping companies identify vulnerabilities in their computer systems.

He admits that in comparison to what he used to do before, it’s not the same kind of thrill.

The article at http://www.fightbackonline.org/index.php/guidance/12-explanations/108-is-hacktivism-a-force-for-good has more information on Hacktivism.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

GDPR Shutdown for Some American Companies

The start date for the General Data Protection Regulation(GDPR) was 25th May 2018 and almost all business and other organisations affected were well prepared.

But some went a little mad instead.

The GDPR rules are intended to give consumers more choice over how they are communicated with, better protection of data held by organisations and more openness in the communications.

But, dozens of websites shut down their activities completely, others insisted users agree to new terms of service, and everyone’s inboxes have been flooded with emails begging them to agree to stay on mailing lists.  Quite often the emails have been from companies we didn’t even know had our details.

Margot James, the digital minister said that businesses would now have to prove they had been given permission to use an individual’s information, including contact details.

“Except in certain, limited instances, organisations now must demonstrate they have our explicit consent to process our sensitive personal data. Generally, we’ve also given greater control to the British public over how their data is used. No doubt like me you’ll have received a flurry of emails in recent weeks from the organisations currently holding your data, and perhaps some you weren’t even aware did, asking for you to re-submit this consent.”

Many American companies have been unsure what to do and opted for simply closing their websites to European users.

  • Instapaper has blocked European users
  • me says European users cannot use its products
  • com is blocking European users
  • The Los Angeles Times
  • The New York Daily News
  • The Chicago Tribune

A little planning would have removed the need for such precipitate action, but hopefully they will open their doors to Europeans again soon.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

Facebook Conversations Tested

The New Statesman Newspaper carried out an interesting experiment to test whether or not Facebook was listening in to people’s conversations.

Six staff members picked one or more subjects that are not part of their lives and which they had never searched for online or bought anything relevant to the subject etc.

Then they each read out a script (with their phone switched on) designed to point out these subjects in their lives and see if Facebook then started advertising relevant items to them.

The subjects were things such as a vegetarian chatting about her desire for Domino’s Meat Feast pizza.

The most interesting was a lady named Lizzie whose lines included “I just wish there was an app that would sort it all out for you… some kind of contraception app”. When she opened the Facebook app the following  morning, she was presented with an advert for Natural Cycles, the first app ever certified for contraception in Europe.

WOW.

However, there’s a psychological phenomenon called the Frequency Illusion (or the Baader-Meinhof phenomenon). It states that If you hear a new word or phrase for the first time and consciously have a conversation about it, finding out what it means, suddenly, for the next few days, you’ll see it constantly.

If someone says to you ‘when was the last time you saw a yellow car?’ you’ll see three in the next two hours.

For the other five people in the experiment (including the vegetarian), Facebook did not show anything even vaguely relevant to the subject’s spoken about. It’s just a statistical effect that some people will experience Facebook offering relevant and unexpected adverts at times that can seem spookily accurate.

Facebook are very clear that they do not listen in to conversations.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature