Category Archives: Data Protection

Beware! Pfishing is getting more dangerous.

I have warned before about the dangers of opening dunious e-mails and especially the links and attachments in them.  Well they seem to be getting cleverer and more harmful than ever.

I am grateful to Will Howell of CTA Systems for this latest advice.

The pfishermen copy the name of a genuine e-mail contact of yours, so you are most likely to trust it.  The malware that will come onto your computer is likely to be ransomeware.  That means it will lock your computer until you pay for a password from the pfishers.

How can you detect it?

They probably will not have copied the full e-mail address of your real contact, just the name.  Do look for the full address by hovering your cursor on the name, without actually opening it.  Also, try ‘phoning them or even sending an e-mail to their correct address – DON’T use the Reply facility!



Happy Birthday! You’ve been scammed!

I have written about this before, but the risk is still with us, and then some!  I was interested in an article on it in Which Magazine this month.  [By the way I strongly recommend that publication – whatever the month].

It warned that the scammers are getting more sophisticated:

  • they are improving their spelling
  • they are using our first names
  • they are getting bits of information about you from different sources so that they sound convincing when they put it all together.

What sources?

  1. Your profiles on social media
  2. your blogs
  3. the Electoral Register
  4. other websites where you have given your contact details.

What can you do?

  • Look out for pfishinge-mails.  Anything unsolicited and unexpected should be suspect.
  • if in doubt contact the organisation they say they represent (your bank, IT support, HMRC) using an e-mail address or ‘phone number you know is correct, but don’t reply to the e-mail itself
  • Think twice or more about what information you are giving out on social media or other websites.
  • How many people know your date of birth?  How many organisations use that as “proof” of your ID?
  • It’s nice to receive lots of birthday cards and e-messages, but  would you be better off getting fewer if it meant staying safer?

If you have been scammed use the Action Fraud line 0300 123 2040 or contact the police, as well as your bank, credit card company.




At Halloween should you be afraid? What should you do?

Why be afraid of things like ghosts and vampires that don’t exict when there are plenty of things around all the time that can really hurt you or your business.

We know that fraud is increasing although many other crimes are reducing.  Cyber fraud is increasing faster than any other kind.

Should you be afraid?

Why not do something about it?

  • Review your risk controls.  Are your financial systems god enough?  How about an audit?
  • What about your IT security?  Data protection?  Have you yet looked at Cyber Essentials?  Are your systems compliant?

Want to know more?  Give me a ring or send me an e-mail.  Or go to

Don’t be scared – be safe!

What do you do with your old computers?

A lot of people do not think about this until they have to.  When they do, they are more concerned about buying their new computer than about disposing of the old one.  Some are kept lying around somewhere in the house or office for ages.  Some are thrown in a skip or wheelie-bin.  Some are taken to the tip.

Many of them probably do not need to be taken out of use.  They can be cleaned up and given a new lease of life at a reasonable cost.  The thing that slows them down and makes them seem “past it” is the amount of unwanted and unused software and out-of-date data we all allow to build up on our computers.  A good purge can work wonders!

The thing to be concerned about is the security of your data.  Hackers can usually recover data from discarded computers.  Even ones you thought were not working.

One option is to physically destroy the machine, for instance by smashing it up with a hammer.

Another way is to find a trustworthy expert to wipe the data and recycle the machine.  I know one or two who are properly approved and licenced.  They sell the newly secure and reconstituted computers.  I was surprised to learn there is a market for them.  That way your data is safe and you are contributing to the environment by recycling.  Not bad!

How to help criminals!

I have been reading about Ricky Hatton’s misfortune in having been burgled while on holiday, losing some very valuable items.

Now, I have been the victim of a burglary on two occasions in my lifetime and both when I was on holiday, so I really do empathise with Ricky, even though I did not lose anything of that sort of value. [Note to burglars: I still do not have anything in my house worth stealing.  Honestly!]

Like a lot of people, I reviewed my security arrangements after each event.  Yes!  It would have been better if I had done it before the burglary.  Isn’t hindsight wonderful.  However, perhaps we should all review our security arrangements every now and then.

I noticed that Ricky had tweeted about his holiday plans.  Perhaps this helped the burglars time their visit.  When I was young, you know, before decimalisation, the Common Market, and computers, the police used to advise people to cancel the milk and papers before going away, so as to avoid such obvious visible clues to their absence as piles of papers or lots of milkbottles on the doorstep.  As the world has “progressed” and fewer of us have milk or papers delivered, it is probable that the main source of information for criminals is the social media.

I said “criminals” rather than “burglars” because information is useful to many kinds of criminals, including identity thieves, hackers and con-men as well as old-fashioned burglars.

So let us all be wary about what we blog and tweet about, remembering we can never be sure who is going to read it.

Personally I would never want to upset Ricky, let alone steal from him.  I hope they catch them.


How to deal with malware

Many of us have had unwanted software, whether malicious or just inconvenient, land on our computers and then find we cannot get rid 0f it.  Often it comes on the back of something you had chosen to download.  It is particularly common if you order a free product from a supplier other than its principal provider.  Look carefully before you click, as they may have manes similar to the main, responsible business, like Macrosoft.  (I just use that as an illustration. If there is a genuine firm called Macrosoft and they do not send out malware, I apologise!)

How to get rid of it?   You can try using Uninstall but that might not work.  Some suppliers make sure there is no Uninstall facility on their software.  There are sophisticated tools out there, but a simple way is to reset your computer to a date prior to when the malware appeared.  Of course, you need to be sure you are not going to lose any vital work done in the interim, by copying the file in question to another computer or saving it online, but,  sometimes having to re-do some work is a price worth paying.

The sooner you spot the malware and take action the better.

You’ve got cyber security covered, but what’s in the mail?

I have just heard that the Ministry of Justice has lost some highly sensitive information on discs being sent in the post.

This, after the totally embarrassing loss of millions of items of personal details by HMRC a few years ago on discs being transported by courier.

Will they ever learn?

We have no choice but to provide details to the police and government agencies when instructed to do so.  But at least we can be better than them.  If it is sensitive, deliver it in person, or use a really trustworthy courier.  Also why not encrypt the data so if it gets lost it is no use to anyone else.  Of course, you need to take a back-up copy so you are able to function normally even if you lose it.

It is no use worrying about cyber security if you do not pay attention to low-tech security too.

It’s official! I do know something about cyber security!

I have now received my certificate from the Open University saying I have successfully completed an 8 week course in cyber security.  It is dated 7 December 2014.

I found the course informative and thought-provoking.  I picked up some useful tips as well as increasing my overall knowledge and understanding of the subject.  Even things I had covered previously turned out to be worth studying again.  There is always another way of looking at something.

I would recommend the course, and also feel more able to give useful advice to others on a whole range of issues related to protecting your IT and your data.

Tip of the month

I have just had a ‘phonecall from someone wanting to talk to me about home security.  I did not want to talk to any cold callers at the time as I was trying to do some work, but anyway, just think how dangerous it could be to discuss your home security arrangements on the ‘phone, or by e-mail etc come to that, with a total stranger.  I have no way of knowing whether the caller in question was genuine or not, but just think if they were scammers, or worse.

My tip?

Never discuss security or other personal matters with strangers.

Do you have any unwanted software on your computer?

If you are like me, you will have got a lot of software on your computer you do not use, even some that you never have used.  You probably do not know how it all cama to be there.  Sometimes you download one thing and a few more slip onto your computer uninvited.

Some of this might actually be harmful and needs removing asap but a lot of it is innocent but a waste of valuable space.  It slows your computer down.

There is something even worse about it that I have only recently come to know.  When you get a prompt to update it you probably ignore it, as I do. What would be the point?  Well, the software companies often include additional security features in their updates, to deal with threats they might not have known about previously.  Leaving the old versions of software lying around can leave your computer open to attacks by viruses and other nasties.

So either keep it up to date or better still get rid of it.