Recent NCA warning of cyber crime

**Don Petter** · 04-06-14, 11:18

If you get a suspect email, it is instructive to hover the cursor (DON'T click) over the link, to see where they would like to take you. A fake BT one, something I often receive, this morning was going to take me to a site in Moldova!

**Sydney Grew** · 04-06-14, 11:38

Originally posted by johnb View Post

. . . by the US authorities. . . .

Why "US" in particular? Why not try the Belgians for a change?

**Dave2002** · 04-06-14, 11:45

This sounds nasty. An additional worry is "how do we know to trust the link you have posted?" or indeed other links from security companies.

Should we bump this up to another forum area - Platform 3 - for example?

One precaution could be to back up every important file on one's machine now, before it's too late. For anyone working on a networked system, it might be worth asking the system manager(s) what to do, and asking for a complete archive to be taken.

Back off to CD, DVD or Blu-Ray would reduce the risk of any tampering with the archived storage, though generally these are perhaps not so good, and may deteriorate over time.

For a currently uninfected system, dumping files to a hard drive could be a good option, and drives can be obtained for less than £50 which would do the job. That could be cheaper than having to adopt other solutions in the event of a significant malware attack, and could be a good investment anyway for the future.

**Frances_iom** · 04-06-14, 12:14

why do people keep on posting these 'the sky in falling in' adverts from snake-oil vendors in the 'security' industry - the easiest option is to switch to linux (or even buy a cheap 2nd hand laptop and install linux + use it only for email/safe browing) - if stuck with windoze get thunderbird + switch to text only

**Dave2002** · 04-06-14, 12:43

Originally posted by Frances_iom View Post

why do people keep on posting these 'the sky in falling in' adverts from snake-oil vendors in the 'security' industry - the easiest option is to switch to linux (or even buy a cheap 2nd hand laptop and install linux + use it only for email/safe browing) - if stuck with windoze get thunderbird + switch to text only

Unfortunately, Frances, sometimes people do get hit. I do believe that ransomware exists.
The easiest solution is not to use technology at all. That has consequences - or sometimes "no consequences!"

I get very p**d off when I can't do things without providing a mobile phone number, though I have been known to just put random digits in. Since when has it been obligatory to have a mobile phone?

**ferneyhoughgeliebte** · 04-06-14, 15:45

Having read the OP, I ran a Malwarebytes full scan on my computer. It discovered more than 40 "threats" which I've removed - they all began "PUPOptional", followed by either "SpigotA", "Yontoo.A" or "FreeRIPToolbar". "PUPOptional" frequently show up in full scans - I'd be very grateful if anyone could tell me what are they, and if the scan I've done issufficient to protect my computer from the threat(s) mentioned in the OP. Thanks.

**Dave2002** · 04-06-14, 15:58

Originally posted by ferneyhoughgeliebte View Post

Having read the OP, I ran a Malwarebytes full scan on my computer. It discovered more than 40 "threats" which I've removed - they all began "PUPOptional", followed by either "SpigotA", "Yontoo.A" or "FreeRIPToolbar". "PUPOptional" frequently show up in full scans - I'd be very grateful if anyone could tell me what are they, and if the scan I've done issufficient to protect my computer from the threat(s) mentioned in the OP. Thanks.

See http://www.malwareremovalguides.info...l-intructions/

**johnb** · 04-06-14, 16:55

ferney, Malwarebytes might or might not deal with the threats mentioned in the OP. If I had to guess it would be that Malwarebytes might be insufficient. A number of prominent internet security firms have provided free tools specifically to deal with this particular threat, so it makes sense to make use of them.

The National Crime Agency webpage that deals with this specific issue also points to the Get Safe Online website that I provided at link to.

Perhaps I am naive but I can't see and downside in running the free tools provided by your preferred internet security company. The links are in the Get Safe Online webpage that I gave the link to in my OP.

**PJPJ** · 04-06-14, 17:14

Originally posted by ferneyhoughgeliebte View Post

Having read the OP, I ran a Malwarebytes full scan on my computer. It discovered more than 40 "threats" which I've removed - they all began "PUPOptional", followed by either "SpigotA", "Yontoo.A" or "FreeRIPToolbar". "PUPOptional" frequently show up in full scans - I'd be very grateful if anyone could tell me what are they, and if the scan I've done issufficient to protect my computer from the threat(s) mentioned in the OP. Thanks.

PUPOptional bits and pieces are, I understand, little to worry about. They are little programs or utilities which get installed on the sly with other usually free software you wanted installed. They are no more than a bleedin nuisance; mop them up with Mal.bytes and delete.

**PJPJ** · 04-06-14, 17:47

Ran Malwarebytes - scanned clean. So I thought I'd try one of the tools suggested in the OP link and chose Symantec which did a full scan and the re-boot.

In the end it found four items which it called bad, all shortcuts........ to Hyperion's download manager, Chandos's download manager, DVD Audio Extract and one other on the desktop, which one escapes me.

Unbelievable.

**johnb** · 04-06-14, 18:00

Did it call them all "bad" or did it report that it hadn't sufficient information on them? I ask because when I ran it it reported two items: one a risky programme (which, in fact, I never use) that it advised removing and TheClassicalShop (Chandos) download manager shortcut which it reported not having sufficient information on to evaluate. When I gave the OK to take action it removed the risky software and left the Chandos link in place. Not unreasonable really.

In any case, happily it didn't find either GOZeuS or CryptoLocker, the two programmes these tools are designed to scan for and remove.

**Frances_iom** · 04-06-14, 18:47

Originally posted by ferneyhoughgeliebte View Post

I'd be very grateful if anyone could tell me what are they,

on the teach a man to fish rather than provide a bit of herring might I suggest DuckDuckGo or even Google may help - PUP = potentially unwanted propragm - ie not known to be malware but as pointed out the unwanted garbage dumped on you when downloading 'free' windoze software - after all since neither you nor anyone else can actually look at the code downloaded you like any sheep must accept what is forced on you - a byproduct of having paid the Windows tax

**MrGongGong** · 04-06-14, 18:52

OSX or Linux ?

It's like the "good old days" of viruses all over again
with the added frisson of everyones bank details being on their computers !

**PJPJ** · 04-06-14, 18:55

I'm pretty sure it called them all "bad". It didn't find anything else, and neither has M'bytes (other than the occasional pup) - perversely, I get worried that none of my scans ever finds anything.

And I could so easily have become infected as I get so many odd emails purporting to come from BT or Amazon or others. The attachments are always .exe.

BT is being a bit of a pain. It seems years since they first told me my email was being changed from BT Yahoo to BT Mail and the change has yet to happen. From time to time emails come in telling me I need to change, and they do look fairly authentic, all the right logos and so on. However, even in my state of decrepitude I know I do not need to run an installation to set up a new version of my existing desktop mail, but it's easily done. Several old friends compromised their computers and accounts as a result of this.

Recent NCA warning of cyber crime

Recent NCA warning of cyber crime

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment