This message from: David Braziel (NHWN, Communications Administrator, Devon & Cornwall).
A new scam has recently been bought to our attention which is very easy to fall for. A realistic email is received, which purports to be from the Police and is headed up ‘Notice of Intended Prosecution (NIP)’. It will go on to give brief details about a speeding violation or some other traffic offence and will ask you to click on a link to access the full details. If you are sure that you or another family member is not involved, then DO NOT CLICK on the link – it will probably infect your computer with malware. Even if you are uncertain about the stated violation it is better to check first by contacting the Police independently, via 101 or email, quoting the references given in the original scam email, to get confirmation.
Suspected scams should be reported using the www.actionfraud.police.uk site, which has an easy to follow reporting link – you will also be able to forward the scam email.
This message from: Shirley Craft (Police, Community Messaging Officer, Devon & Cornwall).
Residents are asked to exercise caution when receiving calls purported to be from your own or any other Bank: Police received a report of a member of the public being phoned by a Bank to report £400 had been stolen from their account. The caller stated they would receive £400 on top of the recovered monies providing they first withdrew £2000 and purchased £2000 of iTunes Gift Cards. The caller even told them to tell shop or bank staff “It’s presents for the grandchildren”. They were told another person would call back requesting the serial numbers of the iTunes cards, and also to scratch off the foil on the rear to reveal a smaller number. Both sets of numbers would then allow the caller to purchase goods to the value of £2000. The phone number used was 01424-758899, which is registered to Hastings in Sussex; both the callers were described as female and very polite and convincing. We would ask Recipients of Community Messaging to tell your more elderly and vulnerable neighbours about this message.
Report any similar incidents to Action Fraud on 0300 123 2040, or online at www.actionfraud.police.uk
This message from: Carol Donavon (Police, Community Messaging Officer, Devon & Cornwall).
HOME SECURITY EQUIPMENT.
Trading Standards are warning people to be wary of unsolicited phone calls and visits from companies offering home security equipment and services. If you are considering purchasing such a device or service, then get three quotes from reputable businesses you trust and make your decision on whom to use in your own time. Get recommendations from friends or via www.buywithconfidence.gov.uk. If you are concerned someone is at risk, always call the police. If you are concerned rogue traders are operating in your area, always report it. If someone knocks on your door and you are not sure, don’t open the door – http://www.devonsomersettradingstandards.gov.uk/consumers/rogue-traders-doorstep-crime/
We hope the above information will help you to be aware of the many scams that are going around at the moment. Please make your family, friends and Neighbours aware of them.
POLICE NEWS AND UPDATES.
COMMON CYBER CRIMES SEEN BY DEVON & CORNWALL POLICE – with example videos.
– Victim is encouraged to share naked pictures of themselves (or explicit mes- sages) via text/ apps/ emails. Often involves children being groomed by adults or their peers.
There will often be offences under the Sex Offences Act 2003; and always a big risk of being pressured into going further or having full sex.
Frequently linked to or develops into Sextortion. https://www.youtube.com/watch?v=DwKgg35YbC4 (Megan’s Story – Sexting 1:52) https://www.youtube.com/watch?v=sc-Mt5fS0fY (My story – online grooming 0:56)
• Victim has engaged in intimate online communication with the offender via webcam. The victim is filmed without their knowledge and then blackmailed for money and threatened with their video being revealed to friends and family. Adults or children can be victims.
https://www.youtube.com/watch?v=Ba3uxhg1X4Y (Singapore crime message 2:27 mins), https://www.youtube.com/watch?v=et5jMaNxn0Y (Sextortion public service announcement, 1:30 mins)
• Victim receives an email purporting to be from the victim’s bank or similar, containing a link to a fake website. When the victim clicks the link either a virus/ ransomware is downloaded, or they are asked to enter their banking details and password, which are then used to steal money from their account.
https://www.youtube.com/watch?v=fyfAKQM3qTY (Phishing real world example 2:53 mins), https://www.youtube.com/watch?v=9TRR6lHviQc (Safety in Canada, 3mins, Phishing), https://www.youtube.com/watch?v=oOmzX1WAkMc (1 min, Spear phishing)
Remote access Tool (RAT) / TeamViewer (software brand)
– Victim receives a phone call from the offender who purports to be from the victim’s bank or similar. The suspect usually tells the victim that their account or computer has been compromised and in order to fix the problem the victim is instructed to go online and download software. The software the victim is actually downloading is TeamViewer or similar which then gives the suspect remote access to the victim’s computer including the webcam and screen. The suspect then elicits personal information such as banking details in order to steal the victim’s money.
E.g. Microsoft scam https://www.youtube.com/watch?v=sz0cEo2h3f8 (10:18 mins, first 6 mins only necessary)
• This can be installed a number of ways; by the victim following a link on a fake email, by downloading a program online that has ransomware hidden inside, or by the victim’s computer or network being hacked due to weak passwords etc. Once installed the ransomware will encrypt all of the files on the system preventing the victim accessing them. This can include photographs, business documents etc. The victim will be unable to use their computer while the machine is infected. They will normally see instructions on the screen asking for money in order to get their files and computer unencrypted. Often the payment can be requested in bitcoin (online currency).
https://www.youtube.com/watch?v=v-ITcpD1KcQ (1:03 mins Kaspersky Lab)
• These can be installed in a number of ways similar to ransomware. The purpose can be varied; disruption of the victim’s computer system, as a means of obtaining personal information from the infected computer or in order to use the computers processing power as part of a “botnet” (collection of infected computers). Many offenders will use a botnet to send out millions of phishing emails or launch a DDOS (distributed denial of service) attack on a website to take it down and cause disruption
(Difference between viruses, worms, malware, Trojans, ransomware and spyware – Kaspersky lab, 2:45 min).