A pension scam (when someone tries to con you out of your pension money) often starts with someone you don’t know contacting you by phone or text or on social media, about:

·         A new investment or other business opportunity

·         better ways to invest your pension money

·         taking your pension money out before you reach the age of 55

Their aim is to get you to cash in your pension pot and transfer the money so they can get at it.

More than 1.8 million over 50s have been targeted by pension scammers.

Warning Signs

An unsolicited approach by phone, text message, email or in person is likely to be a scam, so just end the conversation. It’s better that you research and decide who to contact and then call them when you’re ready.

There are some characteristics common to many scams, including that they may:-

·         Push you to invest quickly – they might offer you a bonus or discount if you invest before a set date

·         Say that they’re only making the offer available to you or even ask you to not tell anyone else about the opportunity.

·         Offer a guaranteed return. This is not possible in an uncertain world.

·         Offer a free review – no regulated adviser, pension provider or government agency will contact you to offer you a free review. Even if they have your pension details, ignore them.

·         Claim the deal is low or zero risk.

·         Promise returns that sound too good to be true, such as better interest rates than everybody else

·         Give you contact details that are only mobile phone numbers or a PO box address.

·         Not allow to call them back.

·         Claim they can help you or a relative unlock a pension before the age of 55, sometimes known as ‘pension liberation’ or ‘pension loans’. This is contrary to HMRC rules and only in very rare case, such as very poor health or specific industries is this possible.

·         Say they know of tax loopholes or promise extra tax savings.

·         Offer investments in unusual assets such as diamonds or parking spaces.

·         Claim to from a government organisation.

How to Check a Caller

1.       Check the FCA website (www.fca.org.uk) to determine of the caller is FCA registered. Almost all financial services firms must be authorised by FCA – if they’re not, it’s probably a scam.

2.       Check if the firm’s ‘firm reference number’ and contact details are the same as on the Register.

3.       If you’re dealing with an overseas firm, you should check with the regulator in that country and also check the scam warnings from foreign regulators.

4.       Check the firm’s details with Companies House (www.gov.uk/government/organisations/companies-house) to make sure they match.

If you use an unauthorised firm, you won’t have access to the Financial Ombudsman Service (www.financial-ombudsman.org.uk) or Financial Services Compensation Scheme if things go wrong – and you’re unlikely to get your money back.

Financial Advice

Always get independent advice before investing – don’t use an adviser from the firm that contacted you.

The Money Advice Service run by the Government (www.moneyadviceservice.org.uk) has information on how to find a financial adviser and a lot of information about pension schemes.

Double Scams

If you’ve already been scammed, fraudsters are likely to target you again or sell your details to other criminals.  The follow-up scam may be completely separate or related to the previous fraud, such as an offer to get your money back or to buy back the scam investment after you pay a fee.

Pension Liberation

Pension liberation schemes are plans which claim to allow people access to the money in their pension fund before they reach age 55.

This is not within HMRC (www.gov.uk/government/organisations/hm-revenue-customs) rules which only allow access before this age in very specific circumstances. These apply to specific professions, which allowed an early normal retirement age prior to 6 April 2006 and to those too ill to continue their occupation.

The HM Revenue & Customs website highlights the tax consequences of pension liberation to individuals.

Pension liberation schemes share some common features:

·         They solicit business via direct advertising or cold calls.

·         They require the client to instigate a transfer to a new pension plan, which may be overseas.

·         The receiving plan has only been in existence for a few months.

·         The companies related to the receiving scheme have only been in existence for a few months.

·         The investment is usually in overseas property e.g. a hotel or seafront properties.

·         The investment has a high and guaranteed rate of return.

They can also be expensive - the management charge for releasing the payment may well be up to 30% of the fund value prior to the payment.

Also, the payment itself is an unauthorised payment and will result in a tax charge of 55% which the individual is personally liable for.

Government Action

The government is seeking ways to restrict pension scam activities. There are the education campaigns such as the FCA’s ScamSmart and The Pension Regulator’s Scorpion (a consultation about measures to stop scammers).

New proposals under consideration include banning cold calls; giving more powers to pension companies to block suspicious transfers; and making it harder for scammers to set up fraudulent pension schemes.


Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.


The term Hacktivism was coined in 1994 and was used to mean direct action for social change through the online world, but the phrase has come to be used in so many circumstances that its meaning has become ambiguous. 

Some people stick to the standard definition of social change by safe and legal means but others even include cyberterrorism.

Hacktivism can be a politically motivated online action, anarchic civil disobedience or anti-establishment activities.  It can also be used to mean cyber experts, anti-hackers or the fightback against online fraudsters.

 Hacktivist Tools

A hacktivist uses the same online tools and techniques as a hacker, but to further their cause rather than causing havoc or making money.   

Defacing websites and online services is a typical method used by hacktivists and as organisational websites become  increasingly important , this kind of attack becomes potentially more effective and a successful hack more damaging to their reputation.

Denial-of-service attack is a commonly used method to cause short term problems on a website. This is achieved by using large numbers of computers constantly sending request to the target website until it crashes through overload. This is similar in the real world to sending thousands of people to a local supermarket to mill around, take items off the shelves into their baskets, put the items back and just carry on filling up the place so real customers cannot get service and give up.

Notable Hacktivist Events

1.       In 1990, the Hong Kong Blondes helped Chinese citizens get access to blocked websites by targeting the Chinese computer networks.

2.       In 1996, the title of the United States Department of Justice's homepage was changed to "Department of Injustice".

3.       In December 1998, a hacktivist group from the US called Legions of the Underground declared a cyberwar against Iraq and China and planned on disabling internet access in retaliation for the countries' human rights abuses.

4.       During the 2009 Iranian election protests, Anonymous played a role in disseminating information to and from Iran by setting up the website Anonymous Iran and they also released a video manifesto to the Iranian government.

5.       During the Egyptian Internet black out, January 28 – February 2, 2011, Telecomix provided dial up services, and technical support for the Egyptian people. Telecomix released a video stating their support of the Egyptian people, describing their efforts to provide dial-up connections, and offering methods to avoid internet filters and government surveillance.

 6.       Google worked with engineers from SayNow and Twitter to provide communications for the Egyptian people in response to the government sanctioned Internet blackout during the 2011 protests. The result, Speak To Tweet, was a service in which voicemail left by phone was then tweeted via Twitter with a link to the voice message on Google's SayNow.

Hactivist Group - Anonymous

In 2013, to accompany the Million Mask March, Anonymous in the Philippines crashed 30 government websites and posted a YouTube video to congregate people in front of the parliament house on November 5 to demonstrate their disdain toward the Filipino government.

Anonymous rose to prominence in 2008 when they directly attacked the Church of Scientology in a massive Denial Of Service attack. Since then, Anonymous has participated in many online projects such as Operation: Payback and Operation: Safe Winter. However, while a great number of their projects have been for a charitable cause, they have still gained notoriety from the media for illegal hacking.

Following the Paris terror attacks in 2015, Anonymous posted a video declaring war on ISIS, the terror group that claimed responsibility for the attacks. Anonymous identified several Twitter accounts associated with the movement in order to stop the distribution of ISIS propaganda. However, Anonymous fell under heavy criticism when Twitter issued a statement calling the lists Anonymous had compiled "wildly inaccurate," as it contained accounts of journalists and academics rather than members of ISIS.

Hacktivist Group - LulzSec

On June 3, 2011, LulzSec took down a website of the FBI.  That week, the FBI was able to track the leader of LulzSec, Hector Xavier Monsegur.  It is claimed that the former leader of LulzSec has helped the FBI stop more than 300 cyber attacks since his arrest.


On June 20, 2011 LulzSec targeted the Serious Organised Crime Agency of the United Kingdom, causing UK authorities to take down the website.

Hacktivist Group - WikiLeaks

WikiLeaks was founded in 2006 by Julian Assange as a "multi-national media organization and associated library" and   operated under the principle of "principled leaking," to fight corruption. Originally, WikiLeaks was operated like a wiki site, meaning that users could post documents, edit others' documents, and help decide which materials were posted.

But that changed with the release of Afghanistan War documents.  In July 2010, WikiLeaks published over 90,000 documents regarding the war in Afghanistan. The war logs revealed 144 incidents of formerly unreported civilian casualties by the U.S. military.

WikiLeaks is also notable for its leak of over 20,000 confidential emails and 8,000 file attachments from the Democratic National Committee (DNC), on July 22, 2016. The emails leaked showed instances of key DNC staffers working to undermine Senator Bernie Sanders' presidential campaign prior to primary elections, which was directly against the DNC's stated neutrality in primary elections. 


Hacktivism seems to cover such a wide range of activities and motives, both legal and illegal that it cannot be classed as ‘good’ or ‘bad’ but both in different situations. Some believe hacktivism is a form of protest and is therefore protected as a form of free speech.

You make your own decision on whether hacktivism is a force for good or bad – let me know what you think.


Do you have an opinion on this matter? Please comment in the box below.




In November 2016, the UK government launched the new  Cyber Security Strategy, of which a major plank was the creation of The National Cyber Security Centre (NCSC) as part of GCHQ and giving it a mandate to pursue the radical action required to better protect the UK's interests in cyberspace.

A key strand in this new approach is the NCSC's Active Cyber Defence (ACD) programme, which aspires to protect the majority of people in the UK from the majority of the harm, caused by the majority of the attacks, for the majority of the time. It is intended to tackle the high-volume commodity attacks that affect people's everyday lives, rather than the highly sophisticated and targeted attacks which are dealt with in other ways.

What Does the ACD Programme Do?

It consists of a number of interventions  that perform a particular security service for public sector organisations.

1.      Takedown Service

This service works by requesting that hosting providers remove malicious content that is pretending to be related to UK government and also certain types of malicious content hosted in the UK. In 2017, the following results were achieved:-

·         18,067 unique phishing sites were removed across 2,929 attack groups that pretended to be a UK government brand, wherever in the world they were hosted.

·         This reduced the median availability of a UK government- related phishing site from 42 hours to 10 hours.

·         121,479 unique phishing sites were removed across 20,763 attack groups physically hosted in the UK, regardless of who it was pretending to be.

·         NCSC  worked with 1,719 compromised sites in the UK that were being used to host 5,111 attacks, intended to compromise the people that visited them. As a consequence, the median availability of these compromises has been reduced from 525 hours to 39 hours.

·         the month-by-month volume of each of these has fallen, suggesting that criminals are using the UK government brand less and hosting fewer of their malicious sites in UK infrastructure.

·         NCSC notified email providers about 3,243 Advance Fee Fraud attacks, pretending to be related to UK government.

·         NCSC have stopped several thousand mail servers being used to impersonate government domains and sending malware to people, in the expectation that the government link makes them more realistic.

 ·         The volume of global phishing has gone up significantly (nearly 50%) over the last 18 months, but the share hosted in the UK has reduced from 5.5% to 2.9%.

 2.      DMARC

DMARC helps email domain owners to control how their email is processed, making it harder for criminals to spoof messages to appear as though they come from a trusted address. Organisations that deploy DMARC properly can ensure that their addresses are not successfully used by criminals as part of their campaigns. NCSC are helping the public sector lead in deploying DMARC, including the prioritisation of 5,322 government domains for adoption in the first instance.

At the end of 2017, there are  555 (about 10%) government domains reporting to the Mail Check service.

The number of messages spoofed from an @gov.uk address (for example, This email address is being protected from spambots. You need JavaScript enabled to view it.) has fallen consistently over 2017, suggesting that criminals are moving away from using them as fewer and fewer of them are delivered to end users.

Across the 555 public sector email domains reporting to Mail Check, we are seeing an average of 44.1 million messages a month which fail verification. Of those, an average of 4.5 million are not delivered to the end users. The peak in June saw 30.3 million spoofed messages not delivered to end users.

3.      Web Check

Web Check performs some simple tests on public sector websites to find security issues.

It provides clear and friendly reporting to the service owners, along with advice on how to fix the problems.

During 2017 Web Check performed 1,033,250 individual scans running 7,181,464 individual tests.


In that period, it found 2,178 issues relating to certificate management, 1 relating to HTTP implementation, 184 relating to out of date content management systems, 1,629 relating to TLS implementation, 76 relating to out of date server software and 40 other issues.

4.      Public Sector DNS

The Public Sector DNS service provides protective DNS services to public sector bodies that subscribe to it. It blocks access to known bad domains, where the block lists are derived from a combination of commercial, open source and NCSC threat feeds. It also performs analytics on the resolution data to find other security issues. The intent of the service is not just to block bad things, but to notify system owners so they can perform remediation.

At its peak in December 2017, the public sector DNS services was responding to 1.23 billion requests a week.

 During that peak week, 273,329 requests were blocked.

5.      Signalling and Routing

Work is ongoing to make both source and destination address spoofing in IP space much harder and the consequent impact this could have on using UK infrastructure as part of a DDoS attack and traffic hijacking.


In summary, there is clear evidence that NCSC is doing what it was setup for and is making a big dent in the world of scams, phishing, data breaches and more.

 Well done the NCSC in it’s first year.

https://www.ncsc.gov.uk/ for further information

Do Share this post on social media –click on the icons at the bottom of the article.




The Information Commissioner's Office (ICO) is the independent regulatory office dealing with the Data Protection Act 1998 and the Privacy and Electronic Communications Regulations 2003 across the UK plus several other related government acts.

 The Office's mission is to "uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals" 

The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty of up to £500,000.

The ICO is very busy as more than 140,000 concerns about nuisance marketing were reported to the ICO in 2016 – about 370 a day

The ICO has issued more than £1m in fines to cold call crooks in 12 months with another £2m of fines in the pipeline. There is an upcoming law change which would allow ICO to fine not only nuisance call companies but the directors behind them.

ICO Advice on How to Stop Nuisance Calls

1.       Tell the caller you don’t want to receive marketing calls from them. If the organisation continues to call you can report your concerns to ICO

 2.       Register for free with the Telephone Preference Service, a list of people who have opted out of receiving live marketing calls. If you register with the TPS and continue to receive nuisance live marketing calls 28 days after registering, you can complain either directly to the TPS or report your concerns to ICO.

Recent Fines

  •  In February 2016, the ICO fined Prodial, a lead generation company, £350,000 for making 46 million nuisance calls.
  • Nuisance call and spam text firms hit with £2m in fines by the ICO in 2016
  • A London firm behind over 156,000 spam texts has been fined £45,000 by the ICO.
  • Hamilton Digital Solutions fined £45,000 and ordered to stop illegal marketing or face further legal action.

 What About the Cold Callers Who Closedown To Avoid Prosecution?

When prosecuted, some of the cold calling companies have deliberately gone into liquidation so they cannot pay the fine and the prosecution comes to a stop.

The ICO is fighting back against this action by working with other regulators such as the Insolvency Service and Claims Management Regulator.

The Insolvency Service disqualified Hassim Iqbal, the director of personal injury claims management company Check Point Claims, from being a director for failing to comply with regulations relating to its business. Blackburn-based Check Point Claims failed to pay an ICO fine of £250,000 for making 17.5 million nuisance calls.

The Law

The European Union’s General Data Protection Regulation (GDPR) is a new law which will apply in the UK from 25 May 2018. This will not be affected by the UK’s plans to leave the EU.

See www.fightbackonline.org/index.php/business/47-legal-changes-to-business-to-business-email-marketing  for further information on GDPR.

The ICO has published detailed guidance for companies carrying out marketing – explaining their legal requirements under the Data Protection Act and the Privacy and Electronic Communications Regulations. The guidance covers the circumstances in which organisations are able to carry out marketing over the phone, by text, by email, by post or by fax.

The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act. They give people specific privacy rights in relation to electronic communications. There are specific rules on:

marketing calls, emails, texts and faxes;

cookies (and similar technologies);

keeping communications services secure; and

customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

Actions Taken in November 2017 by ICO

·         9,689 concerns were reported to the ICO in November 2017

·         Hamilton Digital Solutions were fined £45,000 for sending over 150,000 spam texts.

·         Enforcement notices

·         Hamilton Digital Solutions were also issued with an enforcement notice, ordering them to stop illegal marketing or face legal action.

·         177 cases were under investigation

·         25 third party information notices issued (these notices compel communications service providers to give information to the ICO).

Report Nuisance Callers

ICO rely on people reporting nuisance callers, so it’s important to report such problems.

To report a concern to the ICO telephone the helpline on 0303 123 1113 or go to ico.org.uk/concerns.

If you have any experiences with scammers, spammers or time-wasters do let me know – go to the About page then Contact Us.



Do you need an essay written for you – at school, at college or even as a PhD student?

There are hundreds of essay writing services on the Internet offering to write essays on any subject, to whatever standard you choose and as fast as you need.

Of course, the higher the standard and the faster you need the result then the more you have to pay.

Example Prices at academic-paper.co.uk

An undergraduate assessment paper of 1 page guaranteed a 2.2 costs £13.77 within 10 days or up to £20.25 if needed within 3 hours.

A speech for High School use of 1 page delivered within a week costs £12.77

A PhD dissertation of 10000 words at first class level within one month costs £3,240


These sites clam to produced non plagiarised work i.e. they don’t copy anything  - all of the content is original.

Some say this means the student shouldn’t be accused of cheating because the work is original, but of course it’s not written by the student which is the purpose after all.

 You may consider this to be cheating or just ‘helping’. However, by presenting someone else's work as your own you would be in breach of the plagiarism policy at any university. The papers might pass an online plagiarism scan, but the tutor may recognise the style or typical content is significantly different to your usual work and if asked to reproduce the work in a classroom situation – that may be impossible. 

The Facts

1.       These websites typically promise the results are plagiarism free (i.e. none of it is copied from someone else’s work), but there is obviously a big temptation for writers to make their lives easier by a little copying.

2.       The websites state that the work is for example or research only and is not to be handed in to a tutor or any exam body or similar. 

3.       Essay writing services do not directly employ writers normally – they have a bank of freelance writers who can be called upon to deliver specific pieces of work.  This gives them access to a wide range of writing talent but also makes them extremely dependent on the skills (and timekeeping etc.) of those freelance writers.  They may contract to provide you with a piece of work to a set standard by an agreed deadline but it all depends on the freelance writer assigned to the task.

4.       If the service fails to provide work to the agreed standard or deadline, there is little you can do beyond requesting a refund. You may only get a credit against another piece of work.

5.       Generally the higher the price then the better and/or  faster the work but that isn’t always true and some services give poor results (according to reviews) and trust that people won’t complain too much.

Customer Experience

It is quite difficult to find real reviews of the essay writing services as many of them try to capture any searches looking for bad reviews.  But there are genuine reviews on some sites e.g.

“What a disappointment and terrible experience.”

“This paper is without a doubt NOT college-level material! I asked them to revise the paper because of many errors that were very easy to recognize, and it did not even include some of the main points that I stated in the description of the assignment! Even after a revision, the paper was still not close to acceptable. Some of the many errors include: the first sentence did not even make sense, half of the paper was grammatically incorrect, it was in numerous different fonts, and the writer used bullets in the paper rather than writing it in essay format because they seemed to be too lazy to add to a body paragraph!”

“They did not even complete my assignment and the summaries I asked them to do? They basically copied and pasted excerpts directly from the articles and they had so many grammatical errors that I would have have to redo the assignment.”

“Terrible. Wasn’t completed on time. No direct quotes from research. Not in correct format. Messy disorganized. poor transitions and word choice. This paper is a sure "F" for me. What a waste of money. I even paid for a better writer. Never again.”

Crackdown on Essay Mills

The Universities minister (till January 2018), Jo Johnson, said: “Essay mill websites threaten to undermine the high quality reputation of a UK degree.”

He asked student organisations and the institutions for guidance to help combat “contract plagiarism”, where tens of thousands of students are believed to be buying essays for hundreds of pounds a time.

The Quality Assurance Agency (QAA), believe there are now more than 100 essay mill websites in operation.

U.K. institutions develop their own plagiarism policies, but the QAA has recommended new laws to make it illegal to help students “commit acts of academic dishonesty for financial gain”, punishable with fines of up to £5,000.

The Irish government are working on new anti-cheating laws based on legislation introduced in New Zealand which makes it illegal to advertise or provide third-party assistance to cheat.  It is suggested the UK could also look to those laws as examples.

Essay Scammers

If you do use an essay writing service for its correct purpose i.e. for examples or research, then do consider for example testing the service before committing a lot of money and do check online reviews where possible.

Some scammers set-up fake essay writing websites and send out scam emails linking back to those sites. They may believe that few customers will contact the Police even if no essays are delivered.


Do you have an opinion on this matter? Please comment in the box below.

There are huge numbers of apps available for your smart phone, with more appearing every day. Many are free, some start out as free but try to make you spend for an upgrade and some you have to pay for. 

The quality of these apps is highly variable and the price may bear little no relation to the quality.

There are many very useful apps, lots of ones that are simply entertaining in some way, informative apps and so. But there are also bad apps – scam ones that promise something you want but fail to provide, ones that claim to be harmless but are Trojans and infect your device with malware or try to steal confidential information and some that are simply rubbish.

Why are these bad apps allowed?

When someone creates a new APP and uploads it to Android or APPLE, some checks are carried out but these are limited and the scam apps can get through or sometimes the original APP is harmless then updated by the author with added scam features.  If you choose to download from a 3rd party site i.e. not from Google or APPLE then the chances of getting a bad app may be higher.

App Permissions on Android

When you install a new APP it asks for permission to access various features and data in your phone.

You should check these and see if they make sense.  E.g. a photo APP will need access to your pictures on the phone.

Many apps ask to check your location – largely so they can tell where people are that are downloading their APP.

But do be careful – if you download for example a flashlight APP and find it asks for permission to access your pictures and movies and to make calls then do not continue. apps should only ask for permissions that make sense based on the nature of the APP.

Gag Apps

These are apps that are ‘just for fun’ and don’t actually do anything useful. E.g. X-RAY scanning which is obviously not possible any more than the old X-RAY spectacles that used to be advertised in magazines and newspapers to let you see through anything.

There are Lie Detector apps that fall into this category by giving random lie/truth responses.

As you might expect there is one called ‘The Most Useless APP ever’ and it is just that but at least it’s free.

Pointless Apps

These are apps that claim to do something useful but do not. Sadly, some people pay for them and maybe never realise they have been conned e.g.

       Battery Extenders or Chargers

These claim to extend the life of your battery or recharge it without plugging in to the mains. Once installed, these may suggest you shake, rattle, or otherwise do exercise with your phone and it will be magically recharged. Nope – not possible.

       Memory Boosting apps

Many people’s phones run out of memory due to too many games or pictures or movies etc. stored on the phone or maybe there is very little memory to start with and a few installed apps use it all.  The idea of magically extending the memory without actually buying  more memory was tried on PCs in the nineties and software claiming to double your RAM became popular. However it never worked on PCs and it doesn’t work on smart phones.

Malicious Apps

There are people who create malicious apps – ones that try to steal confidential information or take over your phone.  These can be in any guise but are most commonly apps that promise something fantastic e.g. easy money making.

Even anti-virus apps can be dangerous. Research by RiskIQ showed that out of 4,292 active antivirus apps, 525 were potentially malware. 525 of those were in the Google Play store and the remainder in third-party app stores.  Be very careful of anything you download for your smart phone that isn’t from GOOGLE or APPLE and with anti-virus apps - pick one of the major makers not a little known company.

There are numerous anti-virus apps that are believed to have no effect such as ANG Anti-virus which seems intended to be a copy of AVG Anti-virus but doesn’t function.

Money Making Apps

These are almost always a scam. The promise of easy money is very attractive to many people and scammers make use of this. Always ask yourself how the supplier can make money from what they offer. If they want you to fill in a few surveys then how can they possibly make enough from your entries to make profit themselves? The answer is “it’s not possible” in almost all cases.

Retailers can ask their own customers to fil in surveys at no cost. It is rare for a business to pay for a survey and then the people taking the survey would have to fit specific criteria e.g. for a car maker it might be that you have bought a new car in the last 12 -24 months.

If they want you to install apps in order to be paid then think carefully before agreeing.

Poor Quality Apps

There are endless poor quality apps available. This is often because the app maker does not have the time and resources to invest in making a quality app but it can just be a case of people dumping rubbish apps on the market and not caring. 

Dating Apps

There is a big demand for online dating and a large number of apps try to make this work. Some of the larger dating services do have very good apps and use the science they can but many are just cheaply created, have no science behind them and invent the numbers of users they claim.

The Ashley Madison debacle showed that while large numbers of men used the site, almost all of the supposed women users were faked by Ashley Madison employees.  The men believed they were being contacted by real women but it was largely automated software they were talking to.  The Ashly Madison small print did state that use of the site is purely for entertainment i.e. people shouldn’t complain if the person they are talking with is a fake.

Most dating apps have only tiny numbers of users, but they don’t tell you that.

Be careful downloading new apps – preferably only from Google or APPLE depending on your smart phone, do check reviews before downloading and do check any permissions asked for make sense.

If you have any experiences with bad apps do let me know – go to the About page then Contact Us.


You will have read about or heard about cyber currencies such as Bitcoin. There are constant adverts trying to get people to buy Bitcoins with promises of instant wealth. While it’s true that Bitcoin has gone up in value massively – it is extremely volatile so is dangerous as an investment. Also, the value only exists on computers and there have been break-ins at places where ‘bitcoin’s are stored on computer and large scale thefts have happened.


A UK based operation  is creating PayperEx which is a new online market in cyber currencies.

It calls itself “The world's first alternative share market for cryptocurrencies and private companies based on blockchain technology”.

Blockchain Technology

For the everyday currencies that we all use,  banks hold records of how much we have (or owe) and so do other financial organisations, retailers and many others. They have ledger systems for keeping these records and audit trails to prove the figures are genuine. This is a very centralised way of keeping records and relies on the banks and other organisations who make a lot of money by managing this process.

Block chain is a method to allow de-centralised records that don’t need the involvement of banks or other financial organisations and hence transactions can be carried out at much lower charges.   This is only possible with cyber currencies that use block chain.

When a digital transaction is carried out, it is grouped together in a block with other transactions that have occurred in the last 10 minutes, encrypted  and sent out to the entire network.  The transactions are validated by a process called “mining” which is not described in this article.

The way this distributed record works is by having a network of replicated databases that are synchronised across the Internet and can be seen by anyone in the network.

Some of these networks are private but others are open so anyone can see the records. They cannot see the confidential details of people making the transaction though. That is still private.


PayperEx say their goal is to give people from all over the world a fair, easy and affordable chance to enjoy the benefits of the share market by buying "Paypers" - share based units on cryptocurrencies and private companies.

Blockchain technology is used to make the network secure and transparent.

PAX Private Wallet is to be a peer-to-peer payments service that allows people to send and receive funds in a simple

Pax Cyber Coins

The new coin is called PAX or PAX token and it is the only one used on the PayperEx network.

Each activity in the PayperEx network is performed using PAX, making the token an integral part of the network and the driver of its economy.

The Paypers

Paypers are shares based units on financial assets such as Bitcoin or a private company that will issue their shares in the network.

For every underlying asset, PayperEx will issued a limited quantity of Paypers.

Two types of Paypers will be issued: “BULL” and “BEAR”.

A "BULL Payper" for those who think that the price of the underlying asset will rise and a “BEAR Payper” is for those who think that the price of the underlying asset will fall.

For example, you believe that Bitcoin is going to rise, so you buy the “Bitcoin Bull Payper”. If Bitcoin does rise then you sell the Payper to another PayperEx participant and you have made a profit.  

The Paypers – Paypers are shares based units. To trade on the PayperEx network, users need to buy Paypers, each instrument (e.g. Bitcoin, Ethereum, etc.) will have a limited amount of Paypers that will be issued.

PayperEx is a UK company, whose founders have more than 15 years of experience in the finance industry,

Will this new venture work?

We will see!

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Colourful Robots

Social bots  are used in social media networks to automatically generate messages including Tweets and posts,  in order to advocate specific ideas, support campaigns, counter other social media postings and sometimes to pretend to be a person and attract followers etc.  

 Social bots appear to have played a significant role in the United States presidential election in 2016 but they have been in use since 2010.

 Twitterbots are already well-known examples, but there are corresponding bots on Facebook and other social media networks.

 Social bots are expected to play a growing role in elections and national votes unless legislation is enacted to restrict their impact.


Oxford University Study

 A study by Oxford University says “Facebook and Twitter Bots Are Starting to Influence Our Politics” and this is a warning that the influence of social bots should  can no longer be ignored.

 The report from Oxford University looked at the effect that social media bots pretending  to be real users online, had on the 2016 president election. Researchers aimed to determine whether the bots were actually able to affect the flow of information.

 The finding was that bots did have a significant influence on digital communication during the 2016 U.S. election,.

 Social bots are used "for spreading disinformation, political attacks and amplified perspectives," the study said. Research shows that politicians and campaigns have used bots in the United States and abroad in the past, allowing them to "manufacture consensus" and "democratize online propaganda" — meaning their views appear to be supported by a mass of real people.

 Propaganda Bots

 These are social bots pretending to be real people and these are increasingly being used on social media to affect public opinion in many countries. These fake profiles are common in Russia, the US and Germany among other countries.

 Jeremy Corbyn's election campaign in 2017 campaign was boosted by fake Twitter accounts, regardless of whether his people had any involvement in setting them up. They were churning out an average of 1,000 messages a day  favouring Labour.

 A study by the FT reported that during the BREXIT referendum campaign, "the 20 most prolific accounts … displayed indications of high levels of automation". This supported research last year, again from Oxford, that found that "on average 12.3% of traffic about UK politics is generated by highly automated accounts".

 Bots with large numbers of followers are the ideal conduits for disinformation, sharing fake news within the echo chambers that have grown out of the content display logic of social media algorithms.

 Junk News

 One in eight political stories shared on Twitter in the run-up to the general election is from a "junk news source", according to latest research.

 The study found content about the Labour Party dominated traffic in the 2017 General Election.

 Research was based on an analysis of political news links shared by UK users in the first week of May 2017

 UK users shared one link from automated bot accounts promoting "junk" information for every four links to professionally produced news, according to the Oxford Internet Institute.

 Of those shared, 53% linked to professional news and information sources, while 13% linked to junk news - stories that are misleading or conflate opinion and fact.

 The rest of the sample included links to content created by politicians, experts and blogs.


Cambridge Analytics

 The Guardian has run several stories claiming that Cambridge Analytics is “a shadowy global operation involving big data” that also made a difference in the U.K. Brexit vote.

 The company claim they can persuade people to take a particular action by triggering psychological cues but the results are mixed and they have famous failures including when they backed Senator Ted Cruz to become Republican nominee and that didn’t happen.

 There is little evidence that their support for Donald Trump’s campaign was helpful.

 Trump’s Twitter following is estimated to be only 30 percent fake. That’s a lower percentage than, @barackobama — or The Washington Post. So you can see how widespread this problem has become.  


Out of Control

 Some people think that social bots are out of control and give too much power to those with the technology, but a lot may simply be good Marketing by these companies selling the technology.

 It is very likely that the effects of social bots will grow as they become battlegrounds in major votes.

 Maybe something has to be done about this.

 Do you have an opinion on this matter? Please comment in the box below.

If you have been defrauded of money or assets and the Police do not prosecute, then you may  consider a private prosecution – but it’s not easy.   

Criminal Prosecution

The Police recommend that you report any fraud to Action Fraud, who collate the information and where relevant pass cases onto the appropriate Police Force. 

The Police do not, however, have the resources to investigate every case.

If your case is successfully investigated it will be referred to the Crown Prosecution Service who will determine whether or not to prosecute.  This may be in a Magistrate’s Court or in the Crown Court

Private Prosecutions

If there is no criminal prosecution, you can consider a civil prosecution., which can result in a fine for the fraudster but not a custodial sentence or similar.

Anyone can bring a civil prosecution, but it can be expensive to pay for an investigation and prosecution so is usually only pursued in high value cases by people with significant financial assets.

Anyone contemplating a private prosecution should seek professional legal advice from a specialist solicitor or barrister.

Civil Litigation and Asset Recovery

As a fraud victim you may decide to seek compensation and recover assets by suing the fraudster (the defendant) in the civil courts. Breach of contract is the most common use for this.

A wide range of factors will influence the prospects of recovering your losses:

•             whether the money, or the fraudster, is located overseas;

•             the total number of claimants;

•             the availability of the fraudster’s assets;

•             the size of the total loss; and

•             the willingness of law enforcement agencies to cooperate and share information with the claimant (particularly when a criminal case has already been pursued).

Many lawsuits result in out-of-court settlements. Those cases that do go to trial are dealt with by the County Court or High Court, where they are allocated to an appropriate ‘track’ according to their value and complexity.


You can check online whether or not you qualify for legal aid at https://www.gov.uk/check-legal-aid

It is likely that you will need to pay your own legal fees, investigation costs and out-of-pocket expenses (known as ‘disbursements’). But other funding options are sometimes available.

Some of your legal expenses may be covered by an existing insurance policy. Otherwise, it may be possible to buy ‘after the event’ insurance, with the premium paid up-front, before proceedings start.

If you are one of a number of victims affected by the same fraud, you might agree to share costs by acting collectively, in a class action.

Credit Card Provider

If you pay for something using a UK-issued credit card and are defrauded, you might be able to recover your losses from the card provider.

Purchases between £100 and £30,000 made wholly or partially with a credit card are protected by Section 75 of the UK Consumer Credit Act 1974. This makes the card provider and the retailer jointly liable if something goes wrong.

As the cardholder, the most for which you will usually be liable is the first £50 of any unauthorised withdrawals or purchases (unless, for example, you have been grossly negligent such as not keeping your PIN secure).

Contact your credit card provider and give full details of what happened.


It is worth checking your insurance policies to see whether you are insured against fraud, theft and/or dishonesty.

This may be through a stand-alone policy – for example, for card protection (individuals) or employee dishonesty/fidelity (businesses) – or as part of a wider insurance product such as home contents, travel, or legal expenses.

You can sometimes buy insurance after a fraud has taken place. This is called ‘after the event’ insurance. You might need this kind of policy to help fund the costs of civil litigation, asset recovery and/or insolvency. Such policies do not really provide insurance against fraud loss, but against the high cost of trying to recover those losses through legal proceedings.

Civil actions require a lower standard of proof than criminal proceedings - they only need to establish the case on a balance of probabilities.

This information is provided by The Fraud Advisory Panel.

For further information go to https://www.fraudadvisorypanel.org/uk-victims/recovering-your-money

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Which Magazine LogoThe consumer magazine “Which” has been going since time began.

 They have always campaigned for changes to the law to help consumers and to stamp out bad practices and they have special legal powers to make this easier on behalf of all consumers.

Which? is a brand name used by the Consumers' Association - a registered charity, based in the United Kingdom. It exists to promote informed consumer choice in the purchase of goods and services by testing products, highlighting inferior products or services, raising awareness of consumer rights and offering independent advice. The association owns several businesses, including Which? Financial Services Limited (Which? Mortgage Advisers), Which? Legal Limited, and Which? Limited, which publishes the Which? magazine.

The Consumers' Association is the largest consumer organisation in the UK, with over 573,000 subscribers to its magazine.


The Consumers' Association has the power under The Enterprise Act of 2002 to take action on behalf of consumers, including the ability to bring a super-complaint to the Office of Fair Trading (OFT). A super-complaint can be made about any market that is not working properly for consumers. The OFT has 90 days in which to assess the complaint and decide what to do about it. It can reject the complaint in part or as a whole, it can launch a market investigation, take action under competition law or consumer law, or refer the market to the Competition Commission for further investigation.

Which? made its first super complaint about private dentistry in 2001.It later made complaints about care homes, the Northern Ireland banking sector and credit card interest calculation methods. In March 2011 it made a super complaint about unfair debit and credit card payment surcharges made by retailers. 

Online Fraud Super-Complaint

In September 2016 Which? filed a super complaint against banks that routinely refuse to reimburse victims who have been scanned into transferring money into fraudsters’ accounts. Which? said banks should “shoulder more responsibility” for such fraud, much as they already reimburse customers who lose money through scams involving fraudulent account activity, or debit or credit cards.

According to official industry data, cases in the UK reported totalled  1,007,094 in the first half of 2016. Which? said: “Consumers can only protect themselves so far. People cannot be expected to detect complex scams pressuring them to transfer money immediately, or lookalike bills from their solicitor or builder” that are copied from genuine bills but have had the bank account number and sort code changed.”

Which? asked the financial regulator, to ensure banks better protect customers who are tricked into sending money to a fraudster. However, the regulator is not yet convinced that banks should be responsible for money lost to bank transfer scams.

Which? need more people to share their scams experiences with them and help put pressure on the regulator to deliver this change.

 Go to  https://campaigns.which.co.uk/scams-fraud-safeguard/ to add your name to the campaign.

Campaign - PPI Mis-Selling

Payment protection insurance (PPI) was usually sold with products that you need to make repayments on, like a loan, credit card or mortgage.  It was designed to cover repayments in certain circumstances where you couldn’t make them yourself. These include if you were made redundant or couldn’t work due to an accident, illness, disability or death.

As many as 64 million PPI policies have been sold in the UK, mostly between 1990 and 2010.

But Which found that PPI was often mis-sold. More than £27bn has already been paid back to people who complained about the sale of PPI.

Campaign – The Big Change

Which don’t think banks always treat their customers fairly and wants bankers to start putting customers first.

The public deserve better and banks should be publicly held to account for their customer service

Which? need your support to convince the regulators, government and banks to deliver better everyday banking

http://www.which.co.uk/campaigns/better-banks/  to add your name to the campaign.

Campaign - Challenging Whirlpool

Which? want to make Whirlpool do more to prevent faulty dryer fires

Some 750 fires have reportedly been linked to Whirlpool’s faulty tumble dryers. Despite beginning a repair programme, Whirlpool’s fire-risk dryers continue to pose a potential threat to people’s homes. Whirlpool’s seemingly slow, and Which? think inadequate, response has further highlighted problems with the current product safety system. Join them in challenging Whirlpool to sort this mess out quickly.

Go to https://campaigns.which.co.uk/challengingwhirlpool/ and add your name to the campaign.

Campaign - Nuisance Calls and Texts

Which? are working with the Government to take action on nuisance calls and text messages.

Which want to stop you from being bombarded by this menace.

Sign their petition and report your nuisance calls to keep up the pressure 

Go to http://www.which.co.uk/campaigns/nuisance-calls-and-texts/ and add your name to the campaign.


If you have any experiences with scammers, spammers or time-wasters do let me know – go to the About page then Contact Us.


Fat Prairie Dog

In the past, when almost everyone had to work physically hard to get enough food, obesity was not a major problem.  But nowadays, many of us have sedentary lives, get little exercise and have access to a huge range of foods many of which are calorie dense, meaning you don’t have to eat much to get a lot of calories – chips, pasta, sweets, cake, biscuits etc. And we love this stuff, feeding ourselves on processed foods to save time or money or just because we prefer the mix of salt, fats and sugars the manufacturers often load into the products.

1.     The Problem

Obesity is very much a serious problem in the advanced countries and the weight-loss industry is enormous but not necessarily very effective.

In the USA from 1980 to 2000 obesity rates doubled. In 2001, the U.S. surgeon general announced that obesity had reached “epidemic” proportions. Now, around 37% of adults are classed as obese . In Europe the picture is little better with most countries having more than 20% obese and the UK the worst at 28%.

Diets, supplements etc.  clearly help some people, but the problem of obesity continues and ever more fad diets and methods for weight loss keep appearing and sadly many are complete scams, perpetrated by people simply seeking to take advantage and make money for nothing.

The weight-loss industry is worth more than $100 billion worldwide.

2.     Losing Weight

Two of the most commonly used diet methods are the 5:2 diet and the Mediterranean diet which both have good scientific evidence to support them.

But, in theory, you can lose weight on pretty much any diet - as long as you eat fewer calories than your body  consumes in your daily activity.

Many weight loss programmes are quite ridiculous and have no scientific evidence to back them, but people are taken in by Marketing, celebrity endorsements and quite frankly a lot of lies.

Most diets work by making us eliminate certain foods from our diet. Remove one food (or many foods), eat other foods, and you will lose weight. But stopping eating favourite foods is not easy and is difficult to maintain long-term.

Diet regimes where the weight loss is at a moderate rate and can be sustained for a long run stand far better chance of long term weight loss than any of the quick fix methods.  But you can understand why people choose the quick fix rather than the long term slow approach.

The average on most successful short term diets is about 2 -3 pounds per week.  The more fat you have to lose the quicker the process at least initially. It gets harder to lose the last few pounds than the first few.

Even weight loss of one pound per week over a year gives 52 pounds and that’s a lot of weight loss if you can avoid putting it back on again.

3.     Scams and Ridiculous Methods

There are endless ridiculous diets on the market, including:-

·         The wine and eggs diet

·         The baby food diet

·         The cookie diet (seriously, just cookies)

·         The cigarette diet

·         The tapeworm diet (yuk)

·         The chocolate diet (I’d try that)

·         The magnetic diet


Some examples of scams

e.g. Grandma and Grandpa Rapid Weight Loss

Scammers like to pick unusual groups or places from which suddenly emerges a magical secret that can give rapid weight loss or increased brain capacity or a diabetes cure or banish cellulite or even a  cure for Cancer.

One latest one is about how Grandpa Dan and Grandma Sylvia were flying home when Dan had a heart attack and the plane had to land in Germany where they were taught a unique 2 minute ritual that magically melts away belly fat.

So much so that Dan and Sylvia between them have lost 68 pounds of unwanted weight.


Another magic weight loss secret (this one is soup) that lets you lose up to 37 pounds in just 20 days. In reality, you’d have to have your mouth sewn shut to have any hope of achieving that speed of weight loss.

Here’s another one.  Apparently, breakthrough research has discovered a fat burning ingredient in a common fruit and this can lead to 47 lbs weight loss in just 30 days. To get that rate of weight loss  I assume they kidnap you, chuck you in a prison and completely starve you for the 30 days. I can do without that.

4.      The Most Popular Diets of 2017

A diet is simply any fixed plan of eating and drinking designed to  achieve weight loss or maintain a weight or in some cases to gain weight.

1. Atkins diet

The Atkins diet, focuses on controlling the levels of insulin in the body through a low-carbohydrate diet.

People on the Atkins diet avoid carbohydrates but can eat as much protein and fat as they like.

2. The Zone diet

The Zone diet aims for a nutritional balance of 40 percent carbohydrates, 30 percent fats, and 30 percent protein in each meal. The focus is also on controlling insulin levels, which may result in successful weight.

3. Ketogenic diet

The ketogenic diet has been used for decades as a treatment for epilepsy and is also being explored for other uses. It involves reducing carbohydrate intake and upping fat intake. It sounds contrary to common sense, but it claims to let the body burn fat as a fuel, rather than carbohydrates.

4. Vegetarian diet

Many people choose a vegetarian diet for ethical reasons, as well as health.

There are many varieties of vegetarian diet including lacto-vegetarian (includes milk products).

5. Vegan diet

A vegan does not eat anything that is animal-based, including eggs, dairy, and honey. Vegans do not usually adopt veganism just for health reasons, but also for environmental, ethical, and compassionate reasons.

6. Weight Watchers diet

Weight Watchers focuses on losing weight through diet, exercise, and a support network.

Dieters can join either physically and attend regular meetings, or online. In both cases, there is lots of support and education available for the dieter.

There are thousands of other diets available of course.

5.     Scam, Fad or Both?

The FTC has provided a checklist, which is intended for advertisers but can also protect consumers from their own gullibility. Think twice before purchasing a product that promises any of the following:

·         Weight loss of two pounds or more a week for a month or more without dieting or exercise.

·         Substantial weight loss no matter what or how much you eat.

·         Permanent weight loss even after you stop using the product.

·         Blocking the absorption of fat or calories to enable you to lose substantial weight.

·         Safely lets you lose more than three pounds per week for more than four weeks.

·         Substantial weight loss for all users.

·         Substantial weight loss by wearing a product on the body or rubbing it into the skin.

6.     The Future

No doubt there will be a constant stream of ridiculous diets and fads for people to follow - celebrity diets, super-foods, supplements and any number of ‘magic’ ingredients to make dieting easier. Many will not work and some will be dangerous.

The successful dieters are most likely those with a very good reason to stick to a diet and those following the straightforward diets such as 5:2 and the Mediterranean diet and those going to Weight Watchers.

Maybe something that is magical in its effect on our weight will happen one day. But I’m not holding my breath waiting for it.

Do you have an opinion on this matter? Please comment in the box below.




1.     Ransomware

Ransomware started around 2012 and is where your computer pops up a message saying that your files have been encrypted and you can only get them back if you pay a ransom.

Sometimes these messages are just what is called ‘scareware’ i.e. its an empty threat and if you don’t pay then nothing is lost. But the warning can also be real and you find your files have been encrypted and the chance of getting them unencrypted without paying the ransom is very slim.

Even if you do pay the ransom you may not get your files back.

Ransomware usually gets into your computer when you open an email attachment that contains the malicious code,  disguised as a legitimate file. However, WannaCry can jump from one computer to another without the user doing anything.



2.   Wannacry


The story of how WannaCry was so successful in propagating itself starts with the US government.  The NSA discovered a vulnerability in Microsoft Windows but didn’t warn Microsoft. The company did later find the vulnerability and issued security patches to fix it. But not everyone keeps their Windows computers fully up to date with security patches.

The vulnerability was used in a piece of software called EternalBlue which was published on the Internet by a hacking group called Shadow Brokers. Many believe the software was created by the NSA for their own use.

The WannaCry ransomware attack started in May 2017, The ransomware demands users pay $300 worth of online currency Bitcoins to retrieve their files, but the price goes up if they don’t pay on time. Even paying the ransom does not ensure a decryption key will be made available.

A UK cybersecurity researcher (known by the Twitter handle @malwaretechblog)  with the help of Darien Huss from security firm Proofpoint looked at the ransomware and discovered the name of a website which was being accessed by the ransomware. The website address hadn’t been registered by anyone so he bought the domain name. This was to track the progress of the Ransomware, but turned out to be a kill switch. Once there was a website at the domain name then Wannacry stopped spreading.

Back in March 2017, Microsoft  issued security bulletin MS17-010, which explained the flaw in MS Windows and announced that patches had been released. Two months later when Wannacry hit, some organisations had not installed the security patches and hence their systems were vulnerable to the attack.  The day after the attack started Microsoft issued emergency security patches for Windows 7 and Windows 8. Microsoft also later released patches for unsupported Windows XP  and Windows Server 2003.

 The way that Wannacry encrypted files meant that in some cases a decryption key could be generated. This method was posted on the Internet and  a tool known as WannaKey was developed  which could use this method on Windows XP computers.

WannaCry is estimated to have infected around 200,000 computers across 150 countries. According to Kaspersky Lab, the four most affected countries were Russia, Ukraine, India and Taiwan.

The strange thing about Wannacry is that it does not seem to have been designed to make money.  It turned out later that the way Wannacry demands payment by Bitcoin does not give the fraudsters enough information to create  decryption keys per organisation even if they wanted to.  

Previously common ransomware such as J.Lockey made millions of dollars for its perpetrators. But Wannacry only collected around $140,000. Once victims knew they couldn’t get a decryption key – they stopped paying.  

What was it all about?

3.   The NHS

Wannacry was rapidly spread across Europe and Asia and happened to hit the NHS very hard for a series of reasons including that they had old Windows 95 machines on their network and because their network has a huge number of computers attached to it. 

The attack affected many National Health Service hospitals in England and Scotland, and up to 70,000 devices – including computers, MRI scanners, operating theatre equipment and more were affected in some cases.

 On 12 May, some NHS services had to turn away non-critical emergencies. This was life threatening for some.

4.     Who Created Wannacry?

Linguistic analysis of the ransom notes indicated the authors were likely fluent in Chinese and proficient in English.

Cybersecurity companies Kaspersky Lab and Symantec have both said the code has some similarities with that previously used by the Lazarus Group (believed to have carried out the cyberattack on Sony Pictures in 2014 and a Bangladesh bank heist in 2016—and linked to North Korea). This could also be either simple re-use of code by another group or an attempt to shift blame. North Korea denies being responsible for the cyberattack.


5.     The Future of Ransomware

Wannacry seems to be about disruption rather than collecting money.

Plus it has the ability to jump from one computer to another – this makes ransomware much more dangerous than the versions that simply demand a few hundred dollars.

It can be expected that there are people working hard to create a new ransomware with that jumping capability but looking to make a lot of money.

The problems at the NHS showed that such ransomware can endanger life.

Hopefully many people will have been woken up by what happened and realise they have to put in the funds to keep their systems fully up to date with security patches and put more effort into maintaining the confidentiality of their customers and staff as the next generation of ransomware may be designed to capture confidential data as well.

As to the people who just want to cause disruption or deny us access to data – we can probably expect more such attacks and with a variety of reasons behind them.

Keep your online security fully up to date.

Do you have an opinion on this matter? Please comment in the box below.