Stupid Punts!

Stupid Punts!

Text

Examples of the "Nigerian scam" that flood my email box everyday.

Thursday, April 28, 2011

Lloyds Scam

Maybe the scammer here, pretending to be Lloyds TSB, should have used spell check first?

"tempormmmmarily"???

"Unsubscribe:

Lloyds TSB has been receiving complaints from our customers for unauthorised use of Lloyds TSB Online accounts. As a result we periodically review Lloyds Online Accounts and tempormmmmarily restrict mailing

Please confirm you would like to unsubscribe from this mailing YES or NO .

If you'd like to find out about our latest products and services you can visit www.lloydstsb.com at any time.

Yours sincerely

Ashley Machin,
Digital Banking Director

Wednesday, April 27, 2011

Sony PlayStation Network Hacked

Sony shut down its PlayStation Network last week because it has discovered a "non-gaming" intrusion into the system.

However, it had not realised until late yesterday (after forensic security testing) that the breach had led to the theft of the data of the 77 million users. This data theft could compromise the financial security of the 77 million users who have registered their details with Sony.

Here is a list of FAQ's from the Sony site re the security breach:

Update on PSN Service Outages

Q.1 When did you realise the system had been intruded?

We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

Q.2 How did you know that the system was intruded?

We watch for any issues that may be raised with respect to security and monitor for such issues both internally and externally.

Q.3 What is the main reason to this problem? Which parts of the system were vulnerable to the intrusion?

We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we will not comment further on this case.

Q.4 What action did you take (are you taking)? Is there any possibility of further unauthorized access?

As soon as we learned of this issue, 1) we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services, 2) we have also engaged an outside, recognized security firm to conduct a full and complete investigation into what happened, and 3) quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

Q.5 How many were affected? How many per each region? What is the latest status of PlayStation Network registered account/ operating countries.

Our investigation indicates that all PlayStation Network/ Qriocity accounts may have been affected.

Q.6 Does that mean all users’ information was compromised? Tell us more in details of what personal information leaked.

In terms of possibility, yes. We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password, login, password security answers, and handle/PSN online ID. It is also possible that your profile data may have been obtained, including purchase history and billing address (city, state/province, zip or postal code). If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. If you have provided your credit card data through PlayStation Network or Qriocity, it is possible that your credit card number (excluding security code) and expiration date may also have been obtained.

Q.7 Have you notified those users?

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

Q.8 Have you received reports or claims that their PSN ID information/ credit card had been used improperly?

Not at this point in time.

Q.9 I want to know if my account has been affected.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

Q.10 What should I do to prevent any unauthorized use of my (credit card) personal information?

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports.

Q.11 Since when have PSN/Qriocity become unavailable and in which region?

PSN/Qriocity services have not been available since April 20 (US time) in all regions.

Q.12 How come it is taking so much time to resume the service?

We are taking the investigation seriously. We decided to keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services.

Q.13 How serious is this? Have the hackers broken the security on PSN/Qriocity? Are you taking necessary measures to prevent such outage happening in the future?

Since this is an overall security related issue, we will not comment further on this case but we are working to restore and maintain the services, including countermeasures against future intrusions.

Q.14 When will the service resume?

We are taking the investigation seriously. We will keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services but are working hard to resume the services as soon as we can be reasonably assured security concerns are addressed.

Q.15 Seems like SOE service was also not available/ suffering outage. Is this true? Is this due to the same reason as the PSN/Qriocity outage?

SOE's service is available although a service interruption due to an external attack did occur. A thorough investigation is ongoing.

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

Q.17 There seems to be some games that cannot be played even offline?

Depending on the game titles, but mainly PSN games, some may require access to PSN for trophy sync, security check, etc.

Contact Details

Country Customer Support
Africa sonycustomercare.mea@ap.sony.com
Australia 1-300 365-911
Austria 0820 44 45 40
Belgium 011 516 406
Bulgaria support@sbhbg.com
Croatia playstation.hr@arsvenatus.hr
Cyprus 22352282
Czech Republic 222 864 199
Denmark 90137013
Estonia 6543484
Finland 600411911
France 0820 31 32 33
Germany 01805 766 977
Greece 801 11 92000
Hungary 1 814 4800
Iceland 591- 5100
India 1800-103-7799
Ireland 0818 365065
Israel 09-9711700
Italy 199 116 266
Latvia 67046049
Lithuania 37338655
Luxembourg 0820 31 32 33
Malta 234 360 00
Middle East - All sonycustomercare.mea@ap.sony.com
Netherlands 0495 574 817
New Zealand 09 415 2447
Norway 82068322
Poland 0 801 230 000
Portugal 707 23 23 10
Romania support@sbhbg.com
Russia 8-800-200-76-67
Slovakia 232 112 209
Slovenia 1 510 31 30
South Africa 0861 773783
Spain 902 102 102
Sweden 09002033075
Switzerland 0848 84 00 85
Turkey bilgi@eu.sony.com

Ukraine 0 800 307 669
UK 0844 736 0595

Tuesday, April 26, 2011

How To Outwit Boiler Room Scammers

The Telegraph has a helpful article about boiler room scams, which I reproduce in full below:

"As a victim of "boiler room" activities I wondered if it would be worth reinforcing the message to your readers not to consider the purchase of shares offered over the telephone. They were very persistent and I was particularly vulnerable as a pensioner and my wife in hospital and I agreed to the purchase of shares.

Some weeks later I received a warning letter from the Financial Services Authority. By which time it was too late. In hindsight I realise how silly I was. It is, of course, too late for me, but if it might prevent similar problems for any of your readers a warning may be useful.

RJ
Merseyside

The firm you have been a victim of appeared on the FSA scam list just a week before you wrote to me so, had you checked the site when it approached you, you wouldn't have found its name there.

This, cruelly, is the way with these tricksters and, which is apparently part of their nature, these people caught you out when your defences were low and things in your life at a low ebb. These con men are adept psychologists with no scruples about who and how much they hurt people.

From your letter and those that appeared in The Daily Telegraph yesterday, it is clear that it is not necessarily those you might expect who get caught out by such scams. Indeed, often it is people with some financial knowledge, on which crooks cleverly play.

One of the readers scammed in this way is a certified accountant and Lloyd's underwriter. Another is a chartered accountant, one has an MBE and another is a professor.

City of London police strongly advise people not to buy shares or land from cold callers. David Honeywell, a reader featured in yesterday's column, also reiterates, from his bitter experience, the police's message, which is that by far the best approach is simply not to get involved.

Anyone who still feels tempted should know that if a firm is unauthorised, financial complaints and compensation schemes cannot step in should anything go wrong.

To find out a firm's status go to the FSA website (www.fsa.gov.uk) and type "unauthorised firms" in the search box. This list mainly consists of overseas firms about which there has been a certain amount of bad feedback, so will not show every dodgy concern. Check out the regulator's authorised list too.

If the firm appears to be genuine, the FSA said would-be investors should always call the switchboard number if one is given on its register. I would suggest that they might also check that the person who called is an employee. Bear in mind though that I have encountered instances where the name of an honest employee has been hijacked.

Therefore speak to the person named to establish that they are one and the same. Possibly consult directory inquiries to confirm the number as well. Mr Honeywell, who was conned in a very sophisticated heist, points out that this way of checking is not infallible.

If the register of authorised firms does not show the number, as applies with most of the genuine overseas companies listed, call the FSA's helpline on 0845 606 1234. Then log onto the website cited on the register to compare the details.

Check with Companies House via www.companieshouse.gov.uk or 0303 1234 500.

Try a Google search to see if the name crops up in any way, perhaps on internet forums.

www.actionfraud.org.uk gives fraud prevention advice and has alerts of the latest scams.

If you are caught out it is important to notify Action Fraud, which serves as a portal to pass information on to the National Fraud Intelligence Bureau.

A report of the crime can be registered online or the incident talked through with an Action Fraud adviser to create a report. This government helpline number is 0300 123 2040 and is open from Mondays to Fridays between 8am and 8pm; on Saturdays between 9am and 4pm; and Sundays between 10am and 4pm. A crime reference number will be issued. The intelligence provided helps give a far bigger picture for dealing with the issues raised and help police to understand where they can efficiently target their resources.

Also check out the helpful www.cityoflondon.police.uk website.

Although the FSA also said it was heavily reliant on information it receives from consumers about boiler room activity, I was disconcerted to find that details of the frauds perpetrated on CC and GK, both featured in Saturday's page, were not recorded with it even though both these readers said they had contacted the regulator and there is no reason to disbelieve them.

I checked out the guidance on the website for reporting such matters to the FSA and found that a number that would not have been relevant after early 2010 was still shown as one to contact. FSA apologises for leaving that number on view, although, as it says, it was on a press release on its website. As a result of my observations it has now been deleted.

It now transpires that last summer, when CC looked for a number to call, he acquired the same out-of-date number and called it. Although no harm will have come from reporting details to that number, clearly no good came out of it in CC's case as the information he gave was not properly registered. The FSA must keep crucial information on its website up to date.

Victims should call the 0845 606 1234 helpline, selecting option 3.

As if all this was not enough, people caught out in this way also need to watch out for "recovery rooms" offering help, as ever at a price, to help recover money for those defrauded by boiler room scams. An FSA spokesperson said: "The people calling are often the same chaps sitting across the office from one another or they may even be the same person who 'sold' the shares.

"Typically they might say, 'I hear you have some shares to sell, send me an administration fee.' Then nothing is heard of them again."

Remember that it is often during holiday times when people may be less on their guard or, as in some of the cases I hear about, when life has hit a low point that in comes a so-called friend to make the sad times sadder.

Then, for all the ready charm and the respectable veneer adopted by such swindlers when they want something, they cannot be talked round to taking a compassionate stance when the victim finds themselves confronted with personal ruin.

Nor, as these stories illustrate, should people put their faith in foreign banks to rescue them from such scams.

Finally, it is a tribute to the characters of the readers writing in about their experiences that they had the courage to do so. Hopefully this will prevent others being caught out in the same way. The FSA estimates that only 10pc of those caught out by such scams report them. "

Monday, April 25, 2011

Bobijou Inc

Beware the following scam email from "Bobijou Inc".

Do not respond to it, or open the attached document. The scam works by tricking the hapless victim into revealing their credit card details when disputing the non existent "order".

"Thank you for ordering from Bobijou Inc.

This message is to inform you that your order has been received and is currently being processed.

Your order reference is 436467.
You will need this in all correspondence.

This receipt is NOT proof of purchase.
We will send a printed invoice by mail to your billing address.

You have chosen to pay by credit card.
Your card will be charged for the amount of 075.00 USD and “Bobijou Inc.” will appear next to the charge on your statement.

You will receive a separate email confirming your order has been despatched.

Your purchase and delivery information appears below in attached file.

Thanks again for shopping at Bobijou Inc
"

Wednesday, April 06, 2011

Marks and Spencer Spam Warning

Following on from my earlier article about the largest data theft in history, it seems that Marks and Spencer have been caught up in that theft as well.

M&S have warned their customers to expect an increase in spam e-mail after hackers stole their details from the marketing firm Epsilon.

Monday, April 04, 2011

Largest Data Theft in History

Be warned the largest data theft (of customer email addresses) in history has occurred.

It affects many well known firms including; Barclaycard, Capital One, JP Morgan Chase, the Marriot International hotel group and the US supermarket chain Kroger.

Customers should be on the look out for spamming and phishing attempts by the thieves, who will pretend to be writing on behalf of the companies from which the data was stolen.