Join JAAGNet and Group

SIgn up for JAAGNet & the UKI Group its FREE!!

 

Member Benefits:
_____________________

 

Again signing up for JAAGNet & Group Membership is FREE and will only take a few moments!

Here are some of the benefits of Signing Up:

  • Ability to join and comment on all the JAAGNet Domain communities.
  • Ability to Blog on all the Domain communities 
  • Visibility to more pages and content at a group community level, such as Community, Internet, Social and Team Domain Community Feeds.
  • Make this your only content hub and distribute your blogs to LinkedIn, Reddit, Facebook, Twitter, WhatsApp, Messenger, Xing, Skype, WordPress Blogs, Pinterest, Email Apps and many, many more (100+) social network and feed sites. 
  • Opportunity to collaborate (soon to be  released) with various JAAGNet Business communities and other JAAGNet Network members.
  • Connect (become friends), Follow (and be Followed) and Network with JAAGNet members with similar interests.
  • Your Content will automatically be distributed on Domain and JAAGNet Community Feeds. Which are widely distributed by the JAAGNet team.

Join Us!

JAAGNet Newsletter Signup

security (2)

Bronze Level Contributor

The fake email looks like it has come from NHS Test and Trace

The NHS has warned people to be vigilant about fake invitations to have the coronavirus vaccination, sent by scammers.

The scam email includes a link to "register" for the vaccine, but no registration for the real vaccination is required.

The fake site also asks for bank details either to verify identification or to make a payment.

The NHS says it would never ask for bank details, and the vaccine is free.

Cyber-security consultant Daniel Card told BBC News that traffic data indicates thousands of people had clicked the link to the fake site - although it is unclear how many then filled in the form.

He urged people to remain vigilant: "These things spring up, we take them down and then they spring up again."

Both the National Cyber Security Centre and Action Fraud have asked anyone who receives a scam email or text to report it.

"Vaccines are our way out of this pandemic," said health secretary Matt Hancock.

"It is vital that we do not let a small number of unscrupulous fraudsters undermine the huge team effort under way across the country to protect millions of people from this terrible disease."

At the start of January, Derbyshire police issued a warning about a text message scam which offered Covid vaccinations.

"If you receive a text or email that asks you to click on a link or for you to provide information, such as your name, credit card or bank details, it's a scam," the force said.

Last year, tech firms warned that coronavirus was a popular hook for scammers. In April 2020 Google said it was blocking 18 million scam emails a day on the subject.

Originally published by
Zoe Kleinman | January 26, 2021
BBC

 

Read more…
Gold Level Contributor

Santander, Tesco Bank and TSB have "serious vulnerabilities" in security that could leave their customers exposed to fraud, according to an investigation by consumer watchdog Which?.

Which? conducted a probe with independent security experts 6point6, scrutinising the online banking safety measures in place across the largest current account providers.

In some instances, it uncovered the potential for scammers to access information which could be used as the building blocks of a sophisticated scam, says Which?, arming a fraudster with enough sensitive information to pull off convincing cons, such as posing as a bank employee to persuade a customer to transfer money from their bank account to a fraudulent one.

Tesco Bank received the poorest rating for online security in Which?’s testing, with an overall score of just 46 per cent.

Researchers found multiple security headers missing from its webpages. It also failed to block testers from logging in to the website from two computer networks at the same time.

In addition, it failed to log out testers when switching to a different website or using the forward/back button to leave the session and return to it.

TSB finished second from bottom with a score of 51 per cent. Among the issues identified in Which? testing, the most serious was the firm’s login process, which did not meet new regulations on ‘strong customer authentication’ (SCA), introduced in March.

TSB has completed the roll out of two-factor authentication for mobile banking users, but has yet to complete the upgrade for Internet banking.

Santander rounded off the bottom three, with a score of 62 per cent. Testing found that authentication checks when logging in can be bypassed if a user designates a device as ‘trusted’. While the firm said it does ask for reauthorisation if it detects unusual activity, there’s no option to view or ‘distrust’ these devices.

At the other end of the table, Starling came out on top, with a score of 85 per cent. Experts found nothing concerning with its recently launched online banking website. This is partly due to limited functionality, as users can only change sensitive data via the app.

Barclays, HSBC and First Direct tied for second spot, with a score of 78 per cent, but had areas for improvement, says Which?.

Although each had strong login measures, testers only needed basic details to recover a Barclays membership number, and could log in using two different computer networks without being ejected from one.

In First Direct’s case, the pre-set security questions for forgotten passwords were too basic, claims Which?, while there was no alert for password changes or new payees and special characters can not be used in passwords.

Which? also asked 6point6 to test each provider’s banking app to identify potential flaws. It checked to see if firms detected testers downloading its app in an emulated device or running it on a rooted device, recently identified as a key weakeness that is being exploited by sophisticated hacking gangs.

Monzo, Nationwide and TSB failed to perform both emulator and root detection, although Monzo disagrees that this exposes its app to security weaknesses and told Which? that root and emulator detection can be unreliable.

Another test was for ‘code obfuscation’, which hides data that could be used by hackers to identify weaknesses or steal sensitive information. Virgin Money was the only bank tested where many ‘function calls’ were clearly visible. Function calls are part of the code that makes an app work and should be hidden to make life harder for attackers who might use the information to hack into a system.

Harry Rose, editor of Which? Magazine, says: “Banks must lead the battle against fraud, yet our security tests have revealed a big gap between the best and worst providers when it comes to keeping people safe from the threat of having their account compromised.

“The serious failings we have exposed with some providers reinforce the need for banks to up their game on scam protections, and for greater transparency and stronger standards on fraud reimbursement to be made mandatory for all banks and payment providers.”
 
Originally published by
Finextra | January 7, 2021
Read more…

JAAGNet UKI Business - Feeds

JAAGNet UKI Personal - Feed

JAAGNet UKI Blog Archive

See Original | Powered by elink

JAAGNet UKI Video Playlist