Posted by: David Harley | April 13, 2017

The Spanish Harmada – more info on support scams

After our recent joint blog for ESET, Support scams now reign in Spain, Josep Albors was contacted by a Spanish online newspaper asking for further information and general commentary. After collaborating on some responses to those questions, we used them as the basis for a lengthy follow-up blog. As well as allowing us to expand on the reasons why this elderly scam has managed to gain a new lease of life, this piece introduced me to abduction scams, another nasty scam variation that had somehow passed me by, up to now. (Briefly described in the article.) But I’ll probably get back to that in another article.

In the meantime, here’s the article: Spanish Harmada: More on tech support scams

David Harley

Posted by: David Harley | February 15, 2017

Facebook Cloning – don’t panic!

Here’s a Facebook post I’ve seen people cut and paste a couple of times recently.

Heads-up!! Almost every account is being cloned. Your picture and your name are used to create a new face book account (they don’t need your password to do this this). They want your friends to add them to their Facebook account. Your friends will think that it’s you and accept your request. From that point on they can write what they want under your name. I have NO plans to open a new account. Please DO NOT accept a 2nd friend request from “me”. please forward to all your contacts.

Clearly this is the Facebook equivalent of a chain letter, but that doesn’t necessarily mean it isn’t true, does it?

Well, no: Facebook accounts do get cloned, but it doesn’t happen as regularly as this implies. Snopes – always a good resource for checking potential hoaxes and chain messages – classifies it as ‘partly true’ and includes this and three other examples of the messages that have circulated. David Mikkelson also points out that it’s far from new and doesn’t entail real ‘hacking’. Facebook Pirates – Warning alerts social media users that Facebook ‘pirates’ Facebook “pirates” perpetrate scams by setting up look-alike Facebook accounts that copy other users’ profiles.

Facebook users who make a lot of information about themselves public make it easy for a cloner to use images and information to set up a fake account. Several scams such as ‘Londoning‘ depend on the cloner being able to contact the friends of the owner of the genuine account. While you can’t eliminate the possibility of your account being cloned, you can lower the risk by reducing the value of your account to the scammer. You can do this by tightening your privacy settings: obvious ways of doing this include setting your account so that only friends can see your posts


and no-one but you can see your friends list.


Brett M. Christensen provides a longer analysis on Hoax-Slayer, and includes some useful advice on how to take those measures: Viral Facebook Post Warns About Facebook Cloning – Warning Is Valid.

David Harley

Posted by: David Harley | February 14, 2017

UK pension scams

‘Which’ describes a couple of the scams that have raised their grubby little heads above the parapet following the UK government’s decision to allow pensioners more choice in how they use their ‘pension pot’. Specifically:

  • Free pension reviews as a first move toward persuading victims to move their pensions to dubious investment schemes. Cold callers may claim to represent the Money Advice Service.
  • Pension liberation scams. These may entail not only ludicrously high ‘service charges’ but may leave the victim vulnerable to taxation issues.

I think I may come back to this topic after a little further research.

‘Which’ article: Protect your pension savings

David Harley

Posted by: David Harley | February 13, 2017

Commercial Registry Scams

A friend drew my attention to a scam letter received apparently requiring them to complete a form recording their company details for a Register on behalf of Companies House. That led me to an article describing what is claimed to be something very similar: Commercial Register scam on Small Businesses demanding €993. According to the article:

  • the initial letter looks official and as if it was from Companies House
  • most people can’t recall seeing any terms and conditions or mention of a payment
  • some people have alleged that their signatures have been scanned and then printed on a different contact

While I can’t vouch for the accuracy and detail of that report, it’s certainly the case that Registry Scams are specifically noted in an article on reporting scams to Companies House: Guidance – Reporting fraud to Companies House.

See also this article showing an example of a similar letter – England Commercial Register Scam – and a Farmer’s Guardian article Farmers warned over scam letter.

David Harley


Posted by: David Harley | November 12, 2016

Dead Reckoning

Facebook covered itself with – well, something that isn’t glory – when it ‘memorialized’ an impressive number of its subscribers, apparently under the mistaken impression that said subscribers, including Mark Zuckerberg, had died. In other words, it put up a memorial banner on the affected users’ profile pages.

A spokesman subsequently apologized for the ‘terrible error’. Personally, I don’t know if it’s any worse for Facebook to consider us dead than it is for them to consider us brain-dead, or at least dumb enough to be absurdly predictable.

If you weren’t aware of Facebook’s mechanism for memorializing the profiles of deceased subscribers, you can find out more here.

David Harley

Posted by: David Harley | November 7, 2016

Wire-Wire Scams Evolve beyond the 419

West African cybercrime nowadays has moved on from unsophisticated 419s to technically-based, effective Wire-Wire attacks on businesses.
See my article at ITSecurity UK for more information and links: Wire-Wire Scams: Evolution beyond the 419
David Harley
Posted by: David Harley | October 24, 2016

Anti-Phishing Working Group phish/malware report

According to the Anti-Phishing Working Group’s report for the second quarter of 2016, phishing attacks (as measured by the number of phish sites) reached an all-time high in that period (61% higher than the previous recorded high in 2015 Q4). It also cites PandaLabs as reporting detection of 18 million ransomware programs over that period, amounting to more than 200,000 per day.

Phishing Activity Trends Report 2nd Quarter 2016

David Harley

Posted by: David Harley | October 19, 2016

Facebook and those ‘legal’ disclaimers

I’ve mentioned those not-very-useful disclaimers that people keep posting to stop Facebook ‘misusing’ their posts a number of times. For instance:

So I won’t press the point again, even though there does some to be another upsurge in such disclaimers, which are based on (a) a misunderstanding of Facebook’s view of its users’ right to their own posts (Facebook’sview is expressed here) and (b) a mistaken belief that such a disclaimer will somehow affect the existing implicit contract between Facebook and its users.

Sorry, I’m going to quote myself:

…your agreement with Facebook is a contract, as is the case with other social media providers: you can’t use a unilateral statement like this to opt out of the contract stipulations you agreed with the company when you joined, as long as they’re conditions that Facebook can legally impose (or modify, if it chooses). You can try to negotiate a non-standard contract with a provider, but a service with hundreds of millions of subscribers isn’t likely to consider one-to-one contract variations, especially when it isn’t charging for the service it provides.

And that remains the case. But I did come across an article you might find interesting in the Washington Post, which tries to explain Why that ‘Facebook copyright’ hoax will never, ever die.

David Harley

Posted by: David Harley | October 18, 2016

Fighting Hoaxes with Hoaxes?

NewsThump apparently attempts to reduce the number of Facebook hoaxes by generating a hoax of its own. Where would the internet be without satire?

Mark Zuckerberg to give everyone $1000 to stop sharing stupid Facebook hoaxes

I thought of sharing this article on Facebook, but was torn between not wanting to mislead people who lack the hoax/satire recognition gene, and not wanting to offend people who would see right through it anyway by explaining that NewsThump isn’t a real news site…

David Harley

Posted by: David Harley | October 18, 2016

Support Scam Victimology

Interesting statistics regarding the relative proportions of tech support scam victims in various parts of the world:

David Harley

Older Posts »