Hampshire Constabulary Cybercrime Updates

Hampshire Constabulary Cybercrime Updates

Please visit this page regularly for updates from the team at Hampshire Police

The first updates are shown below and are dated 16th October 2017 and 3rd August 2017.

16th October 2017

Online Marketplace Fraudsters Alert

Please find here details of a new alert from the National Fraud Intelligence Bureau. This one has recently reared its head and is occurring in sufficient volume to warrant an alert. It is particularly relevant to those who are job hunting – which could be anyone. Please use/disseminate as you feel appropriate.

Summary of fraud:

Online Marketplace Fraudster – The NFIB has identified a fraudulent trend whereby fraudsters are posing as online job agents and are recruiting unsuspecting job seekers, using their bank/personal online accounts in order to transfer fraudulent money into various accounts. Full details of the offence are contained in the attached PDF. Text as below.

How do Online Marketplace Fraudsters Operate and how are they targeting Jobseekers?
Fraudsters typically offer bogus goods for sale online via an online marketplace account set up with fraudulent details. Once a victim has committed to purchasing the goods from the fake account, the fraudster sends a bogus email purporting to be from an established escrow* provider.

After convincing the victim to transfer their money to the escrow for safekeeping, the fraudsters sever all contact and either delete or abandon the fraudulent account.

Action Fraud has received intelligence suggesting that rather than setting up fraudulent accounts, fraudsters are advertising bogus online sales roles on job vacancy websites in the hope of attracting unsuspecting jobseekers. Once a jobseeker has shown interest, the fraudsters tell them they will be selling goods on the company’s behalf; often the goods are cars or machinery but they could be anything. Jobseekers are also instructed that they must use their own personal pre-existing bank accounts and payment methods, as well as their own online marketplace accounts.

The fraudsters usually give a vague excuse as to why a business account or login is not available. Jobseekers are then sent photos and information of the products they will be selling (which do not exist) in order to create an attractive advert to entice the primary victim; the buyer of the goods. Once the victim has transferred their money to a bogus escrow provider, no goods are ever received and all contact is severed.

This leads to a financial loss for the buyer of the goods as nothing is ever received. Likewise, the recruited jobseeker receives none of the promised payment for their work as originally stipulated in the bogus advert.

*Escrow – An escrow is a type of agreement where a third party becomes involved in a financial transaction; an escrow provider will hold a sum whilst the transfer of goods or services is facilitated between two other parties. Upon transfer, the escrow provider will then release the funds as appropriate. Genuine escrow providers can be useful, however fraudsters frequently impersonate them for their own financial gain.

How To Protect Yourself

Buyers
• When making a large purchase such as a new car or machinery, always meet the seller face to face first and ask to see the goods before transferring any money.
• False adverts often offer goods for sale well below market value to entice potential victims; always be cautious.
• Exercise caution when sellers state that they are selling on behalf of a friend, colleague or business.

Jobseekers
• Don’t assume advertised vacancies have been verified by the website or classified advertisement sites upon which they feature. If you suspect a job vacancy to be fraudulent, be sure to notify the website via their reporting/flag functions. Doing so prevents others from becoming victims of fraud and helps organisations and law enforcement tackle and disrupt fraudulent activity.
• Although many legitimate job vacancies are internet based sales roles, those which are vague about the business, product type, sales method or sales platform to be used should be approached with caution. It is always good practice to conduct further enquiries about an advertised role.
• Genuine businesses would never ask you to use your personal bank or online payment accounts to facilitate business transactions, nor would they ask to utilise your personal online marketplace account in order to sell their products. If someone claiming to represent the organisation suggests you do this or asks for your personal details so they can use your account(s) themselves, sever contact.

3rd August 2017

Businesses, organisations and public warned after spate of “Banking Trojan” attacks in Hampshire

Members of the public and business owners are urged to take extra measures to safeguard their online banking systems after more than 1800 ‘Banking Trojan’ attacks were detected in Hampshire in recent months.

The most densely affected areas are Bargate, Southampton, Charles Dickens and Nelson in Portsmouth, and the Sholing and Bitterne areas of Southampton.

Whilst it is not possible for us to identify each of the users of the IP addresses identified as being affected, we urge anyone who does their banking online to take some simple steps to help safeguard their security.

Banking Trojans are malicious software (malware) specifically designed to break into an online bank account and transfer money to other accounts controlled by criminals

How a Banking Trojan works:

After a banking Trojan infects a web browser – through an infected link or attachment or other means - it will lie dormant, waiting for the computer's user to visit his or her online banking website.

Once that happens, the Trojan silently steals the bank-account username and password and sends it to a computer controlled by cybercriminals, sometimes halfway around the world.

The criminals then log into the account and transfer available funds to other accounts at the same bank. But those accounts are registered to "money mules” and within days, or even hours, the money mules withdraw cash from the accounts and wire it overseas via a transfer service.

Many banking Trojans go a step further. They perform what's called a "man-in-the-middle" attack, getting in between the user and the bank and subtly changing what the user's browser displays so that it appears as if a user's transactions are proceeding normally, even while the password and money theft is taking place.

Some of the more advanced banking Trojans don't even need money mules. They can make international transfers directly from a UK bank to one overseas.

Banking Trojans can also display fake warning pages that ask a user to re-enter his login and personal information, conceal the theft of large amounts of money from an account, send real-time transaction information to a cybercriminal instead of to the intended recipient or give users a fake logout page that actually keeps them signed into their accounts.

How To Protect Your Online Banking:
• Do not click on links you receive in unsolicited emails, SMS messages (mobile phones) or social media posts. The links may lead to malicious websites and any attachments could be infected.

• Only install apps from official app stores such as Google’s Play or Apple’s App store. Disabling any of the default security settings on your mobile device may leave it more susceptible to malware;

• When logging on to your online banking account, be extremely vigilant every single time. Be especially cautious if you are asked for details such as the 3 digit (CVV) number on the back of your card, the long number on the front of your card, your card’s expiry date or your 4 digit PIN number. If the online banking login page does as you for these details, do not log in until you have called your bank to verify that you are logging in to a genuine page;

• Your bank will never ask you to transfer money out of your account into another. Fraudsters will. If you receive messages, browser pop-ups or calls asking you to do this – do not respond to them. Call your bank immediately.

For further advice and guidance, please visit:

www.getsafeonline.org
www.actionfraud.police.uk

Hampshire Constabulary’s Cyber Protect team can offer free advice and talks to businesses and organisations. To discuss any issues or request a talk, please email DIIProtect@hampshire.pnn.police.uk

 

Please find attached details of a new alert from the National Fraud Intelligence Bureau. This one has recently reared its head and is occurring in sufficient volume to warrant an alert.  It is particularly relevant to those who are job hunting – which could be anyone.  Please use/disseminate as you feel appropriate.
Local authority colleagues – we would appreciate it if you can circulate this to any job clubs you may run or other organisations that you work with that run groups for job seekers. Thank you.
Summary of fraud:
Online Marketplace Fraudster – The NFIB has identified a fraudulent trend whereby fraudsters are posing as online job agents and are recruiting unsuspecting job seekers, using their bank/personal online accounts in order to transfer fraudulent money into various accounts. Full details of the offence are contained in the attached PDF.  Text as below.
How do Online Marketplace Fraudsters Operate and how are they targeting Jobseekers? Fraudsters typically offer bogus goods for sale online via an online marketplace account set up with fraudulent details. Once a victim has committed to purchasing the goods from the fake account, the fraudster sends a bogus email purporting to be from an established escrow* provider. 
After convincing the victim to transfer their money to the escrow for safekeeping, the fraudsters sever all contact and either delete or abandon the fraudulent account. 
Action Fraud has received intelligence suggesting that rather than setting up fraudulent accounts, fraudsters are advertising bogus online sales roles on job vacancy websites in the hope of attracting unsuspecting jobseekers. Once a jobseeker has shown interest, the fraudsters tell them they will be selling goods on the company’s behalf; often the goods are cars or machinery but they could be anything. Jobseekers are also instructed that they must use their own personal pre-existing bank accounts and payment methods, as well as their own online marketplace accounts. 
The fraudsters usually give a vague excuse as to why a business account or login is not available. Jobseekers are then sent photos and information of the products they will be selling (which do not exist) in order to create an attractive advert to entice the primary victim; the buyer of the goods. Once the victim has transferred their money to a bogus escrow provider, no goods are ever received and all contact is severed. 
This leads to a financial loss for the buyer of the goods as nothing is ever received. Likewise, the recruited jobseeker receives none of the promised payment for their work as originally stipulated in the bogus advert. 
*Escrow – An escrow is a type of agreement where a third party becomes involved in a financial transaction; an escrow provider will hold a sum whilst the transfer of goods or services is facilitated between two other parties. Upon transfer, the escrow provider will then release the funds as appropriate. Genuine escrow providers can be useful, however fraudsters frequently impersonate them for their own financial gain. 

How To Protect Yourself 
Buyers •         When making a large purchase such as a new car or machinery, always meet the seller face to face first and ask to see the goods before transferring any money. •         False adverts often offer goods for sale well below market value to entice potential victims; always be cautious. •         Exercise caution when sellers state that they are selling on behalf of a friend, colleague or business. 
Jobseekers •         Don’t assume advertised vacancies have been verified by the website or classified advertisement sites upon which they feature. If you suspect a job vacancy to be fraudulent, be sure to notify the website via their reporting/flag functions. Doing so prevents others from becoming victims of fraud and helps organisations and law enforcement tackle and disrupt fraudulent activity. •         Although many legitimate job vacancies are internet based sales roles, those which are vague about the business, product type, sales method or sales platform to be used should be approached with caution. It is always good practice to conduct further enquiries about an advertised role. •         Genuine businesses would never ask you to use your personal bank or online payment accounts to facilitate business transactions, nor would they ask to utilise your personal online marketplace account in order to sell their products. If someone claiming to represent the organisation  suggests you do this or asks for your personal details so they can use your account(s) themselves, sever contact.