UK needs urgent response to online fraud, says NAO

Online fraud is the most common crime in England and Wales and needs an urgent response according to the Parliament’s public spending watchdog.

Online fraud is the most common crime in England and Wales and needs an urgent response according to the Parliament’s public spending watchdog.

While tackling online fraud is complex, the Home Office’s response is not proportionate to the threat, according to the National Audit Office (NAO).

Although the City of London Police is the national lead force for online fraud and runs the Action Fraud national centre for reporting fraud, police and crime commissioners and chief constables are responsible for policing in their local areas.

Despite the fact the face of crime is changing, the NAO’s report said police forces take different approaches to tackling online fraud and for some it is not a priority. Only 27 out of 41 police and crime commissioners refer to online fraud in their most recent annual police and crime plans.

“For too long, as a low value but high volume crime, online fraud has been overlooked by government, law enforcement and industry,” said Amyas Morse, head of the National Audit Office.

“It is now the most commonly experienced crime in England and Wales and demands an urgent response. While the Home Office is not solely responsible for reducing and preventing online fraud, it is the only body that can oversee the system and lead change.

“The launch of the Joint Fraud Taskforce in February 2016 was a positive step, but there is still much work to be done. At this stage, it is hard to judge that the response to online fraud is proportionate, efficient or effective,” he said.

In the year ending 30 September 2016, the Office for National Statistics (ONS) estimated that there were 1.9 million estimated incidents of cyber-related fraud in England and Wales, or 16% of all estimated crime incidents.

Online fraud includes criminals accessing citizens’ and businesses’ bank accounts, using their plastic card details, or tricking them into transferring money.

“Hidden” crimes require new and different responses yet, despite the level of economic crime, statistics suggest police forces remain more focused on traditional crimes, the report said, highlighting that in 2016, one in six police officers’ main function was neighbourhood policing, while only one in 150 police officers’ main function was economic crime.

According to the NAO, the Joint Fraud Taskforce set up by the Home Office to raise awareness of online fraud, reduce card not present fraud and to return money to fraud victims is a positive step. But the report said the Home Office faces a challenge in influencing other partners such as banks and law enforcement bodies to take on responsibility for preventing and reducing fraud. The report said £130mis held in banks that cannot accurately be traced back and returned to fraud victims.

In addition, without accurate data, the report said the Home Office does not know whether its response is sufficient or adequate.

Measuring the impact of campaigns and the contribution government makes to improving online behaviours is challenging, according to the NAO.

According to the NAO, the growing scale of online fraud suggests that many people are still not aware of the risks and that there is much to do to change behaviour. In addition, the report said that different organisations running campaigns, with slightly different messages, can confuse the public and reduce the campaigns’ impact.

While educating consumers is sensible, the NAO said government and industry still have a responsibility to protect citizens and businesses. The report said the protection banks provide varies, with some investing more than others in educating customers and improving their anti-fraud technology. The ways banks work together in responding to scams also needs to improve.

Although there are examples of good practice in protecting people against online fraud, such as Sussex Police’s initiative to help bodies such as banks and charities identify potential victims, the NAO said there is no clear mechanism for identifying, developing and sharing good practice to prevent people becoming victims.

The government wants the police and judiciary to make greater use of existing laws, but the NAO found that stakeholders had mixed views on the adequacy of current legislation. The international and hidden nature of online fraud makes it difficult to pursue and prosecute criminals because of the need for international co-operation and an ability to take action across borders, the report said.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

 

Camelot’s National Lottery accounts are hacked

It could be you- as tens of thousands of online lottery Camelot players’ accounts are hacked.

It could be you- as tens of thousands of online lottery Camelot players' accounts are hacked.National Lottery operator Camelot says the login details of thousands of people who do the lottery online have been stolen.

There are 9.5 million national lottery players registered online, but Camelot said only around 26,500 accounts were accessed. It added that fewer than 50 accounts have had suspicious activity, such as personal details being changed, since the breach.

The company said it unearthed “suspicious activity on a very small proportion of our players’ online National Lottery Accounts” during its online security monitoring on 28 November 2016.

It added that there has been no unauthorised access to core systems. “In addition, no money has been deposited or withdrawn from affected player accounts,” said Camelot.

“However, we do believe that this attack may have resulted in some of the personal information that the affected players hold in their online account being accessed.”

The company said it is now trying to find out what happened, but it believes that “the email address and password used on the National Lottery website may have been stolen from another website where affected players use the same details”.

The affected accounts have been suspended and Camelot will contact the account holders to re-activate them. Camelot added that it is working with the National Cyber Security Centre on the incident.

Are you an online lottery player?

If so, just crossing your fingers is not enough. To mitigate risks in the short term, account holders should update passwords and avoid using the same password across multiple sites.

Yahoo hack effects Sky and BT emails as well

The world’s largest hacking of Yahoo also effects BT and Sky email users.

The world's largest hacking of Yahoo also effects BT and Sky email users.Yahoo wasn’t the tech giant in Silicon Valley that it used to be, but the news that half a billion user details were stolen from it over two years ago in 2014 should still concern everyone.

It now transpires that both BT and Sky used Yahoo’s email system and labelled it as their own.  Which is particularly ironic given that Sky’s parent company Fox has had to pay out hundreds of millions to people it had itself hacked it’s customers.

What is even more worrying is customer inertia- that’s because stubborn user behavior and the economics of darknet markets mean the chances of a serious breach at another major internet service increase dramatically with each hack.

The user behavior part is that people like to reuse their passwords—a lot.

One estimate, from Cambridge University’s Security Group, puts password reuse as high as 49%.

That is, we use the same password for every two accounts that require a log-in.

When a big cache of hacked passwords ends up traded on darknet markets, it often gets added to password databases. These databases can be used by corporations to ensure their users don’t use previously published, insecure passwords—or more maliciously by hackers, who will try to find passwords reused on other services.

It’s the equivalent of trying millions of different keys on a particular door, except it’s all automated and can be done in days, as the password cracker Jeremi Gosney has detailed for Ars Technica.

Password reuse and marketplaces for stolen data mean that password databases grow larger and more robust with each major breach. For example, LinkedIn was hacked in 2012 for more than 100 million user accounts. Parts of those stolen credentials wound up in darknet data dumps.

One of those log-ins belonged to a Dropbox employee, who apparently reused a password, allowing a hacker to enter the file-sharing platform’s corporate network. This led to the theft of 70 million Dropbox user passwords, which the company confirmed in August. One massive hack leads to another, forming a daisy-chain of insecurity.

The Yahoo breach is five times the size of the LinkedIn theft. That’s a lot more data to add to password-cracking lists.

The only thing we internet users have going for us now is to hope the “state-sponsored actor” that Yahoo says is behind the hack doesn’t dump the data in public, or sell it for profit. When that happens, we’re due for a password reset.

You can check if your email has been hacked and touted online at: https://haveibeenpwned.com/

Gloucestershire Safer Cyber Forum accepts Cyber Security Force

The Gloucestershire Safer Cyber Forum has accepted Cyber Security Force to join it.

The Gloucestershire Safer Cyber Forum has accepted Cyber Security Force to join it.The Gloucestershire Safer Cyber Forum (GCSF)  was set up and run by the Gloucestershire Constabulary to to provide a source of crime prevention, advice and to share cyber threat information.

GSCF also provides a secure environment for Gloucestershire business to engage directly with peers and Gloucestershire Constabulary on incidents or concerns around cybercrime, along with the ability to report it anonymously.

Being part of GSCF means that we can be at the leading edge of information on how to avoid cyber security issues and when they do arise how best to prevent and recover from the bad guys out there.

Ransomware increasingly dangerous cyber security threat

Ransomware attacks now account for around a quarter of cyber security threats targeting internet users in the UK- according to Eset.

Ransomware attacks now account for around a quarter of cyber security threats targeting internet users in the UK- according to Eset.Eset’s LiveGrid telemetry shows an increase in detections of the JS/Danger.ScriptAttachment malicious code, which tries to download and install various malware variants to the intended victims’ machines.

The majority of the code consists of crypto-ransomware, including some well known groupings, such as Teslacrypt.

The most recent wave of attacks has been focused on victims in the UK, where it accounted for roughly every fourth threat in the third week of April 2016, said the security firm.

“To reach as many potential victims as possible, attackers are spamming inboxes in various parts of the world,” said Ondrej Kubovič, security specialist at Eset. “Therefore, users should be very cautious about which messages they open.”

Meanwhile, the latest Verizon Data Breach Investigations Report (DBIR) also warns that ransomware attacks are steadily increasing.

Laurance Dine, managing principal of investigative response at Verizon Enterprise Solutions, said: “Ransomware is going crazy. It is everywhere. As an incident response team we are dealing with ransomware attacks all the time.”

Eset’s Kubovič recommends that companies should train their employees to report incidents to their internal security departments.

“Users should keep their operating systems and software up to date, as well as install a reliable security suite offering multiple layers of protection and regular updates,” he added.

“Last but not least, users need to back up all their important and valuable data, allowing for its recovery in case of ransomware infection,” he said.

While ransomware is becoming an increasing problem for businesses, a recent spate of attacks on hospitals in the past few months – mainly in the US, but also in Canada, Germany and New Zealand – has underlined the potentially life-threatening impact of ransomware, which works by encrypting data and demanding a ransom to be paid for its release.

The dangers of the IoT

A report by Institute for Critical Infrastructure Technology (ICIT) has also highlighted the fact that internet of things (IoT) devices offer a potential growth opportunity to any ransomware operation, given the devices are interconnected by design and many lack any form of security.

According to the report, while a lot of traditional malware will be too large to ever run on many IoT devices, ransomware (predominantly consisting of a few commands and an encryption algorithm) is much lighter.

Many medical devices, such as insulin pumps and other medication dispersion systems, are internet- or Bluetooth-enabled, the report pointed out, and warned that ransomware could used to open connections to infect the IoT device.

Part of the problem with the security of IoT communications is that the designers are more concerned by the ease of connectivity than the safety of their users.

New ransomware threat- with your address

A new email ransomware that quotes people’s postal addresses is a costly new cyber security threat.

A new email ransomware that quotes people's postal addresses is a costly new cyber security threatAndrew Brandt, of US firm Blue Coat, contacted the BBC after hearing an episode of BBC Radio 4’s You and Yours that discussed the phishing scam.

Mr Brandt discovered that the emails linked to ransomware called Maktub. The malware encrypts victims’ files and demands a ransom be paid before they can be unlocked.

The phishing emails told recipients they owed hundreds of pounds to UK businesses and that they could print an invoice by clicking on a link – but that leads to malware, as Mr Brandt explained.

Maktub doesn’t just demand a ransom, it increases the fee – which is to be paid in bitcoins – as time elapses.

A website associated with the malware explains that during the first three days, the fee stands at 1.4 bitcoins, or approximately £400. This rises to 1.9 bitcoins, or £550, after the third day.

The phishing emails tell recipients that they owe money to British businesses and charities when they do not.

One remarkable feature of the scam emails was the fact that they included not just the victim’s name, but also their postal address.

Many have noted that the addresses are generally highly accurate.

According to Dr Steven Murdoch, a cybersecurity expert at the University of London, it’s still not clear how scammers were able to gather people’s addresses and link them to names and emails.

The data could have come from a number of leaked or stolen databases for example, making it hard to track down the source.

Several people contacted the You and Yours team to say that they were concerned data might have been taken from their eBay accounts, as their postal addresses had been stored there in the same format as they appeared in the phishing emails.

The UK’s national fraud and cybercrime reporting centre has been flooded with queries from people targeted by the scam.

“We have been inundated with this,” said deputy head Steve Proffitt. “At Action Fraud on Monday we received an additional 600 calls and from then onwards we’ve received 500 calls to our contact centre a day,” he added.

Mr Proffitt advised people who had received the phishing emails to under no circumstances click on the link, but instead delete the message from their system and inform Action Fraud.

Referring specifically to Maktub and the approach taken by the phishers, Dr Murdoch said he believed the scam was “significant” in more ways than one.

“It also appears to be quite widespread – I’ve heard about it from multiple sources so it seems like they were fairly successful getting a lot of these sent out,” he told the BBC.

He added that it was hard to know how to advise people who were unfortunate enough to have their files encrypted by ransomware.

For some individuals without backups, paying the ransom might be the only way to retrieve their data.

“However, every person that does that makes the business more valuable for the criminal and the world worse for everyone,” he said.

From:  http://www.bbc.co.uk/news/technology-35996408#sa-ns_mchannel=rss&ns_source=PublicRSS20-sa