Featured Article: Scam Calls : A Significant Update

This week, we heard the good news that the big phone networks have agreed to automatically block foreign scam calls, and we heard the bad news that an Ofcom survey has revealed that 45 million people in the UK were targeted by scam text messages or phone calls this summer!

The Challenge

The challenge has been that scammers based overseas have been able to use Voice Over Internet Protocol (VoIP) / internet-based calling technology to make it look as though a phone call or text is coming from a real telephone number. A recent ‘Which?’ survey has shown that in the 12 months to March 2021, phone call and text message fraud in England, Wales and Northern Ireland had risen by 83 per cent from the previous year and Action Fraud data confirmed that was the biggest rise across all types of fraudulent attacks.

Why?

The reasons why there have been such big and sustained increases in (foreign) scam calls and texts include:

– A telephone identification protocol called SS7, which dates back decades, is still part of the landlines and the 2G and 3G parts of mobile phone networks (even with a 5G-enabled handset). Scammers know how to steal the ‘presentation number’ and link this to their own number, thereby giving them the ability to make it look as though calls and texts are from legitimate UK sources. The presentation number is the number that the telephone network is told that a user is calling or texting from and the usage of the SS7 protocol means that the presentation number can’t be checked against the originating number, thereby enabling the fraud to continue.

– Some critics have suggested that telecoms companies don’t appear to be inspecting the traffic they receive from VoIP providers and just let it through onto the networks, thereby making it easier for scammers.

– There is a low barrier to entry for scammers because the prevalence of (and easy access to) enterprise VoIP telephone systems which means that they can easily (and relatively cheaply) build their own systems to spoof mobile numbers.

– The pandemic fuelled a big rise in online ordering which meant more deliveries, which led to fraudsters finding more success impersonating mail and delivery scams and using fake notifications by text and phone. This led the fraudsters to increase their efforts to capitalise on the opportunity.

Types of Attacks Using Foreign Phone & Text Scams

The types of attack that use scam phone calls and texts that incorporate ‘number spoofing’ (using Internet calling technology to make a phone call or text appear as though it is originating from a genuine number) include:

– Vishing. This combination of ‘voice’ and ‘phishing’ and describes the criminal process of using internet telephone service (VoIP) calls to deceive victims into divulging personal and payment data. Vishing scams to homes often use recorded voice messages e.g., claiming to be from banks and government agencies to make victims respond in the first instance.

– Smishing. This is where an attacker sends a text/SMS message purporting to be from a reputable company e.g., the Royal Mail or a parcel delivery company/courier service. The idea is that the recipient (who may be expecting a parcel delivery) is fooled into clicking on the link in the text message and this either send sends the attacker personal information (credit card number or password) or downloads a malicious program/malware to the victim’s phone. The malware can be used for snooping on the user’s smartphone data or sending sensitive data silently to an attacker-controlled server.

The Good News From Ofcom

Following recent reports from the Daily Telegraph (and Ofcom’s own survey findings that 45 million people in the UK received scam text messages or phone calls this summer), the communications regulator has been working with the big telecoms companies to implement technical solutions which could lead to a big reduction in these types of scam messages. Ofcom’s Network and Communications Group Director, Lindsey Fussell, says on the Ofcom website “We’ve been working with telecoms companies to implement technical solutions, including blocking at source, suspicious international calls that are masked by a UK number. We expect these measures to be introduced as a priority, and at pace, to ensure customers are better protected.” 

Although only one network (TalkTalk) has introduced the blocking measures so far, Ofcom says that it expects the new measures to be rolled out by the phone networks as a priority and that others are looking at how to implement it.

Critics

Some critics have already poured cold water on the good news announcement by pointing out that:

– The systemic issue of VoIP providers not checking whether the calls they hand to telecoms networks are actually legitimate needs to be effectively tackled to solve the problem.

– Simply cracking down on “foreign calls” could actually damage legitimate businesses and individual VoIP customers who may still be UK based, even if the traffic appears to be external.

The Bad News – Ofcom Survey Reveals Extent of Scam Calls

As mentioned, an Ofcom survey from September this year revealed that almost 45 million people in the UK were targeted by scam text messages or phone calls over the summer months. A staggering 82 per cent of the 2,000 people surveyed said they had received a suspicious message as a text, recorded message, or live phone call to a landline or mobile. This represents an estimated 44.6 million adults in the UK.

Frequent Texts

The survey showed that most of these scams use text messages (71 per cent said they’d received a suspicious text). Also, the figures revealed that more than four in 10 people (44 per cent) who reported receiving a suspicious text message said it happened at least once a week.

Who?

Those who appear to have been targeted most with the scam calls and messages are:

– Those aged 16-34. Three-quarters of this age group have been targeted.

– 60 per cent of people aged 75 and over reported receiving a potential scam call to their landline.

What To Do?

The advice from Ofcom for those who receive a scam / suspicious text message is:

For Suspicious Texts

– Read any suspicious text carefully and look for any details that don’t seem right.

– Don’t click on any links or give out any personal or bank details.

– Report any suspicious texts to 7726 and make your friends and family aware too. Forwarding the message to 7726 directs the message to the mobile provider. If certain numbers are reported by enough people, these numbers can then be investigated and potentially blocked, thereby helping disrupt or to flush-out fraudsters and prevent more people being exposed to scam attempts.

The Ofcom survey showed that more than half of people who received a suspicious text either deleted the message (53 per cent) or blocked the number (52 per cent). These are, of course, other options but reporting the text can help to get the scam stopped.

For Suspicious Phone Calls

– Do not give out any personal or bank details.

– Hang up and then call the company they claim to be from to check if it is a scam. Use a trusted source (e.g. their official website) as the phone number.

– Report scam calls to Action Fraud (for England, Wales, and Northern Ireland) and make your family aware too. In Scotland, scam calls can be reported to Police Scotland via 101.

In the Ofcom research, almost half (49 per cent) of those who received a suspicious live voice call, and more than four in ten (44 per cent) who received a suspicious recorded message, blocked the number.

What Does This Mean For Your Business?

Scam calls and texts are not just disruptive and costly but are a way in for cyber-criminals and the results of cyber attacks can be devastating to businesses and threaten their very existence. The ability of cyber-criminals to use internet calling technology, seemingly at will, to launch attacks is a loophole that has been open far too long. Some responsibility appears to lie with VoIP providers who may not be checking the calls they hand over, but this action by Ofcom (and hopefully, more big communications companies than just TalkTalk) looks as though it has the potential to dramatically reduce the threat posed by scam calls and texts. The danger is that cracking down too hard on “foreign calls” could actually damage legitimate businesses that may be UK-based; care needs to be taken in implementation. Many UK businesses will benefit from not having to deal with all-too-frequent scam calls, any one of which could prove highly dangerous.

Tech News : There’s Gold In Them Thar Phones

The Royal Mint has signed an agreement with Canadian start-up Excir to recover gold and other precious metals from old smartphone and laptop circuit boards.

Precious Waste Mountain

A recent assessment by the waste electrical and electronic equipment (WEEE) forum has concluded that this year’s worldwide mountain of waste electronic and electrical equipment will total an estimated 57.4 million tonnes – greater than the weight of the Great Wall of China, Earth’s heaviest artificial object. Also, an estimated 151 million or more phones a year, approximately 416,000 a day, are simply incinerated or landfilled, and that 40 per cent of heavy metals in US landfills come from discarded electronics.

More Than Ore

According to Dr Ruediger Kuehr, director of the UN’s Sustainable Cycles (SCYCLE) programme, “A tonne of discarded mobile phones is richer in gold than a tonne of gold ore.”

Dr Kuehr also claims that one million mobile phones contain “24 kg of gold, 16,000 kg of copper, 350 kg of silver, and 14 kg of palladium”.

Plans To Extract Gold At Plant In Wales

Through its agreement with Excir, The Royal Mint intends to build a plant in Wales that could reclaim hundreds of kilograms of gold and other precious metals from electronic waste such as mobile phones and laptops.

Excir has developed chemical solutions that can extract the metals from the circuit boards. Sean Millard, the Mint’s chief growth officer says that Excir can “selectively pull out precious metals with a high degree of purity,” and that although the mint currently uses the process at small scale, a new plant “would look to process hundreds of tonnes of e-waste per annum, generating hundreds of kilograms of precious metals”.

Value Vs Cost?

A kilogram of gold is worth around $55,000 at current prices so, although extracting the gold from old circuit boards sounds potentially profitable (and better for the planet). It is not yet clear, however, how much the new extraction plant and its operation would cost.

Reasons For The Electronic Waste Mountain

Some of the reasons why there has been a growth in the consumption of electronics include:

– Smaller periods between new product releases.

– Limited options for repairing broken items and lack of the ‘right to repair.’

– Fast device development e.g., mobile phones, leading to a market dependency on rapid replacement of older devices.

What Does This Mean For Your Business?

As identified by the Royal Mint and Excir, recovering, recycling, and returning precious metals to the production cycle not only provides a good business opportunity but also new supplies don’t need to be mined, thereby helping the environment.

Tackling the growing e-waste crisis, however, will take a number of different measures over time, globally. Getting to a situation where there is the creation of a circular economy for electronic goods where waste is minimised, the most is made of resources, the environment and health are protected, and businesses and developing economies can still meet their demand, will take a wide variety of actions. These include legislation and having a more digital and connected world to help accelerate progress towards sustainable development goals, thereby helping emerging economies, and ensuring that less precious minerals, metals, and resources are dumped into landfill. Also, an approach that could dematerialise the electronics industry (e.g., through ‘device-as-a-service’ business models), better product tracking and take-back schemes, and entrepreneurs, investors, academics, business leaders and lawmakers working together could help make the circular economy work. Increasing the ‘right to repair’ in electronic products is another way to help tackle the crisis and help the environment going forward.

Tech News : Insiders Testing Android Apps On Windows 11

Microsoft has announced that the first preview of Android apps on Windows 11 is now available, albeit currently for Windows Insiders in the Beta Channel in the U.S. Others to follow.

50 Apps To Try

Microsoft says that it has partnered with Amazon and popular app developers to curate 50 apps for those on the Windows Insiders program to test and validate across a broad set of hardware. 

The apps that Windows Insiders are now allowed to try out include:

– Popular mobile games like Lords Mobile, June’s Journey, Coin Master, and more.

– Books with Kindle, or a digital comic series with Comics e.g., to swipe through on a tablet.

– Kids content such as maths, reading, and writing skills guides plus award-winning Khan Academy Kids, and Lego Duplo World.

Not Available on Windows Before

Windows 11 is the first version to allow users to use the Microsoft Store to download mobile apps that were not available on Windows before. Microsoft says that “Running Android apps and games on Windows 11 will feel familiar, effortless, and integrated.”

New Component – Windows Subsystem

The Android apps can operate in Windows because of a new component on top of Windows 11 called Windows Subsystem for Android™, which powers the Amazon Appstore and its catalogue. The Subsystem includes the Linux kernel and the Android OS based on the Android Open Source Project (AOSP) version 11. The subsystem comes from the Microsoft Store as part of the Amazon Appstore install. Microsoft says that more support for more APIs, capabilities, and scenarios will be added over time.

Still Testing

Although it’s an exciting prospect to be able to run Android apps on Windows 11, it’s important to remember that things are still very much at the testing stage (just for ‘insiders’). Those who want to see the preview in the Dev channel will need to have a Windows 11 PC (that meets the spec) set to the US region, in the Beta Channel, plus a US-based Amazon account in order to access the Amazon Appstore.

Possible To Sideload Apps

Some tech commentators have, however, pointed out that it is possible to sideload Android apps (e.g., using the Android Debug Bridge/ADB), so those who feel confident doing so don’t need to be limited to the selection of apps on the Amazon Appstore.

What Does This Mean For Your Business?

Microsoft is aiming for some big value-adding changes with Windows. Its partnership with Amazon and some big app developers to allow Android apps in Windows 11, therefore, should be quite appealing to users, and could create opportunities for more app developers. It also shows how there is a move towards merging of mobile and laptop devices, thereby making things more consistent for a generation that’s used to simply doing most things on their mobile. Allowing apps in Windows 11 looks likely to be well received by both home and business users and provides another way for Microsoft to compete with Apple. Many reviewers, for example, have already noted the Mac-like interface to the Windows 11 OS. Although the new feature has been announced with much fanfare, it is still in the testing stage and many businesses are still some way off from upgrading to Windows 11 anyway.

Tech Insight : What Is A Digital Twin?

In this insight, we look at what a digital twin is, what the benefits of using one are, and which industries commonly use digital twins.

What Is It?

A digital twin is an accurate virtual model of a physical object that uses data gathered from sensors on the physical object to run simulations, study performance issues and generate possible improvements. The improvements discovered during testing of the virtual version of the object can then be made to the physical object.

Dates Back To 1960s NASA

The first use of digital twin technology dates back to NASA’s use of exact earthbound replicas of voyaging spacecraft being used for study and simulation purposes by flight crews. Fast forward a few decades and Dr Michael Grieves of the University of Michigan introduced the digital twin software concept to manufacturing in 2002.

Why Use A Digital Twin?

The reasons for using a digital twin include:

– The scale and complexity of the real object and the need to safely carry out tests without damage, disruption, and costs of having to remove/replace, get close to the object.

– Some objects may be critical to processes and/or worth enough to invest financial resources in to create a digital twin to ensure the best possible performance and add value.

– Digital twins can be used to study more issues from far more vantage points than standard simulations and have greater potential to improve products and processes.

Types of Digital Twins

Different types of digital twins include:

– Component twins/parts twins. These are used for smaller, individual component parts.

– Asset twins. These are used to study how the interaction between two or more components (known as ‘asset’) could be improved.

– System/unit twins. These are used to help improve performance by studying how assets work together in a system.

– Process twins. This is larger-scale digital twin, used to improve the effectiveness of whole systems such as an entire production facility.

Which Industries Use Digital Twins?

Examples of industries that typically use digital twins include:

– Construction (and engineering) – e.g., for buildings, bridges, and other complex structures.

– The Aerospace and automotive industries – e.g., creating digital twins for parts of turbines, automobiles, and aircraft. Also, the use of digital twins may be vital to improving the performance and safety of EV batteries, thereby helping to push the EV market forward.

– Manufacturing – to help improve efficiency, competitiveness, design customisation, predictive maintenance, shop floor matters and product development.

– Energy/power – e.g., using digital twins to help improve mechanisms for generating power and transmitting it.

– Healthcare – e.g., to improve personalised care.

– Supply chain – e.g., Optimizing warehouse design and operational performance and creating a logistics network.

– Retail – e.g., customer modelling and simulations.

The Benefits of Digital Twins

The benefits of digital twins include:

– Saving costs, time, and generating competitive advantage in production by enabling more effective research and design of products, thanks to the large amount of data that can be created about performance outcomes.

– Enabling streamlining and peak efficiency to be maintained due to being able to constantly monitor and test the digital twin.

– Better product decision-making by helping manufacturers to decide what should happen to products at the end of their lifecycle – i.e., matters relating to final processing, recycling, and choosing which product materials to be harvested.

Challenges To Digital Twin Technology

Some of the main challenges to digital twin technology include:

– Possible security issues – i.e., potential theft/compromising of the large amounts of data generated and flowing between multiple devices.

– Management of sometimes complex system of design data for digital twins perhaps amongst partners and suppliers.

– The cost and complexity may be an issue for smaller companies, thereby possibly putting them at a disadvantage to larger competitors.

What Does This Mean For Your Business?

Digital twin technology provides a way for businesses and organisations to gain new insights into their products, processes and systems that can drive improvements in efficiency and help to create value and innovation. Having a virtual copy that works on data from the real object offers more vantage points than standard simulations and gives businesses the opportunity to gain a much better understanding of products and systems while saving them time and money.

Tech Tip – How To Delete Old Emails In Gmail Automatically

If your Gmail account has filled up with old emails that look like they may take some time to delete, here’s how to quickly set up a filter to delete them automatically.

– Open Gmail, click on the ‘Settings’ (top right), and select ‘See all settings.’

– Select ‘Filters and Blocked Addresses,’ and ‘Create a new filter.’

– In the pop-up box, type older_than:X on the “has the words” field. X is the timeframe for deleting old messages, d is days, w is for weeks, m is for months, and y is for years. For example, to set the time frame to be four years, change the X to 4y.

– Select ‘Create filter’ and select ‘OK.’

– Check the box next to the ‘Delete it’ option and ‘Also apply filter to.’

– Select ‘Create filter.’

– Emails older than the date you specified will now be automatically deleted.

Tech Insight : Apple : What is ‘Sideloading?

In Apple’s new “Building a Trusted Ecosystem for Millions of Apps” white paper, it describes the threat posed by ‘sideloading’ on its App Stores. Here’s what you need to know. 

Sideloading

Sideloading normally refers to transferring a file between two local devices without the use of the internet e.g., by connecting your computer to a smartphone or tablet. The threat that Apple is referring to, however, is the sideloading of apps and alternative app stores on iOS – thus allowing developers to distribute apps outside of the App Store, through direct downloads or third-party app stores / the ability to install iPhone smartphone that does not come directly from the Apple-controlled iOS App Store.

Pressure

Apple is currently facing pressure from regulators and some developers to support sideloading. Also, Apple does not currently allow third-party app stores to be downloaded from its own App Store and is under investigation in the EU, UK, and US over its App Store policies, awaiting the outcome of a legal battle with Epic Games relating to allegedly unfair terms set by Apple.

Arguments For Sideloading

Some of the arguments for allowing sideloading are that:

– It’s a way to tackle a monopoly (e.g., Apple’s) and give developers more freedom, improve competition, plus it could help developers to implement alternative business models and make the platform even more attractive.

– It gives users greater choice and perhaps pay lower prices for some apps.

– Apple may not be able to guarantee absolute security of the apps in its official store anyway.

Arguments Against Allowing Sideloading

Some of main arguments that Apple has given against allowing sideloading are:

– It would cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks, such as mobile malware (i.e., adware, ransomware, spyware) plus banking and other credential-stealing trojans that masquerade as legitimate apps.

– Developers and advertisers could be harmed by the mobile malware attacks that allowing sideloading would enable (e.g., through piracy, intellectual property theft, and loss of advertising revenue).

– Developers could be harmed by the proliferation of fake, copycat, and pirated apps.

– Even if sideloading were limited to third-party app stores only, more harmful apps could reach users because it would be easier for cybercriminals to target them.

– Users would have less information about apps up-front, with less control over apps after they download them onto their devices

– Being made to remove protections against third-party access to proprietary hardware elements and non-public operating system functions could undermine core components of Apple’s platform security that protect the operating system and iPhone data and services, thereby making it easier for cybercriminals to spy on users’ devices and steal their data.

– Users could be forced to sideload an app they need, or duped into sideloading e.g., by mimicking the appearance of the App Store, or by suggesting free or expanded access to services or exclusive features.

– Apple has spent a long time investing in (and creating) industry-leading security protections for its iPhone App Store.

– According to Apple, most threats are predominantly present on platforms that support sideloading.

– Malware-infected mobile apps put all stakeholders in the mobile ecosystem at risk.

– Governments and international agencies worldwide along with cybersecurity experts warn against the risks posed by downloading apps from third-party app stores:

– For the full list (and explanation) of Apple’s objections to the idea of having to support sideloading, see Apple’s white paper (pdf) here: https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf

Others Allow It

Google’s Android already allows apps to be installed that don’t come directly from its official store, as do computing platforms. Also, Apple’s MacBooks and Microsoft Windows-powered laptops and desktops have allowed it.

What Does This Mean For Your Business?

The pressure on Apple to allow sideloading relates essentially to antitrust /anti-competition arguments. Some developers and others are objecting to what they see as Apple’s anti-competitive rules and Apple’s controversial app review process, and some developers have consequently dismissed many of the arguments that Apple presented in its recent white paper. Few would argue that Apple does have a generally good reputation over the security of its products and services, and individual and business users would clearly see the value in decisions made by Apple that would help protect the privacy and security of their data, but users also want choice, and app developers want more freedom. One threat on the horizon for Apple on this matter is that new EU regulation of digital markets could possibly force Apple to enable sideloading.

The facts remain, however, that competitors allow it, although this can, as Apple argues, sometimes lead to issues. For example, in 2019, a Security researcher discovered that 24 apps available for download in the Google Play Store contained contain ‘Joker’ malware.

Whether or not Apple does eventually allow sideloading, most of us (particularly Android users) are already aware of the fact that we need to be cautious when choosing apps to download. To minimise the risk of falling victim to damage caused by fake or malicious apps, users can check the publisher of an app, check which permissions the app requests when you install it, delete apps from your phone that you no longer use, and contact your phone’s service provider or visit the high street store if you think you’ve downloaded a malicious/suspect app.

Tech New : LinkedIn Shuts Down In China Over Censorship Row

Microsoft’s LinkedIn will be replaced with a “no social feed” version in China after criticism from the US that it has been complicit in the censorship of posts and profiles from Western journalists.

Accusations From Home

The accusations that LinkedIn appeared to be appeasing and complicit with the Chinese Communist Party and its censorship rules can be traced back to June. After Bing showed no results for a search for the key phrase “Tank Man” on the anniversary of the Tiananmen Square massacre, and censorship notifications were sent to journalists, Republican Senator (Florida) Rick Scott suggested that Microsoft was actively censoring American journalists on behalf of the Chinese Communist Party.

Also, LinkedIn has blacklisted the accounts of several journalists, one of whom had previously written a book about China’s treatment of Tibetan refugees.

Since 2014

Microsoft launched a “localised version” of LinkedIn in China back in 2014 with the hope of getting into the vast Chinese market, which, at the time was the second-largest and one of the most important economies in the world. LinkedIn aimed to link what equated to one in five of the world’s knowledge workers with the rest of LinkedIn’s 277 million members in over 200 countries and territories, thereby enabling Microsoft to take a huge competitive leap forward.

Challenging Operating Environment

The recent accusations from the US, however, coupled with an admission by LinkedIn senior vice-president Mohak Shroff that “We’re facing a significantly more challenging operating environment and greater compliance requirements in China” have forced a change for LinkedIn. In a blog post, Mr Shroff also alluded to the hurdles of censorship and compliance with Chinese Communist Party Rules, saying “While we’ve found success in helping Chinese members find jobs and economic opportunity, we have not found that same level of success in the more social aspects of sharing and staying informed. We’re also facing a significantly more challenging operating environment and greater compliance requirements in China.“

LinkedIn To Be Replaced With ‘InJobs’

The replacement for the failed, localised version of LinkedIn is due to be launched later in the year. LinkedIn says that ‘InJobs’ will be a “standalone jobs application for China” that will not include a social feed or the ability to share posts or articles.

Was Censorship A Requirement From The Beginning?

When LinkedIn launched in China back in 2014, it said “As a condition for operating in the country, the government of China imposes censorship requirements on Internet platforms” and that “extending our service in China raises difficult questions”.

Punished In March

LinkedIn had its new user registration suspended back in March by the Chinese regulator, allegedly for failing to censor political content.

Other big (US based) tech companies have also encountered serious setbacks and criticism when trying to break into the Chinese market. For example, Google faced criticism after announcing that it has been developing a censored version of its search engine to run inside China.

What Does This Mean For Your Business?

Recent years have seen poor political and diplomatic relations between the west and China, particularly with the US restrictions on doing business with Chinese companies introduced during the Trump presidency. This has had an impact on many businesses who trade with China, and the big tech companies are finding that in order to get a piece of the vast Chinese market, they must face difficult challenges and compromises. These include pressures not to deal with a regime that has been accused of human rights abuses, the tightening grip of Chinese government and regulator rules, competition with favoured Chinese companies, challenges posed by the country’s heavily controlled internet, and perhaps being forced to censor their own platforms according to local rules in order to stay in operation within the country. For example, as well as recent accusations that LinkedIn censored journalists, Amazon’s Audible service and Apple’s China-based store have both had to remove apps in mainland China for reading the holy books of Islam and Christianity which has, of course impacted on the makers of the apps as well as generating potentially awkward publicity for Amazon and Apple. For Microsoft, however, the solution to remaining operational in China, staying on-side with authorities has simply been to chop off the worries that the social platform could cause and stay with a re-named, more government-friendly service. Clearly, while the Chinese government maintains a strong grip on the Internet and other platforms that could present conflicting views, and while relations with China and the west remain relatively poor, this is unlikely to be the last difficult decision that a big tech company will have to make about the way forward (or not) for its future in China.

Tech News : 30 Countries Pledge To Act On Ransomware

The international Counter-Ransomware members from 30 countries have issued a joint statement outlining their intent to take action to counter the growing threat posed by ransomware.

What Is Ransomware?

Ransomware is a form of malware that encrypts the important files on a computer and the user (often a business/organisation) is given a ransom demand, the payment of which should mean that the encrypted files can be released. In reality, some types of ransomware delete many important files anyway and paying the ransom does not guarantee that access to files will be returned to normal. Ransomware is primarily a profit-seeking crime which also commonly leverages money laundering networks to move ransomware proceeds.

How Big Is The Problem?

A recent White House fact sheet stated that “the global economic losses from ransomware are significant. Ransomware payments reached over $400 million globally in 2020, and topped $81 million in the first quarter of 2021, illustrating the financially driven nature of these activities.”

In March, The Palo Alto Networks, Unit 42 Ransomware Threat Report showed that the average ransom paid by a victim organisation in Europe, the US and Canada trebled from $115,123 (£83,211) in 2019 to $312,493 (£225,871) in 2020. The report showed that over the same period, the highest value ransom paid doubled from $5m (£3.6m) to $10m (£7.2m), and the highest extortion demand grew from $15m (£10.8m) to $30m (£22m).

Meeting

At the meeting of the Ministers and Representatives from the Counter Ransomware Initiative (held on October 13 and 14), it was recognised that the threat of ransomware is complex and global in nature and requires a shared response and will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.

Action

The joint statement outlines the following actions to be taken and to efforts to be made to tackle the ransomware threat:

– Improving network resilience to prevent incidents when possible and respond effectively when incidents do occur. This will involve the sharing of lessons learned and best practices for development of policies to address ransom payments and engaging with private sector entities to promote incident information sharing and to explore other opportunities for collective buy-down of risk.

– Addressing the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable. This will involve using the national anti-money laundering (AML) frameworks to identify and mitigate risks associated with VASPs and related activities, and enhance the capacity of national authorities (regulators, financial intelligence units, and law enforcement) to take action.

– Disrupting the ransomware ecosystem via law enforcement collaboration to investigate and prosecute ransomware actors, addressing safe havens for ransomware criminals, and continued diplomatic engagement. This will involve cooperation between different stakeholders and international partners in the exchange of information.

– Using diplomacy to promote rules-based behaviour and encourage reasonable steps to be taken to address ransomware operations emanating from a particular territory.

What Does This Mean For Your Business?

Attempts to exploit the vulnerabilities created by remote working in the pandemic, businesses not having effective data backup procedures in place, the costs of downtime perceived as being greater than the cost of paying the ransom, low technical barriers to entry and a high affiliate earning potential, plus the growth of ransomware-as-a-service (RaaS) have fuelled a huge rise in ransomware attacks. Ransomware poses a big risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity, and a bigger effort to tackle the threat is long overdue. The promising aspect of the joint statement by the Ministers and Representatives from the Counter Ransomware Initiative is that they have recognised the need for collaboration and help between multiple governments, agencies and organisations and using multiple means to make a real impression on the problem. Individual businesses can play their own part in protecting themselves through basic security measures. These include keeping antivirus software and Operating Systems up to date and patched (and re-starting the computer at least once per week), using a modern and secure browser, using detection and recovery software (e.g. Microsoft 365 protection and Windows Security), and storing files on cloud services e.g. OneDrive/Google Drive, IDrive, or whatever work-based cloud file storage systems employees are required to use, and having an effective, workable backup in place. Since ransomware relies upon human error to spread, staff should be educated about how to spot and deal with potential ransomware risks e.g., suspicious emails, Organisations should also realise that prevention is better and cheaper than cure and paying a ransom will not guarantee the return of vital files and system control, and that many files are deleted anyway by the attackers.

Featured Article : How To Tell If You’re Being Spoofed

Many cybers attacks now take the form of using fake/spoof communication to trick victims into parting with personal (or company) data, or money. We take a look at some of the most popular and widely reported methods and how to avoid falling victim to them.

Phishing

This is a very common form of spoofing attack. Cyber-criminals send their victims emails which appear to be from legitimate organisations or contacts (or in some cases use fake SMS containing links or voicemails). When the victim clicks on the link of the phishing email, they are either directed to a spoof website payment page to steal their details or money, or have malicious software loaded onto their device to allow cybercriminals to take control of that device, log keystrokes, gain access to personal information and financial data (for financial theft and identity theft), or simply direct the victim to a payment page.

How To Spot Phishing Emails

There are several ways to spot phishing emails. Examples of these in which you can identify a phishing email include:

– Online requests for personal and financial information (e.g. from government agencies) are very unlikely to be sent by email from legitimate sources.

– Generic greetings. Scammers are less likely to use your name to personalise the email greeting and title.

– Mistakes in spelling and grammar can be signs of scam emails.

– Check the email address by hovering your mouse (without clicking) over the link in the email. This can quickly reveal if the email isn’t genuine.

– Beware of heavy emotional appeals that urge you to act immediately. These are signs of scam emails that hope to bypass your reasoning and tap into an emotional response.

Vishing Scams

Vishing is a combination of ‘voice’ and ‘phishing’ and describes the criminal process of using internet telephone service (VoIP) calls to deceive victims into divulging personal and payment data. 

Vishing scams to (domestic) homes often use recorded voice messages (e.g., claiming to be from banks and government agencies) to make victims respond in the first instance.

The technology used by scammers is now such that voice simulation may even be used in more sophisticated attacks on big businesses. 

Examples of vishing include spoof calls pertaining to be from banks or credit card companies with messages asking the victim to call a certain number to reset their password, exaggerated (almost too good to be true) investment opportunities, bogus charitable requests for urgent causes and recent disasters, calls claiming to be from government agencies (e.g. the tax office), or bogus tech support calls to fix fake problems with computers.

How To Guard Against Vishing

Ways to protect you and your business from falling victim to vishing include:

– Don’t trust caller ID to be 100 per cent accurate, numbers can be faked.

– Don’t answer phone calls to unknown numbers.

– Be wary of unsolicited alleged calls from banks, credit card companies or government agencies.

– Include phishing, vishing, smishing and other variants with your security awareness training for employees.

– Avoid using a gift card or a wire/direct money transfer.

– Don’t give in to pressure.

SMS Spoofing

SMS spoofing involves changing who an SMS message appears to come from by replacing the originating mobile number (Sender ID) with alphanumeric text. Examples of this ploy include impersonating a user that has roamed onto a foreign network and is submitting messages to the home network , or impersonating a bank and including a phishing message that tricks users into clicking on a link.

How To Guard Against Spoof SMS Messages

Some key things to remember to avoid falling victim to spoof SMS messages include:

– Be very sceptical of ‘too good to be true’ offers and remember that organisations such as your bank are extremely unlikely to text you and will never ask for personal details this way.

– Avoid clicking on links in SMS messages. If you receive texts that you have any suspicion about and have questions, go to the website, call (using the number from the official website) or email instead.

– Don’t share your mobile number unless it’s really necessary.

– Beware of SMS messages about verification codes, password resets, or anything that’s asking for personal information.

– Report any SMS spoofing attempts to Action Fraud.

Smishing

Smishing is where an attacker sends a text/SMS message purporting to be from a reputable company, in this case, the Royal Mail or a parcel delivery company/courier service. The idea is that the recipient (who may be expecting a parcel delivery) is fooled into clicking on the link in the text message and this either send sends the attacker personal information (credit card number or password) or downloads a malicious program/malware to the victim’s phone. The malware can be used for snooping on the user’s smartphone data or sending sensitive data (silently) to an attacker-controlled server.

Parcel delivery scams account for more than half of all reported text phishing, or ‘smishing’ attacks in the UK. For example, new data shows that from 15 April to 14 July 2021, 53.2 per cent of reported scam text messages were from attackers posing as postal delivery firms. Also, from 14 June and 14 July, parcel and package delivery scams accounted for 67.4 per cent of all smishing attempts.

How To Protect Yourself Against Smishing Attacks

Ways that you can protect yourself and your business from smishing include.

– (Again) remember that financial institutions never send text messages asking for credentials or transfer of money and credit card numbers, ATM PINs, or banking information should never be sent to someone in text messages.

– Beware of (scam) messages offering fast money (e.g., from winning prizes or collecting cash after entering information).

– A message received from a number with only a few digits is a sign that it probably came from an email address, which is a common sign of spam/scams.

– Avoid storing any banking details on a mobile device (in case of malware).

– Be wary of any delivery-related text messages other than the standard day/time of delivery messages.

– If you receive a smishing text, to protect other users, send the message to your telecom’s number so that it can be investigated. Also, report such messages to Action Fraud (https://www.actionfraud.police.uk/).

Deepfake Videos and Audio

Deepfake videos use deep learning technology and manipulated images of target individuals (found online), often celebrities, politicians, and other well-known people to create an embarrassing or scandalous video e.g., pornography, violent behaviour, or of the victim saying something they would not normally say but could be very damaging to their reputation if believed. The AI aspect of the technology makes the spoof videos very convincing. Deepfake videos are used by criminals to cause damage the reputations of victims and/or to extract ransoms from their target victims.

Deepfake Audio

Deepfake ‘ransomware’ can also involve using AI to manipulate audio in order to create a damaging or embarrassing recording of someone, or to mimic someone for fraud or extortion purposes. For example, in March 2019, a group of hackers were able to use AI software to mimic (create a deep fake) of an energy company CEO’s voice in order to successfully steal £201,000.

Other Spoofing Attacks & Scams

Some other popular spoofing attacks and methods include:

Man-in-the-Middle Attacks

If cyber-criminals are able to gain access to a person’s communications accounts e.g., your email (perhaps using stolen credentials, spyware, malware), they can intercept web traffic between two parties and the communication between the parties to re-route funds or solicit sensitive personal information like credit card numbers or logins.

Extension spoofing

This is where cybercriminals disguise executable malware files to make victims feel as though they can safely click on them (e.g. if received in an email). For example, a .exe file, which would normally be a security red flag, can be made to appear as a .txt (Notepad) file.

Checking If Your Details Have Been Stolen

Some attacks happen because a user’s personal data has been stolen in other attacks and/or traded online. One way to check whether your details have been stolen is to visit https://haveibeenpwned.com/.

What Does This Mean For Your Business?

The message here is that today’s cybercriminals would much rather rely upon human error and spoof scams than go to the time and trouble of trying to hack into secure systems. Human error can be relied upon to be ever-present to a degree, which is why spoofing is so effective. It appears that almost anything can now be faked, and it is up to businesses not just to take the necessary cyber protection measures (anti-virus, 2FA etc) but to educate staff in what spoofing scams they may encounter, how to spot them, and to have policies and procedures in place for dealing with and checking certain types of approaches, messages, and enquiries. It is important that all staff are particularly aware of email threats and can exercise a healthy degree of scepticism and judgement. New staff, staff in new roles, temporary staff, or staff with a known aversion to IT may be particularly vulnerable to these attacks and should receive extra attention in terms of cyber security education and training.

Tech Tip – How To Turn On WhatsApp Encrypted Backups

Facebook has just enabled encrypted backups for WhatsApp messages to Google Drive or Apple’s iCloud. The feature, however, is not enabled by default so, if you’d like to backup your important WhatsApp messages, here’s how to turn the feature on:

– In the latest version of WhatsApp, go to ‘Settings’.

– Tap on ‘Chats’ > ‘Chat Backup’ > ‘End-to-end Encrypted Backup’.

– Tap on ‘Continue’ and follow the prompts to create your password or 64-digit encryption key.

– Tap ‘Done’.