{"id":77214,"date":"2016-12-13T16:18:02","date_gmt":"2016-12-13T16:18:02","guid":{"rendered":"http:\/\/mostafa.openonline.co.uk\/?guid=a48788a1b7c08e8a2d34ca582e95ab03"},"modified":"2016-12-13T16:18:02","modified_gmt":"2016-12-13T16:18:02","slug":"news-story-regulatory-alert-charities-at-risk-of-cyber-attack","status":"publish","type":"post","link":"https:\/\/mostafa.openonline.co.uk\/?p=77214","title":{"rendered":"News story: Regulatory alert: charities at risk of cyber attack"},"content":{"rendered":"<div class=\"govspeak\">\n<p>The Charity Commission, the independent regulator of charities in England and Wales, is issuing this alert to charities as regulatory advice under section 15(2) of the Charities Act 2011.<\/p>\n<p>The information contained within this alert is based on reports made during the past month to Action Fraud, the UK\u2019s national fraud reporting centre.<\/p>\n<h3 id=\"there-are-2-prevalent-scams-to-be-aware-of\">There are 2 prevalent scams to be aware of:<\/h3>\n<h4 id=\"crime-prevention-advice-email\">\u2018Crime Prevention Advice\u2019 email<\/h4>\n<p>Fraudsters are sending out a high number of phishing emails to personal and business email addresses with the message subject heading \u2018Crime Prevention Advice\u2019. Charities could also be at risk from this disturbing new email scam and are encouraged to be vigilant.<\/p>\n<p>The campaign\u2019s primary function appears to be the distribution of powerful malware via a malicious email attachment. The email sender appears to be spoofing a Metropolitan Police email address, showing the sender as \u2018crime@content.met.police.uk\u2019. The email contains the text:<\/p>\n<p>\u2018TO THE GENERAL PUBLIC<br \/>\nSee attached document to read more about crime prevention advice.<br \/>\nRegards,<br \/>\nMetropolitan Police Service.\u2019<\/p>\n<p>The email includes an attachment titled \u201811212527.zip\u2019. This attachment contains malicious content which downloads the iSPY key logger to the victim\u2019s device. This key logger records keystrokes, steals passwords stored in web browsers and Skype conversation records, takes pictures via webcam and stores the license keys of software, such as Microsoft Office and Adobe Photoshop.<\/p>\n<h4 id=\"notice-of-intended-prosecution-email\">\u2018Notice of Intended Prosecution\u2019 email<\/h4>\n<p>Fraudsters are sending out a high number of phishing emails to email addresses connected to businesses in the United Kingdom, with the message subject heading \u2018Notice of Intended Prosecution\u2019 and \u2018NIP &#8211; Notice Number\u2019 followed by a combination of letters and numbers.<\/p>\n<p>Its primary function appears to be distributing Banking Trojan malware, through a malicious link embedded within the email. The emails purport to come from the Greater Manchester Police, so will be of most relevance to those charities based in the North West of the UK.<\/p>\n<p>It is believed that the URL hidden behind the line \u2018Check The Photographic Evidence\u2019 delivers the GOZI\/ISFP Banking Trojan which is involved in stealing online banking login details from victims. See below for screen-grab of scam email:<\/p>\n<figure class=\"image embedded\">\n<div class=\"img\"><img decoding=\"async\" alt=\"Fake email purporting to be from Greater Manchester Police\" src=\"https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/image_data\/file\/59212\/GMP_Fake_email_scam_image.png\"><\/div><figcaption>Fake email purporting to be from Greater Manchester Police<\/figcaption><\/figure>\n<p>In both cases, charities are advised to protect themselves in the following ways:<\/p>\n<ul>\n<li>ensure charity software has up-to-date virus protection, though it will not always prevent you from becoming infected<\/li>\n<li>do not click on links or open any attachments you receive in unsolicited emails or SMS messages &#8211; fraudsters can \u2018spoof\u2019 an email address to make it look like it\u2019s from a trusted source<\/li>\n<li>if you\u2019re unsure, check the email header to identify the true source of communication &#8211; information on how to locate email headers can be found at <a rel=\"external\" href=\"https:\/\/mxtoolbox.com\/Public\/Content\/EmailHeaders\/\">https:\/\/mxtoolbox.com\/Public\/Content\/EmailHeaders\/<\/a>\n<\/li>\n<li>always install software updates as soon as they become available, as the update will often include fixes for critical security vulnerabilities<\/li>\n<li>if your current software does not offer an \u2018anti-spyware\u2019 function, consider installing software which does, as this can detect key loggers<\/li>\n<li>undertake regular backups of your important files to an external hard drive, memory stick or online storage provider &#8211; however, it\u2019s important that the device you back up to is not left connected to your computer, as a malware infection could spread to that device too<\/li>\n<li>if you suspect your bank details have been accessed, you should contact your bank immediately<\/li>\n<\/ul>\n<p>If you think your charity has been affected by a phishing scam, or any other type of fraud, you should report it to Action Fraud by calling 0300 123 2040, or visiting <a rel=\"external\" href=\"http:\/\/www.actionfraud.police.uk\/\">www.actionfraud.police.uk<\/a>.<\/p>\n<p>Trustees are advised also to report suspected or known fraud incidents to the Commission at <a href=\"mailto:RSI@charitycommission.gsi.gov.uk\">RSI@charitycommission.gsi.gov.uk<\/a>.<\/p>\n<p>Serious incident reporting helps the Commission to gauge the volume and impact of incidents within charities and to understand the risks facing the sector as a whole.<\/p>\n<h4 id=\"carl-mehta-head-of-investigations-and-enforcement-at-the-charity-commission-said\">Carl Mehta, Head of Investigations and Enforcement at the Charity Commission said:<\/h4>\n<blockquote>\n<p>Charities need to be aware of the imminent danger posed by malicious phishing emails and to take appropriate steps to protect their charity from cyber-attack &#8211; a charity\u2019s valuable assets and good reputation can be put at risk from these dangerous scams.<\/p>\n<p class=\"last-child\">I urge all charities, if they suspect they may have fallen victim to phishing scams, to report it immediately to Action Fraud, and to the Commission under its serious incident reporting regime.<br \/>\nYou can visit <a rel=\"external\" href=\"https:\/\/www.charitiesagainstfraud.org.uk\">www.charitiesagainstfraud.org.uk<\/a> for advice and top tips on how to protect your charity against cyber-fraud.<\/p>\n<\/blockquote>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Warning about malicious \u2018phishing emails\u2019.<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"_links":{"self":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/77214"}],"collection":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=77214"}],"version-history":[{"count":0,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/77214\/revisions"}],"wp:attachment":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=77214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=77214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=77214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}