Question From eBay Member - Email Virus Malware

One of the latest virus/malware attacks is an email that purports to be a question from an eBay member. Crucially the email is not shown as being from eBay but is spoofed as being a different sender - the ones I've seen are from wincanton.co.uk and meterreading@britishgas. The message says:

Hello Your ad is posted twice . Which is the right price ?Is this your product? 

The link below the question appears to be eBay but if you hover over (don't click!) then you'll see that the URL isn't the same as the link text. The link is to a compromised site so that when you click your PC will be infected with malware that can steal bank details or be controlled remotely.

This was quite an effective attack as I do currently have eBay listings running at the moment but fortunately the email came in on an account that isn't linked to eBay and all eBay emails come from them not the third party who has the question.

Company Investigations Inquiry Notice Email Scam

Latest scam/virus email from Investigations Enforcement services mail@localmail.com which is probably a spoofed email address. If you're asking if an titled Company Investigations Inquiry Notice is real or fake then we can confirm it is a fake, scam email. As usual the advice is to just delete the email, it is a scam to get you to click on the link which will download infected software to your PC.




Company Investigations Inquiry Notice Email Scam

Email details below:

Company Investigations Inquiry Notice

We have received a complaint about your company which suggests corporate misconduct.

This may involve:

• Causing significant harm to customers, suppliers, etc.
• Breaking the law, e.g. double-dealing
• Serious misbehavior, e.g. company assets have not been used properly
• Having a notable impropriety in its affairs.

As part of this procedure we have made our own background fieldwork and if it happens to be in the public interest, we can apply to the court to wind up the company and stop it trading.

Your Inquiry Number: 33IFMP344

Also if the conduct of the director(s) who run the company is questionable enough, we can commence proceedings to disqualify them from managing a limited company for a period up to 15 years.

The investigation may give us details that we can pass to another regulatory body that has more appropriate powers to deal with any concerns the investigation uncovers.

Notice of Intended Prosecution (NIP) Speeding Ticket by Email Fake or Real?

If you have received a Notice of Intended Prosecution (NIP) Speeding Ticket by Email and are wondering if it is fake or real then think about these points.

 

In the UK Police do not send speeding tickets (Notice of Intended Prosecution (NIP)) by email. The notice has to be sent by post within 14 days to the registered keeper, there is no option to email.

 

• Does the email claiming to be a Notice of Intended Prosecution (NIP) show the vehicle registration?
• Does the email claiming to be a Notice of Intended Prosecution (NIP) show the Registered Keeper Name?

The answer to both these questions is likely to be no as the emails are sent at random and the spammers have no idea who they have been sent to.


A Notice of Intended Prosecution has to be linked to a vehicle and a Registered Keeper so these emails can be deleted as spam.


If you have clicked the link on the email then I'd recommend using a virus scanner on your PC as you are likely to have infected your machine with a virus or Trojan.

 

 

Fake Notice of Intended Prosecution (NIP) Email

 

Manchester Police Speeding NIP Email Scam Virus - Notice of Intended Prosecution

The latest email virus scam/spam purports to be from Greater Manchester Police and to be a speeding ticket titled Notice of Intended Prosecution - M24181 There is a link in the email to view the photo which will be a virus that infects your machine if you click the link. Opening the email itself should not harm your machine but you should delete the email. Remember: UK Police DO NOT send speeding tickets known as Notice of Intended Prosecution (NIP) by email. The email also has no vehicle details included despite claiming to have detailed information about the location of the alleged offence. =============================================================== Notice of Intended Prosecution (NIP) Information Greater Manchester Police In accordance with Section 1 of the Road Traffic Offenders Act 1988. we hereby inform you that it is mandatory to take proceedings against the driver of motor vehicle. Details of the Violation ·         Time & Date: at 18:56 on 30/11/2016 ·         Fixed Speed Camera UIN: 1WJT2 ·         Location: A560 Hyde Road, near Wyecroft Close, Stockport ·         Violation: EXCEED 25 MPH SPEED LIMIT ·         Vehicle Speed: 85 We have photographic data that the driver of motor vehicle failed to comply with a speed limit at the date, time and location. You have been announced as driver of the vehicle at the time of the supposed offence and have a legal obligation to comply with the provisions of the notice.

Check The Photographic Proof

Whether you agree with the NIP or not you have to fill out the section 172 notice declaring who was driving the car at the time of the offence within 28 days. The NIP with the section 172 notice were sent to your mailing address Time & Date: at 19:17 on 30/11/2016 Speeding Device ID: 6QDI5 Location: A664 Rochdale Road, near Queens Park (inbound), Manchester Offence: EXCEED 25 MPH SPEED LIMIT Vehicle Speed: 80 .

Oracle Apex Admin Password Locked - How to Unlock/Reset Apex User Account

If you get the message that your Oracle Apex account is locked because the password has been entered incorrectly then you have a number of ways to unlock and reset the account password.



Oracle Apex admin account locked

If you know the email address that was registered to the Apex workspace then you can click the link below the Sign In button.


How to Unlock/Reset Apex User Account

Unfortunately this option doesn't always work and might not be relevant if you know the password for the account and just need to remove the "locked" flag against the account.

If you have access to the underlying tables as SYS or other suitable Oracle user then find the appropriate Apex schema (APEX_050000 for Apex 5) and look for table WWV_FLOW_FND_USER.

Oracle apex WWV_FLOW_FND_USER reset account

If you use a tool such as TOAD or SQL Developer then you can navigate to the columns ACCOUNT_LOCKED, FAILED_ACCESS_ATTEMPTS and update the values so that the account is no longer locked and can be used for normal login.

Set the value in these columns:

ACCOUNT_LOCKED  to N
FAILED_ACCESS_ATTEMPTS to 0 (zero).

ACCOUNT_LOCKED, FAILED_ACCESS_ATTEMPTS

As long as you know the correct password for the workspace you will then be able to login as normal to the Apex admin screens.



Met Police Crime Prevention Advice - Scam Phishing Email

Beware of new email titled Crime Prevention Advice which contains a malware attachment that will infect your PC with a key logger

Received from the fake email address crime@content.met.police.uk and containing the subject line ‘Crime Prevention Advice’, the email asks readers to open the attached file to learn more.


Intelligence suggests that if the attachment is opened, iSpy key logger malware is downloaded onto the host device. The malware has the potential to capture keystrokes, steal passwords stored in web browsers among other malicious activities.


Other phishing emails to watch out for include:
• those from a ‘delivery company’ about an expected order which is delayed or held at the depot
• a bogus order tricking you to confirm or cancel it
• a fake ‘invoice’ attached for a recent order
• warnings or advice from the Police such as our example




Crime Prevention Advice Scam Email

Data Security & Patching - Advice for Dictators

With all the news about the Panama Papers I thought this article was an interesting take on data security and how not to do it, all from the viewpoint of a dictator trying to stash their millions. For the rest of us there are still some useful lessons about how to keep our data secure and away from hackers.


http://www.zdnet.com/article/three-important-lessons-crooked-world-leaders-can-learn-from-the-panama-papers/


The bottom line is patch, patch and patch again. Make sure you always keep your software up to date with the latest patches and install updates when there are any security alerts. For most of us all might happen is that someone could have access to our data or hack your email/social media but potentially you could lose money from fraud on your bank account or lose important personal data like photos if your phone or PC is at risk from unpatched security flaws.
If your PC or phone prompts to install new security updates then it's always worth making sure you take the time to apply them. From an IT perspective it may be a pain when systems need to be taken down to apply updates but there is good reason for keeping software fully patched as this shows!