Category: information

The Phone-Paid Services Authority

https://psauthority.org.uk/

The Phone-Paid Services Authority is the UK regulator for content, goods and services charged to a phone bill.

Phone-paid services are the goods and services that you can buy by charging the cost to your phone bill or pre-pay account. They include directory enquiries, voting on TV talent shows, donating to charity by text, joke lines, chat lines, games or downloading apps on your mobile phone. They are referred to as premium rate services in law.

UK regulation is open, fair and robust, underpinned by a Code of Practice approved by OFCOM.

Ofcom. As the telecoms, internet and payments sectors continue to grow globally at an unprecedented rate, the Phone-paid Services Authority takes action to safeguard consumers and help cutting-edge providers of digital content and services to thrive.

Their vision is a healthy and innovative market in which consumers can charge content, goods and services to their phone bill with confidence.

The Mission of the Phone Pre-Paid Services Authority

To protect consumers from harm in the market, including where necessary through robust enforcement of our Code of Practice and to further their interests through encouraging competition, innovation and growth in the market.

They seek to do this through:

  • Providing clarity about the market for content, goods and services charged to a phone bill
  • Applying an outcomes-based Code of Practice
  • Delivering a balanced approach to regulation
  • Working in partnership with Government and other regulators
  • Delivering high standards of organisational support.

What are Phone-Paid Services and How Do They Charge You?

Phone-paid services is a generic name for goods and services that you purchase and are charged to your telephone bill or pay-as-you-go credit. Here are some examples of phone-paid services:-

  • Quizzes and competitions
  • Voting (e.g. X-Factor, Britain’s Got Talent, Strictly Come Dancing)
  • Charity donations (one-off donations or subscriptions)
  • Digital content (e.g. apps, in-app purchases, digital media,
  • one-off purchases or subscriptions)
  • Directory enquiries (e.g. 118 numbers)
  • Adult services (e.g. chat, dating)
  • Gambling

The job of the Phone Pre-Paid Services Authority is to look after the industry and ensure people are not cheated. But it’s everyone’s responsibility to behave sensibly and that includes not downloading unsafe APPS, checking all payments and not handing over confidential information to unknown people or APPS.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

UK Government Cyber Essentials Scheme

https://www.cyberessentials.ncsc.gov.uk/

The government says Cyber Essentials helps your business to guard against the most common cyber threats and demonstrate your commitment to cyber security

Self-Help for Cyber Essentials

The guide explains how to:

  • Secure your Internet connection
  • Secure your devices and software
  • Control access to your data and services
  • Protect from viruses and other malware
  • Keep your devices and software up to date

The Three levels of Engagement

Not everyone has the time or resources needed to develop a full-on cyber security system. So Cyber Essentials has been designed to fit with whatever level of commitment you are able to sustain. There are three levels of engagement:

  1. The simplest is to familiarise yourself with cyber security terminology, gaining enough knowledge to begin securing your IT.
  2. Basic Cyber Essentials certification.
  3. Cyber Essentials Plus certification.

1.     Self Help

The self-assessment option gives you protection against a wide variety of the most common cyber attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.

2.     Certified Cyber Security

Cyber Essentials Certificate £300 approx. (+VAT)

Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.

In the process of obtaining Cyber Essentials Certification is simple, you can opt to buy as much or as little help as you need from the company you choose to certify you.

Cyber Essentials shows you how to address those basics and prevent the most common attacks.

  • Reassure customers that you are working to secure your IT against cyber attack
  • Attract new business with the promise you have cyber security measures in place
  • You have a clear picture of your organisation’s cyber security level
  • Some Government contracts require Cyber Essentials certification

3.     Cyber Essentials Plus Certificate

The cost for this is only available on application.

It has all the benefits of Cyber Essentials PLUS your cyber security is verified by independent experts.

Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. The advice is designed to prevent these attacks.

Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protections you need to put in place are the same, but this time the verification of your cyber security is carried out independently by your Certification Body.

The more rigorous nature of the certification may mean you need to buy additional support from your Certification Body.

Cyber Essentials and Government Contracts

If you would like to bid for central government contracts which involve handling sensitive and personal information or the provision of certain technical products and services, you will require Cyber Essentials Certification.

Fightback Ninja Signature

 

Are Your Phone APPS Tracking You

A surprising number of smartphone APPS ask on installation for permission to access your location.  For APPS such as the Automobile Association or Google Maps or Local weather or Find a Restaurant this makes sense but many APPS want to track your location for their own benefit – not yours.

Carnegie Mellon University carried out a study on Android phones. The researchers followed 23 Android phone owners for three weeks. In the first week, they were asked to use their apps as they normally would. In the second week, the participants used an app called App Ops to monitor and manage the data those apps were using. In the third week, the research team introduced a “privacy nudge” alert that would ping the participants each time an app requested location data.

The title of the study is: Your Location Has Been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging.

You can see what level of problem there is.

Why do APPS access your location so often? Quite often, the answer is Marketing – the APP transmits your location regularly back to base where it’s sent to one or more advert networks so they can track where you visit and try to fashion appropriate adverts to be shown on your device.

Apparently, the free APPS are the worst for this behaviour. You can see they need to make money and one way is to sell that user data including location.

Take Control of Your Device

If you want to know exactly what an app is allowed to track on your Android phone, open the Settings app then go to Apps & notifications, choose an app, and select Permissions. Over on iOS, launch the Settings app then pick an app to see the permissions it has. Most of these permissions can be revoked with a toggle switch on both Android and iOS.

On both Android and IOS you can disable location altogether, but that may be overkill as it is useful in some APPS.

Be aware of which APPS track your location and if you cannot see why one needs your location then consider deleting the APP and replacing it.

Fightback Ninja Signature

 

Regulator to Protect Victims of Payment Scams

Authorised Push Payment (APP) scams are where people are conned into authorising their bank to make payment to a fraudster.

The Payments Systems Regulator (PSR) is planning for new protections for consumers, from APP scams, to be in place from September 2018, as an industry code.

The Regulator ran a consultation from November 2017 to January 2018, to give people the opportunity to provide feedback on the regulator’s plans. It gathered opinions from the payments industry, consumer groups and individuals to make sure the PSR could understand how best to protect people from APP scams.

The Changes

Once the industry code is in place, it will be publicly consulted on, for refinement in early 2019 and the regulator expects that it will continue to evolve to ensure preventative measures are kept up to date.

The PSR is also bringing consumer and industry representatives together to establish a dedicated steering group. Led by an independent chair appointed by the PSR, the group will ensure the contingent reimbursement model is designed in the best way to minimise the number of scams in the future and protect victims of scams.

Paul Smith, Head of Policy at the PSR, said:

“This is about making a positive difference for people to protect them from APP scams – where people are tricked into sending money to a fraudster. The banks have already made some changes but, from September 2018, this industry code will see better protections available to everyone.  We expect the code to evolve over time to make sure methods of preventing APP scams are up to date.”

“This is a complex piece of work and we have set a challenging timeline, but it is essential we see, as soon as possible, a model that is effective in protecting people.”

Good progress by the regulator.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Society of Citizens Against Romance Scams

https://againstromancescams.org/

The Society of Citizens Against Romance Scams (SCARS) claim to represent more than 25,000 people, dedicated to changing the world of online fraud for the sake of everyone.

SCARS aspires to be the global organization to coordinate political advocacy, public education and avoidance programs, have an enforcement focus, support victims and promote recovery programs, and establish best practices and standards throughout the world. “A Beacon In The Darkness”.

That’s quite a mission.

SCARS

The focus of the Society is to:

  • Consolidate the voices of many into a single voice.
  • Work for the creation and implementation of universal standards and practices that provide effective and ethical anti-scam activities
  • Engage government, law enforcement, and victims globally in new methods to aggressively combat online fraud.
  • Create the first worldwide Anti-Scam Data Reporting Network with industry partners for real time exposure of fraudsters
  • Develop support and recovery solutions for traumatized victims based upon the best methods employed in the private and public sectors.

SCARS Membership:

For Individuals: join in the transformation that will begin to bring an end to the uncontrolled reign of online fraud. As additional benefits are added you will automatically be eligible.

For Professionals: you will be able to take advantage of numerous committees and their work product to improve your skills. In the future we will develop accredited continuing educational courses. Additionally you will become a part of a network of professional practitioners in victim’s support, investigation, and related practices available for certification.

For Groups and Organizations: you will have access to accreditation and certification processes to improve your services and offerings, and demonstrate to the public your degree of superior practices.

Professional Links

SCARS claims to be the only anti-online fraud non-governmental organization recognized by governments around the world and partners with a various important authorities, including:-

  • The United States Department of Homeland Security
  • Recognized Victims Assistance Organization
  • S. Department of Justice Office of Victims of Crime
  • S. DoJ OVC National Census Of Victim Service Providers
  • NCVC Victim Connect Program
  • NOVA – National Organization for Victim Assistance
  • SCARS Is a member of The European Union’s Council Of Europe Octopus Cybercrime Organization

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Virus Checker Website

The website VirusTotal at https://www.virustotal.com was created to help people identify computer viruses. It does this by analysing infected files or URLs supplied to it and it’s a free service.

VirusTotal inspects items by using 70+ antivirus scanners and URL/domain blacklisting services, plus a range of tools to extract signals from the studied content.

How to use the Website

You can select a file on your computer and upload it to VirusTotal in your browser.

There is also the option of desktop uploaders, browser extensions and a programmatic API if this is to become a regular practice.

As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API.

How Does the Virus Checker Work?

A submitted file or URL is scanned and the results shown on screen. The data and results are shared with VirusTotal partners who use the results to improve their own systems. As a result, by submitting files, URLs, domains, etc. to VirusTotal you are contributing to raise the global IT security level.

Scanning reports produced by VirusTotal are shared with the public VirusTotal community. Users can contribute comments and vote on whether particular content is harmful. In this way, users help to deepen the community’s collective understanding of potentially harmful content and identify false positives (i.e. harmless items detected as malicious by one or more scanners).

Commercial Service

The service provides qualified customers and anti-virus partners with tools to perform complex criteria-based searches to identify and access harmful files samples for further study. This helps organizations discover and analyse new threats and fashion new mitigations and defences.

VirusTotal not only tells you whether a given antivirus solution detected a submitted file as malicious, but also displays each engine’s detection label (e.g., I-Worm.Allaple.gen).

This is a valuable resource in the fight against computer viruses.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.