Gain an unprecedented insight into a Nigerian scamming group

An Inside Look at the Evolution of a West African Cybercriminal Startup Turned Enterprise

Over the last few years, business email compromise (BEC) has become one of the most profitable of all cyber crimes. The latest report from the FBI’s Internet Crime Complaint Center (IC3) for 2018 states that 20,373 victims lost a total of $1.3 billion to BEC. This was the single largest category of reported internet crime, representing approximately 48% of the total losses of £2.2 billion. However, the remaining £1.1 billion loss clearly demonstrates that BEC is not the only threat in play.

After a security company, Agari was contacted by a scammer attempting to defraud them, they decided to investigate and follow the trail. What it discovered (PDF) is a criminal organization that started from a single Nigerian criminal entrepreneur (called Alpha) in 2008 and developed into a complex organization of at least 35 actors (hackers) today. Agari calls this group Scattered Canary, and demonstrates that BEC is just one of many types of fraud perpetrated by the gang.

“We were able to map out dozens of relationships,” say the researchers, “an entire infrastructure, thousands of email discussion threads, hundreds of romance and fraud victims, dozens of scam kits, and other evidence that helps connect the dots between a wide universe of threat actors and actions associated with this West African fraud ring.”

Alpha started his criminal career with early Craigslist scams, being mentored by a more senior criminal named as Omega. During the first 15 months, Alpha delivered more than 100 addresses to Omega, who was responsible for sending the fake checks to victims — typically in the £2,000 to £4,000 range. The desire to maximize profits may lie behind the continuous expansion of Alpha’s organization, and its move towards larger targets and more profitable scams.

Alpha’s first diversification, in 2010, was into romance scams. Romance fraud taken together with confidence fraud was the second most costly fraud noted by the FBI’s report, with losses of £332.5 million in 2018. There is nothing romantic about romance fraud. The criminals first extract every penny possible from the victim, and then carry on using them by migrating them into mules.

‘Jane’ was such a victim. By 2016, her ‘boyfriend’ had extracted as much money as he could from her, and converted her into a mule. Over 18 months she opened five mule accounts and bought 20 prepaid cards for her ‘boyfriend’. An early password for an account was ‘weare4ever’. A late password was ‘iam2wornout’. Jane died in 2017; but even after her death, “Scattered Canary continued to use her details as they attempted to take out an car loan using Jane’s personal information, providing more evidence that these groups are only interested in one thing — money.”

Credential phishing

The romance frauds have continued even though Scattered Canary, led by Alpha, started looking at more immediately profitable targets in 2015. This started with credential phishing, largely general in nature and via a Google Docs phishing page. Towards the end of 2015, the attacks began to focus on North America and primarily the U.S. This paused in February 2016.

It restarted in March 2017, but with a new focus. Credential phishing now almost entirely focused on enterprise credentials, using phishing pages mimicking common business applications such as Adobe, DocuSign and OneDrive. Over the next 18 months, say the researchers, “Scattered Canary received more than 3,000 account credentials as a result of their phishing attacks.”

Expansion

Until late 2015, Alpha had done the greater part of the work himself, with just the help of few delightful colleagues. However, Alpha recruited his first new full employee, Beta whose role, then and now, is to act as the group’s ‘mule herder’, and have primary responsibility for sending out fake checks in mystery shopper scams. 19 other individuals joined the gang over the next three years, working on generating mule accounts and taking part in other scams. There are three specific examples: Delta (joined in April 2016) provides mule accounts probably established by romance scam victims; Epsilon (joined in June 2016) provides access to systems that can be accessed by remote desktop protocol (a Microsoft tool to remotely access a computer); and Gamma (joined in January 2017) provides compromised bank account details.

The gang started its business email compromise operation by spoofing target company domains and requesting payment by bank transfer to a fictitious vendor. By 2017, the group had its BEC and other scam tools and tactics sufficiently established to define functional roles for its different revenue streams.

Monitoring the criminal

An interesting observation was a request from the gang for proof of the funds transfer by the victim. With many different individual actors all ultimately working for Alpha, the requirement prevents a go-between skimming profits by pretending that the scam had failed since a ‘manager’ could check the email account or even contact the mule directly. “Working as an opportunistic criminal, alongside other opportunistic criminals, does not come without its challenges,” comment the researchers from Agari.

A continuing theme in the evolution of Scattered Canary is the move toward scams with the highest return over the shortest period. So, just as it had earlier moved from individual to business targets, in 2017 it started targeting government agencies, including IRS, FEMA, Social Security, the Postal Service and many others. BEC in its various forms has, however, remained a primary scam from the group. It has performed both gift card scams and payroll diversions.

Evolution

The history of the evolution of Scattered Canary is valuable for giving an insight into the motivation and methods of West African criminals. Money is everything, and as quickly as possible. The preferred attack is the one that nets the highest return as quickly as possible, and victims are milked for every penny possible. But more than anything else, it shows the interrelationship of social engineering attacks. There are no separate BEC gangs, and romance scam gangs, and agency fraud gangs — in this instance at least it is just one social engineering gang that has honed its skills over many years and multiple simultaneous operations and different types of attacks.

Whats next

Education is critical in this day and age. You don’t know what you don’t know. With this in mind, I have recently launched a book on cyber security called “One Click and You’re Done” which is easy to read and will help you identify threats and more importantly, protect yourself. This is available on Amazon in Kindle and Paperback format.

Click here to take a look

Security warning! Don’t be a Sextortion victim

When it comes to IT security, there is always something new around the corner. Threats are constantly evolving. The bad guys are constantly finding ways to get through defences. Unfortunately, this isn’t just sophisticated, technical attacks but often, very simple emails, either pretending to be from Apple or Amazon etc or claiming they have something of yours and threatening to expose the data/video etc.

When you study this kind of things like I have to, you can quickly recognise the type of language used, the time limit, the threat, the easy way to pay. The stress the email tries to put you under so that you don’t think straight and panic. They want to make you panic and pay them because you’re scared of what may happen. Don’t stop and think, don’t ask someone for help, just pay and make this problem go away.

Let me first assure you that these guys don’t have pictures of you giving yourself a treat. This is a mass attack, not a small, concentrated one. They could possibly get a picture of you via your webcam but it would take a lot of skills and time. And unless you are constantly treating yourself, it is unlikely they will get the timing right to catch you in the act.

What they have managed to do is to use hacked data to get hold of your email address and a password. The password is probably old and may have been changed already but because you recognise it, you panic. Hundreds of large organisations have been hacked who have some of our data and this is what is being exploited.

Yahoo was hacked, Dropbox, Equifax, eBay, the list goes on. There is a huge amount of our data out there. The problem is, despite its age and limitations, the bad guys are finding ways to utilise it.

Sextortion

Is a serious internet crime that can lead to devastating consequences for victims. Sextortion occurs when someone threatens to distribute your private and sensitive material if you don’t provide them with images of a sexual nature, sexual favours, or money.

Here are some things you can do to avoid becoming a victim:

  • Never send compromising images of yourself to anyone, no matter who they are — or who they say they are (Dating sites)
  • Be very wary of opening any attachments in email, regardless of whether you know the person or not.
  • Cover any web cameras when you are not using them.

If you receive an email that claims they have a video of you viewing pornography, do not answer, delete the scam email and do not pay any amount in any form.

In many sextortion cases, the perpetrator is an adult pretending to be a teenager, and you are just one of the many victims being targeted by the same person. If you believe you’re a victim of sextortion, or know someone else who is, report it to the police.

The email

 

The email you receive, claims to have compromising images of the recipient and goes on to ask for payment in order to stop the images being released publicly. This is known as sextortion, and has been used for years. What makes this scam different is that it’s added something extra: it contains a real password used by the victim.

Here is an example of the email:

I do know, [PASSWORD REDACTED], is your password. You do not know me and you are probably thinking why you are getting this e mail, correct?

actually, I placed a malware on the adult videos (pornography) website and do you know what, you visited this web site to experience fun (you know what I mean). While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop) that has a key logger which gave me accessibility to your display and also webcam. after that, my software program obtained all your contacts from your Messenger, Facebook, as well as email.

What exactly did I do?

I made a double-screen video. First part displays the video you were viewing (you’ve got a nice taste haha), and second part shows the recording of your webcam.

exactly what should you do?

Well, I believe, $2900 is a reasonable price tag for our little secret. You’ll make the payment via Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: 19ZFj3nLSJCgoAcvZSgxs6fWoEmvJhfKkY
(It is cAsE sensitive, so copy and paste it)

Important:
You have one day to make the payment. (I’ve a unique pixel within this email message, and now I know that you have read this e mail). If I do not get the BitCoins, I will definitely send out your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive the payment, I’ll erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video to your 9 friends. It is a non-negotiable offer, that being said do not waste my time and yours by replying to this e-mail.I do know, [PASSWORD REDACTED],

Additional info

The Anti-Phishing Working Group (APWG) most recent report covers the phishing trends found in Q1 of 2018.

The highlights of the report included:

  • Over 11,000 phishing domains were created in Q1
  • The total number of phishing sites increased 46% over Q4 2017
  • The use of SSL certificates on phishing sites continues to increase to lull visitors into a false sense of security and site legitimacy.

All three of these trends add up to one thing – the bad guys are rapidly becoming more sophisticated and basically just spending a bit more time to orchestrate attacks. The higher the threat levels they can establish through targeted spear phishing attacks which leverage very private information, the more successful the campaign.

A lot of these bad guys (threat actors) come from poor backgrounds. They have an opportunity to make a ridiculous amount of money and basically have nothing to lose. They have no morals and don’t realise the full extent of the harm they cause.

Man pleads guilty to ‘sextortion’ — blackmailing women to provide lewd photos

Click here to read the full story.

Windows 10 spying: Microsoft reveals what data its collecting from your PC

Microsoft is revealing more information on the data that Windows 10 collects from all the computers it installed on.

With the impending rollout of the Creators Update for Windows 10 coming on the 11th of April 2017, Microsoft is releasing more information on the so called diagnostic data it collects by itself.

The next major overhaul of Windows 10, the Creators Update, will be available on April 11, but you may want to hold off on making the leap.

Windows 10’s Anniversary Update, the last significant feature upgrade to the OS, triggered complaints about frozen systems and broken webcams, due to a string of bugs that were uncovered after its rollout last summer.

This transparency has only comes after Microsoft faced the threat of enforcement action from various European regulators over the “excessive” and somewhat opaque nature of the OS’ data collection.

Microsoft will for the first time release the complete list of the diagnostic data collected at the Basic level, the lowest level that can be set by Home and Pro users. The firm will also provide a detailed summary of the data collected at the Basic and Full level.

Microsoft has recently reduced the amount of data collected at this Basic level by about half.

“One of our most important improvements in the Creators Update is a set of privacy enhancements that will be mostly behind the scenes,” said Terry Myerson, Microsoft’s executive VP of the Windows and Devices Group, in a blogpost .

The body representing EU privacy watchdogs, the Article 29 Working Party, users recently criticized Microsoft for the lack of clarity over the information Windows 10 collects.

“Microsoft should clearly explain what kinds of personal data are processed for what purposes. Without such information, consent cannot be informed, and therefore, not valid,” The group has not yet commented on whether this additional transparency addresses their concerns, but Microsoft said the changes were informed by the Article 29 Working Party’s concerns.

Apparently. the new Creators Update introduces a new privacy settings menu. This allows users to choose what information they are comfortable being sent back to Microsoft. Users can toggle off the collection of various pieces of information, including location data when using maps, voice recordings when using the Cortana virtual assistant, or diagnostic information related to what they type and write, and the apps they use.

Every user will be presented with the menu when upgrading. Obviously the default setting will be “on” to send various data back to Microsoft.

Alongside these changes, Microsoft has also launched a web-based privacy dashboard , which lets Microsoft account holders check the data Microsoft has collected about their use of its various services, for example, data related to location, search, browsing and Cortana.

Microsoft is also improving the in-product information about privacy and updating the Microsoft privacy statement to include more detail and reflect privacy changes in the Creators Update.

A Single Click Caused the Massive Yahoo Data Breach

A single click was all it took to launch one of the biggest data breaches ever.

One mistaken click. That’s all it took for a Canadian hacker aligned with rogue Russian FSB spies to gain access to Yahoo’s network and potentially the email messages and private information of as many as 1.5 billion people. To be fair, most ransomware and data breaches start with a single click.

The FBI has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday the , the FBI indicted four people for the attack, two of whom are rogue Russian FSB spies who work for the division that is supposed to cooperate with America’s FBI on cybercrime investigations. (The FSB is the successor of the KGB).

Kremlin Intelligence Services Overlap With Russian Cybercrime Underworld

One of these two rogues, Dmitry Dokuchaev, was himself recently arrested on what the Moscow press calls “treason” charges for passing information to the CIA. In reality, Dokuchaev started out as a criminal hacker who moved to the FSB but never stopped his old tricks. He was just one of the many criminals working inside Russia’s intelligence bureaucracy, and for personal profit he sold information to intermediaries that ultimately found its way to the CIA.

The investigation exposed rivalries inside the Kremlin intelligence establishment as well as inside the Russian cybercrime underworld with which it overlaps. Dokuchaev was part of the Shaltai-Boltai, a hacker group that exploits stolen data to embarrass and blackmail Russian politicians and business officials.

Image result for Shaltai-Boltai

The hack began with a spear phishing email sent in early 2014 to a Yahoo company employee. It’s unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.

Unimaginable that Yahoo did not sufficiently step employees through new-school security awareness training to prevent disasters like this.

How did the hackers do it?:

The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It’s unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.

Once Aleksey Belan, a Latvian hacker hired by the Russian agents, started poking around the network. Aleksey had two main objectives: Yahoo’s user database and the Account Management Tool, which is used to edit the database. Being the clever little fellow he is, it didn’t take him long to find these.

He then installed a backdoor on a Yahoo server that would allow him remote access control whenever he required it. Once he had access, he stole a backup copy of Yahoo’s user database back in December and downloaded it to his own computer.

The database contained names, phone numbers, password challenge questions and answers and, crucially, password recovery emails and a cryptographic value unique to each account.

It’s those last two items that enabled Belan and fellow commercial hacker Karim Baratov to target and access the accounts of certain users requested by the Russian agents, Dmitry Dokuchaev and Igor Sushchin.

Karim Baratov is shown in a photo from his Instagram account. Baratov, a Canadian man accused in a massive hack of Yahoo emails, posed an "extremely high flight risk" in part due to his alleged ties to Russian intelligence agents, law enforcement officials allege in documents filed with an Ontario court. (HO - Instagram/THE CANADIAN PRESS)

Karim Baratov is shown in a photo from his Instagram account. Baratov, a Canadian man accused in a massive hack of Yahoo emails, posed an “extremely high flight risk” in part due to his alleged ties to Russian intelligence agents, law enforcement officials allege in documents filed with an Ontario court. (HO – Instagram/THE CANADIAN PRESS)

Read more here:

http://www.csoonline.com/article/3180762/data-breach/inside-the-russian-hack-of-yahoo-how-they-did-it.html

Petya MFT Ransomware Returns, Wrapped in Extra Nastiness

Kasperksy researchers discovered a new variant of last year’s Petya Master File Table (MFT) ransomware, with “new and improved” crypto and ransomware models. Remember, MFT ransomware only encrypts the table where access to all files is kept, and does not encrypt the files themselves. It’s a very effective way to lock a machine and demand ransom in a few seconds.

Kaspersky’s Ivanov and Sinitsyn called the new version “PetrWrap” (because it wraps Petya), which uses the PsExec tool to install ransomware on every workstation and server it can access.

Instead of using the original Petya code, which was cracked last April, “the group behind PetrWrap created a special module that patches the original Petya ransomware ‘on the fly’”, the Kaspersky post states. This on-the-fly patching was created to hide the fact that Petya is handling the infection, and PetrWrap uses its own crypto routines.

If the PetrWrap malware coders had stuck with Petya’s ransomware-as-a-service model, they would need a Petya private key to decrypt victims’ data, but with this new version they can use their own keys.

Once the workstation or server is infected, the victim ends up with the file system’s master file table encrypted with a better scheme than the old Petya used. The PetrWrap coders used a tried-and-true, debugged version of Petya’s low-level bootloader, ensuring they had “production-quality” criminal software to make sure their infections would be successful.

Scam of the Week: New FBI and IRS Alerts Against W-2 Phishing

Read more about this scam here:
https://blog.knowbe4.com/scam-of-the-week-new-fbi-and-irs-alerts-against-w-2-phishing

Microsoft & Talk Talk scams

Microsoft & Talk Talk scams are no joke. They have been going for years and people keep getting caught out by them. It is important that you are not only aware of this potential scam hitting you but also protect your friends, family and parents (if they’re still around).

It begins with a phone call from someone who probably has an Indian accent purporting to be from either Microsoft or Talk Talk. They will tell you that you have a virus on your computer but not to worry because they can help. They will get you to download some software so they can get remote access to your computer.

They will then install some kind of software that looks like it is anti-virus software but it actually isn’t as it is designed to show you have loads of viruses on your computer when you actually don’t.

microsoft scam

They will then tell you that you need to buy the software so that it can remove the virus. This is where things get even worse for you because they get hold of your credit card details. They may tell you that they only need to take £5 but in a case we had last week, the payment taken was almost £500. Luckily the victim checked his bank account and instead of seeing Microsoft or Talk Talk or something similar, it said “Patel”.

Once they have your card details, they will not only take a large payment straight away but can try take subsequent payments as well as sell your card details to even more unscrupulous characters.

talk talk scam

We have also seen that some scammers have corrupted the registry or locked the computer so that it needs a password to boot into Microsoft Windows.

locked computer

Locked computer

However, it doesn’t stop there. As they have remote access to your computer, they can now monitor your computer and record you entering your online bank details. They can see passwords your enter. They could gain access to your email account and then access other secure websites you access.

As a lot of people use the same password to access different websites, they could easily gain access to a variety of websites. Including shopping sites and icloud etc. They could then sell these details on where some other delightful individual could steal your identity and rack up thousands of pounds of debit. I have seen this in the past, they could buy a car, remortgage your house. All in your name but have managed to change your address.

identity theft

So, what may start out as just a small scam and not seem that serious can very quickly escalate to something very nasty and life changing.

What do you need to do?

The first thing you need to do is be aware of this scam. Make your friends and family aware as well, especially people from older generations as they are more vulnerable. These are well organised scams and they are not going away anytime soon because they keep making money. And as they are based in India, it is practically impossible to clamp down on it.

What if I have been a Victim?

If you have had a call from a scammer and have let them onto your computer then you need to immediately shut your computer down. Don’t use it for anything and get it into us or another reputable computer company. Ring us now if this has happened to you – 01926 337 648

Here is your victim checklist:

  1. We need to check and remove any dodgy software from your computer
  2. Check for viruses they have left behind or key logging software
  3. You need to change any main passwords you are using
  4. If you gave out your credit card details, cancel the card immediately and get a replacement with a new number
  5. Change any bank passwords if you have logged in since the scam call
  6. Make sure you have paid for, good anti-virus. We recommend Kaspersky and Panda.
  7. We strongly recommend additional security software like Heimdal which protects DNS traffic and updates your programs automatically. Ask us for more info. This is only £2 a month per computer.
  8. Bring your computer into our shop so we can check it out for you – 22 Park Street, Leamington Spa, CV32 4QN

microsoft scam

Just get your computer checked our by a professional before you use it again.

Further info:

https://www.microsoft.com/en-us/reportascam/

I wrote this back in 2012 and it is still just as relevant – Link

http://www.ctvnews.ca/w5/inside-an-illegal-call-centre-in-india-scamming-millions-from-canadians-1.3310044

https://arstechnica.com/tech-policy/2017/01/two-india-based-call-center-employees-blew-whistle-on-massive-phone-scam/

https://www.nytimes.com/2017/01/03/world/asia/india-call-centers-fraud-americans.html?ref=technology&_r=0

http://www.bbc.co.uk/news/world-asia-india-37564408

Samsung’s flagship Galaxy S8 – Rumours about the super-smartphone

Samsung seems to be getting serious with its new Galaxy S8 smartphone: If you believe the many rumours, the release of the new flagship smartphone is not too far away. This is now regularly accompanied by new information on the specifications published independently by various sources.

Which information we are told, ultimately may still be dependent on the official departments of Samsung. Nevertheless, we will tell you what innovations we consider probable.

Galaxy S8: Has Samsung learned from the note 7 debacle?Image result for samsung galaxy 8

Normally, the Korean smartphone manufacturer uses the annual Mobile World Congress (MWC) for the presentation of new models, which will take place this year from February 27 to March 2 in Barcelona. However, the press announced that the new super smartphone would be present but not accessible to the general public. Possibly only selected representatives from specialist magazines etc. will have access to a demonstration model. The reason for the postponement, apparently is because of the battery debacle through which the Galaxy Note 7 had received a sad notoriety. To avoid this, the new devices are tested more intensively than ever before.

About the Galaxy 8

The processors are purported to be 11 percent faster, provide 23 percent graphics and use 20 percent less battery. Which is good, because the devices are maintaining the same battery sizes, 3,000 and 3,500 mAh, despite the larger screens. Of course, it’s possible Samsung has also made the displays themselves more efficient.

Other leaked specs indicate the phones will remain at 4 GB RAM, but get a boost to 64 GB of storage by default. While the selfie camera is getting a boost from 5 to 8 MP, the rear camera will remain at 12 MP. Of course, resolution is just a part of the equation, and we don’t know if Samsung is making other improvements to the hardware.

Samsung Galaxy 8 Release Date

Samsung’s Galaxy S8 will be unveiled on March 29th. The back of the device is very similar to last year’s Galaxy S7 (with theImage result for samsung galaxy 8
exception being a relocated fingerprint sensor), but the front marks a fairly radical departure from Samsung’s typical design. Gone are the physical home button and touch-sensitive navigation buttons; instead, a large, curved display that seemingly runs edge to edge dominates the Galaxy S8. Samsung is said to be planning a worldwide April 21st release for the device.

The hardware specs of Samsung’s upcoming phone break down like this:

  • Display: 5.8-inch or 6.2-inch QHD AMOLED display
  • Cameras: 12-megapixel f/1.7 rear camera, 8-megapixel f/1.7 front
  • Processor: Snapdragon 835 or Samsung Exynos (varies by market)
  • Storage: 64GB with microSD expansion
  • Memory: 4GB
  • Battery: 3000mAh (5.8-inch model) or 3500mAh (6.2-inch model)
  • Other: Headphone jack, USB Type-C, water resistance

Click here to read more

TravelMate X349

 

TravelMate X349

Acer logo
TravelMate X349

Banner
Available today via your distribution partners

Full aluminium design, slim and lightweight
14” Full HD IPS display reclining up to 180°
Touch fingerprint reader
6th generation Intel® Core™ i CPU and DDR4 memory
USB 3.1 Gen 2 Type C port

Style and portability

Thanks to the all-aluminium body and slim design, the TravelMate X349 is highly portable and stylish yet sturdy.

Mobility is further supported by a battery that lasts up to 10 hours allowing business people to be productive as they move from meeting to meeting.

Ready for work

The TravelMate X349 features state-of-the-art hardware, including 6th generation Intel® Core™ i CPU, up to 8GB of ultra-fast DDR4 memory and up to 512GB SSDs, providing the performance users need for working with ease.

Business people can also count on rich audio and crisp video for easier and more efficient video conferencing thanks to a 720p HDR webcam and Skype for Business Certification.

Rich connectivity options

The TravelMate X349 is conveniently fitted with a USB 3.1 Type C port that enables users to connect high definition displays, transfer data at ultra-fast speed or quickly charge the TravelMate X349 or other devices.

By pairing the notebook to Acer USB Type C Dock via USB 3.1 Type C port, users can boost performance and productivity in the office.

802.11ac with 2×2 MIMO ensures dependable and speedy network connections.

Superior usability

The big touchpad and backlit chiclet keyboard allow users to work comfortably even in dark environments, maximising efficiency.

Documents and webpages are bright and clear from viewing angles up to 180° on the 14” display with IPS technology.

In addition, the display can be pushed back to lie fully flat, perfect for sharing content with a group of colleagues.

Built-in security and manageability

The Touch Fingerprint Scanner works in tandem with Windows Hello to provide a secure and personal way to unlock the TravelMate X349.

Preloaded software such as Acer ProShield, Acer Office Manager and Acer ControlCenter, allow small businesses to easily manage and monitor the notebook, while Trusted Platform Module (TPM) 2.0 increases platform integrity and provides hardware based protection.

Surface Pro 4

With the Surface Pro 4 m3 Tablet, Microsoft delivers a powerful device that combines the best of both a tablet and a laptop. Equipped with Surface-Pen and Type Cover, the Microsoft Tablet has many different uses.

microsoft surface pro 4

The Surface Pro 4 from Microsoft has specifications more like a laptop than a tablet. Within it’s slim depth of only 8.45 mm, this device has a lot of computing power. The 12.3-inch PixelSense display provides a resolution of 2736 x 1824 pixels.

Surface Pro 4 Specs

The Microsoft Tablet is equipped with an Intel® Core ™ m3- 6Y30 processor in the basic version. This is passively cooled, which is why the tablet works silently. Nevertheless, along with the 4GB of RAM,  It applies enough computing power to every office application and video stream.

You are looking at about £1000 for a decent spec Surface Pro 4. They start at £750 but you are not getting much bang for your buck. It is worth looking at what you will be missing as the Surface Pro is a tablet and not a laptop so it really depends what you are looking for. It is also a very expensive device if you compare the spec to a decent laptop with an i7 Processor however, it depends if you want a good spec with tablet features or just a high powered laptop which this is not.

It is a cool device for those looking for the latest tech. Read more here.

Trojan “Svpeng” steals bank data

Security experts from Kaspersky Lab have discovered a new variant of mobile Trojan “Svpeng”. The Banking Trojan hides in Google AdSense ads and uses a vulnerability in Google Chrome. Its goal is to tap sensitive data from Android smartphones.

Users load the mobile phone trojan on their smartphone when visiting websites with infected advertisements.  read on to find out how “Svpeng” works exactly and how you can protect yourself. 

magnifying glass scanning android for a infected one

The mobile phone Trojan “Svpeng” infects Android devices via adverts.

Trojan “Svpeng” steals bank data

The Trojan has one primary goal: To access the bank andaccount data of the Android users. However, other sensitive information about the user is also at risk. “Spveng” can gain access to call-responses, texts and multimedia messages, browser bookmarks, and contacts.

The malicious software is usually downloaded unintentionally which is particularly sneaky. The Trojan hides behind Google AdSense ads. The Trojan is downloaded by the user just by visiting a page with an infected advertisement;

Click here to read more.

Online Christmas Shopping – beware of scams

Christmas is approaching and more and more of us are buying our gifts online.

But security company Kaspersky Lab have warned against rogue vendors on the Internet that roam on approved platforms.

You should be exercising extreme caution when buying online. Read on to find out what you have to pay attention to, to avoid pre-Christmas Internet rip-off.

The Internet attracts customers with lots of great bargains in the run up to Christmas. In addition, there are more and more campaign days with many price wars. And this brings danger as you are exposed to increased fraudulent traders and potential phishing attacks.

kennilworth computers

Beware of online shopping this Christmas

Christmas gifts online shopping can be risky

But what makes buying gifts online for Christmas so dangerous? Where are the dangers? One thing is certain- not only you as an online buyer are jeopardised, even the online retailers themselves are not safe from attacks. The dangers that Kaspersky Lab have said will threaten Christmas shopping:

  • The number of phishing attacks against online shops and payment systems is increasing significantly.
  • Malware is particularly popular on criminals’ campaign days.
  • Trading in counterfeit money cards is booming at Christmas time.
  • The number of hacker attacks on online retailers’ websites is increasing at Christmas time.

Gifts online – tips for safe shopping

click here for tips


Fatal error: Call to undefined function wp_get_current_user() in /home/spacomputers/public_html/wp-content/plugins/updraftcentral/site-management.php on line 420