Once again, our friends at Neighbourhood Watch have sent us some information on behalf of Action Fraud (National Fraud Intelligence Bureau):
Action Fraud has received the first reports of Tech-Support scammers claiming to be from Microsoft who are taking advantage of the global WannaCry ransomware attack.
One victim fell for the scam after calling a ‘help’ number advertised on a pop-up window. The window which wouldn’t close said the victim had been affected by WannaCry Ransomware.
The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.
It is important to remember that Microsoft’s error and warning messages on your PC will never include a phone number.
Additionally Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication they have with you must be initiated by you.
How to protect yourself:
Don’t call numbers from pop-up messages.
Never allow remote access to your computer.
Always be wary of unsolicited calls. If you’re unsure of a caller’s identity, hang up.
Never divulge passwords or pin numbers.
Microsoft or someone on their behalf will never call you.
If you believe you have already been a victim:
Get your computer checked for any additional programmes or software that may have been installed.
Contact your bank to stop any further payments being taken.
Report fraud and cyber crime to Actionfraud.police.uk
Our friends at Neighbourhood Watch have asked us to beware of Smishing frauds:
This information has been sent on behalf of Action Fraud (National Fraud Intelligence Bureau):
Smishing – the term used for SMS phishing – is an activity which enables criminals to steal victims’ money or identity, or both, as a result of a response to a text message. Smishing uses your mobile phone (either a smartphone or traditional non-internet connected handset) to manipulate innocent people into taking various actions which can lead to being defrauded.
The National Fraud Intelligence Bureau has received information that fraudsters are targeting victims via text message, purporting to be from their credit card provider, stating a transaction has been approved on their credit card.
The text message further states to confirm if the transaction is genuine by replying ‘Y’ for Yes or ‘N’ for No.
Through this method the fraudster would receive confirmation of the victim’s active telephone number and would be able to engage further by asking for the victim’s credit card details, CVV number (the three digits on the back of your bank card) and/or other personal information.
Always check the validity of the text message by contacting your credit card provider through the number provided at the back of the card or on the credit card/bank statement.
Beware of cold calls purporting to be from banks and/or credit card providers.
If the phone call from the bank seems suspicious, hang up the phone and wait for 10 minutes before calling the bank back. Again, refer to the number at the back of the card or on the bank statement in order to contact your bank.
Last July Rob Bryan, Temporary Chief Inspector for Partnership & Neighbourhoods in Hillingdon, teamed up with our Neighbourhood Watch friends to publish a monthly Hillingdon Police Community Newsletter.
If you’re not already receiving this in your email, or if you would prefer to access it directly at your own convenience, you can access current and past issues directly from the Neighbourhood Watch website.
If you’re of a technical bent, you can read copies in your browser by using the format below for the web address (remove the quote marks – I added them to stop some browsers converting the address into a hyperlink):
Neighbourhood Watch knows where lots of CCTV cameras are. If you tell them quickly enough (i.e. don’t leave it for days) then they can check the recordings and help the police to nail the villains.
Make sure you tell the police first. As so often happens, someone has just reported a burglary to NHW but it happened at the start of the month, which could mean that the recordings have already been overwritten.
Some residents don’t even bother to report car break-ins to NHW, yet these often reveal leads to bigger crimes in the area.
This message is from A/Chief Inspector David George:
Dear Hillingdon Residents, Business Persons and Partners,
The Commissioner Bernard Hogan Howe will be holding a Road show at Hillingdon Civic Centre on Wednesday 24th August between 1830 to 1930.
The aim of the event is to address the community and finish with a Questions & Answer session. The Commissioner will be joined by the Hillingdon Borough Leadership Team to answer questions from the audience.
Local community policing team officers along with other victim support services provided by the police (Community Safety Unit, I Victim Support, Court Support, Safeguarding Adults, Burglary Squad, Smart water team ) will also be on hand.
There is no need to register for the event and the community are requested to just turn up on the night. Attendees will be required to attend no later than 1820 to allow time for seating.
We hear that criminals are using drones in Ickenham to identify potential victims – nice cars, dodgy patio doors, unlocked sheds – all are well within the drone’s reach. And the larger the property, the more likely they are to be used.
If you hear an unusual buzzing, look for activity on the street or at the back of your property. Drone users are most likely to be in sight. If you see them, call 101.
While this seems to be new to Ickenham, it’s not new generally. The Telegraph ran a useful article on the subject last year.
Hillingdon Neighbourhood Watch is warning of fake emails that appear to come from your chosen university which offer you a grant from the Department of Education. Don’t click on anything: full explanation here:
Hillingdon Neighbourhood Watch provides an excellent place to catch up on crime news and advice. It provides useful links to resources, including prevention products and services, including the occasional special pricing (or free) offers. We’ve just added it to the Useful Links section of this website.
This information below this paragraph is taken straight from a Neighbourhood Watch notice dated April 29. The last section is good advice regardless of the source of attack. Action Fraud is a good source of information on many types of online attack – personal and business. Here goes:
Within the past 24 hours a number of businesses throughout the UK have received extortion demands from a group calling themselves ‘Lizard Squad’.
Method of Attack:
The group have sent emails demanding payment of 5 Bitcoins, to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.
If their demand is not met, they have threatened to launch a Denial of Service attack against the businesses’ websites and networks, taking them offline until payment is made.
The demand states that once their actions have started, they cannot be undone.
What to do if you’ve received one of these demands:
Report it to Action Fraud by calling 0300 123 2040 or by using the online reporting tool
Do not pay the demand
Retain the original emails (with headers)
Maintain a timeline of the attack, recording all times, type and content of the contact
If you are experiencing a DDoS right now you should:
Report it to Action Fraud by calling 0300 123 2040 immediately.
Call your Internet Service Provider (ISP) (or hosting provider if you do not host your own Web server), tell them you are under attack and ask for help.
Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports etc.
Get Safe Online top tips for protecting your business from a DDoS:
Consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place.
If you consider that protection is necessary, speak to a DDoS prevention specialist.
Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.
As part of the AGM, the Chairman reviews the Association’s activities during the preceding year. She also does a lot of other things like calling for votes on this and that and introducing the guest speakers. While much of this has to await the members’ approval next year, we thought it would be a good idea to see the body of her presentation here.