European Banks Need Better Phishing Protection

Phishing scams are big business, which is why we were shocked to read an article on BullGuard’s website.

It would appear as though European banks – those monoliths that we believe to be impenetrable to cyber-attacks and scams – are not doing enough to protect is from phishing scams.

We’ll let BullGuard fill you in:

Phishing scams and European banks

Up to a quarter of major European banks are not providing best practise phishing protection to their customers according to a survey from Sectigo, a cybersecurity analyst firm.

The firm looked at banking websites and rated them based on the presence of SSL certificate verifications provided by a Certificate Authority (CA), which confirm that a website is authentic and legitimate.

  • Each bank’s website was rated according to the type of certificate used to secure the home and login pages for the bank’s online banking service.
  • Full marks were awarded for the presence of Extended Validation (EV) SSL certificates and the maximum level of identity verification on the home and login pages.
  • Websites without an EV certificate on the home and/or login pages received a lesser rating.

An Extended Validation Certificate (EV) is a certificate used for HTTPS websites and software that proves the organisation that provides the sites/software are who they claim to be.

In Europe, 25% of banks did not receive the highest rating, but thankfully, there wasn’t one single bank that warranted a ‘not secure’ status.

What does this mean in practice? 

Cybercriminals often create counterfeit websites to trick people into unknowingly providing valuable information such as account logins, credit card numbers and personally identifiable information that can be used for identity theft.

  • A website using an EV SSL Certificate displays security indicators directly in the browser address bar, such as a padlock, HTTPS, and the verified company name and country.
  • A website that doesn’t display these signs suggests it’s a counterfeit website or as the Sectigo survey shows, a bank that isn’t paying full attention to its online presence.

User advice

Given the widespread use of phishing campaigns and counterfeit web pages it’s recommended that you check the following points when logging onto a site in which you might make a payment or enter sensitive data:

  • Look for the full company name at the left of the address bar to ensure the site is legitimate.
  • Don’t enter credit card numbers, personal information, logins, or other sensitive data on any web page that is not secured with a certificate that is, displaying a padlock in the browser bar.
  • Avoid clicking on links in emails that you weren’t expecting and which attempt to get you to enter personal information. These are typically phishing emails.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  


Look Out, There’s SMS Phishing About

SMS Phishing scam


SMS Phishing is fast becoming one of the most common forms of threat – even more so than fake apps.

You might think that in the scale of things, SMS scams as a cyber threat is a bit old school, but that’s what makes them so darn clever. You are constantly reminded about looking out for fake apps, dodgy emails and unsecured websites but what happens if you get a text telling you you’ve won a product?

The chances are because it’s not an email, you would be drawn in. The fake URL contained within the message proves too tempting, and you click – after all, what harm could it do? It’s only a text.

The problem is that one click will unleash malware on your smartphone.

Don’t get caught out

It pays to be vigilant whether using your PC, tablet or phone. To help you stay safe here are a few things to watch out for, courtesy of BullGuard:

  • Don’t click on messages from unknown sources that contain links
  • Don’t reply to any messages that ask about your finances
  • If the text demands a quick reply, ignore it, it’s probably a smishing attempt
  • Don’t call back a number associated with a text that has arrived ‘out of the blue’
  • If the message starts: “Dear user, congratulations, you have won” (or something along those lines) it’s a scam
  • If the message purports to be from a long lost friend, it’s a scam

To be on the safe side, here at MPM we recommend you protect your devices with a product like BullGuard (others are available).

Above all, stay vigilant and stay safe.


MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

New Scam – Beware of the Emailed Parking Ticket

Fake parking ticket


No one likes getting a parking ticket. They are one of life’s annoying things that tend to crop up when you least expect them.

What happens if you get one you weren’t expecting? Do you just pay up because it must have happened?


The latest scam from internet fraudsters could see you paying a fine that doesn’t exist.

This phishing scam involves random emails with parking tickets. The email looks as though it comes from the UKPC, or UK Parking Control. You can’t miss them because they generally come with the headline: ‘Notice to Ticket Keeper’ or ‘Reminder to Ticket Keeper’.

This is followed by a bit of official looking text that claims a parking attendant has reason to believe that you parked on a client’s private land. It then gives you a bill complete with fake date, a fake reference number and a fake parking charge amount of £90.

Unlike other scams, this one looks very official and isn’t dotted with the usual tell-tale spelling mistakes. You can see what it looks like above.

If you click on the link that says ‘payment options and photos’ at the bottom you’ll either unleash a tonne of malware, or you could end up losing £90 to a non-existent fine. Or worse you could end up with both.

The beauty of this scheme (from the scammers’ point of view) is that it relies on the victim to provide the urgency. Most people follow up straight away and pay without asking any questions. However, before acting it’s worth doing a bit of simple checking.
It’s easy to check whether your fine is genuine. According to the UKPC’s official website, they do not send Parking Charges by email; so if you get one, send it straight to junk.

If you’re reading this too late and you’ve already had one of these emails, run a malware scan on your computer immediately.


MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Transcedit

Beware Amazon Phishing Emails

Amazon phishing emails


Over Christmas, shoppers reported a high number of Amazon phishing emails hitting their inboxes.

Mainly targeting people in Europe and USA, the emails attempted to trick recipients into believing there was a problem with their recent order.

They were encouraged to click on a link that took them to Amazon’s website – or at least a fake one make to look like the genuine article.

The customer was then asked to type in their bank details to re-verify their account. If they did, their banking details were stolen and sent to a server controlled by the scammers.

Don’t get caught out

Amazon isn’t the only company used by scammers, and there are a few things you can bear in mind when receiving emails.

Usually, most companies like Amazon won’t ask for personal information such as bank details, PINs or passwords.

If you do get an email from a reputable company telling you your details or account have been compromised, check the sender’s email address. If it looks odd, it probably is.

If you’re not sure, open your browser and check out the company’s website directly – never click on a link in an email. Call or email them through the site for confirmation before you do anything.

Phishing emails like these are everywhere, so it pays to remain vigilant at all times.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.


8 Free-ish Anti-phishing Tools


Here are a couple of alarming phishing stats for you to ponder:

  • 85% of organisations have suffered a phishing attack
  • An average phishing email has a 30% chance of being opened

Education is a great way to prevent falling victim, but it never hurts to have another layer of protection too.

You might be wondering why we used the word ‘free-ish’ in the title. Well, that’s because not all of the 8 are free, but they are still worth knowing about.


This works with POP, IMAP, Gmail and AOL by downloading your email before it is delivered to you, remove the spam, and then deliver the good mail to you. It allows you to use CAPTCHA to verify senders, set up whitelists for individual emails or entire domains, customise verification emails, download lists that include a week’s spam and more.

It’s free for single email accounts receiving less than 1,000 spam messages a week. There is a premium option available too.


Apart from a really cool name, AlienCamel offers you unlimited email storage (IMAP and POP) on their servers and sorts your email for you into “Pending” and “Spam” folders so you can view everything before you download it to your system.

It works with most of the popular email clients for both Windows and Mac OS X, and they are also currently testing an iPhone app. The service costs $8 USD a month, or $80 a year.

Spam Arrest

After setting up a whitelist for your contacts, every person who emails you will get an automated CAPTCHA reply that they must respond to for their email to get through to you (only on their first email).

All spam messages are held on the Spam Arrest servers for 7 days so you can see if there are any you want to let through. The service is $5.95 USD when paid monthly.


This free service is a little awkward because you need two email addresses with your mail provider: Mail is delivered to the first address, passed on to Spamfence to check it for viruses and spam, and then the cleaned email is delivered to the second address.

GFI MailEssentials

Using two spam detection engines, this one attempts to reduce the rate of false positives to make sure that email gets to the folder it truly belongs in. The system supports Microsoft Exchange 2000, 2003, 2007 and Lotus Domino, and offers a plethora of blacklists and whitelists based on criteria of your choosing.


This one is for business and corporate users, Mailprotector tests each email for origination, routeing, construction, communication and content, and then assigns it a score based on the results. Fail the test, and it’s off to the spam folder.


This versatile spam filtering system can be placed anywhere in the email stream to do its job. Due to this feature, it can work with a great number of email setups, including Gmail. It can be used on servers running Linux, Mac, Unix or Windows.


SPAMFighter is an Exchange Module that will work with Microsoft Exchange Server 2000, 2003 and 2007 or Microsoft Small Business Server (SBS) to expunge your system of spam before it gets delivered. Besides just fighting spam, the system can also generate analytics to show you just how much email it is stopping, how many users are on the system, and more.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source - Sitepoint