Safe Digital Community During COVID-19

More than ever before, it has become pressing to provide essential cyber security support, especially to SMEs and drive an effective mass cybersecurity awareness campaign in Nigeria, specially tailored for the underserved and digitally marginalized. The Safe Digital Community During COVID-19 program is designed to curtail the cyber risks associated with the COVID-19 pandemic by strengthening the most vulnerable businesses and individuals in our community with a priceless defense; knowledge.

This program is divided into two prongs Mass Awareness on Cybersecurity Hygiene and an Cyber Essentials Training Program for employees of 1500 SMEs across Nigeria.

The training program had two learning paths; CyberUp (designed strictly for IT professionals) and CyberAware (non-IT professionals). Each of these interactive tracks equipped participants with knowledge and skills required to identify, protect, detect and respond to COVID-19 instigated cyber threats enabling them and their organization stay safe from the most prevalent cyberattacks.

Our faculty team consists of highly experienced and exceptional cybersecurity leaders based in Nigeria, United Kingdom, Canada, United Arab Emirates, United States of America, Cayman Islands and South Africa.

Funded by UK Government’s Prosperity Fund’s Digital Access Programme.

How To Uncover Harmful Links Hidden In Shortened URLs – CyberSafe x Sisinerd SERIES

The exact number of websites keep changing, it is estimated that 547,200 websites are created everyday. Every website has its own URL which means URLs have a big role to play in the evolving digital story.

URL stands for uniform resource locator and is the location of a specific website, page or file on the internet. Along the line someone came up with the idea to create a service which could shorten very long URLs so users can easily type or remember them. After this several other features like tracking and analytics got added.

Unfortunately, cybercriminals now use this service to obfuscate redirects to malicious destinations. For instance, URL shorteners have been used by spammers to evade filters, to hide domains that contain malware and to aid phishing by making the shortened link look similar to the brand being impersonated.

We advise that you treat every shortened URL as suspicious until you can you can determine what the long url is, without clicking it. Below is a video by our founder that explains how you can do this.

FxFarms.com – A Review

A number of our readers suggested for us to look into an investment platform called Fx Farms, below are the findings of our intelligence team. This review will also highlight what you need to take into consideration when choosing to make an investment on any platform, using a guide we published several months back on how to detect investment scams.

The presence of low or no risk and high returns

Using the earning calculator on their website, we were able to determine that the least amount that could be invested was $30 and they offered a daily return on investment (ROI) of 1.5%. This translates to 45% per month and 547.5% per annum return on investment. These numbers are huge, so we can tick the first red flag on our check list, the presence of low or no risk and high returns.

We also noticed an award bar which listed the company as the best paying in 2019.

Looking at the whois records, we see the domain was created on the 18th of November 2019. So we ask how can a domain created at the end of 2019 be the best paying platform in 2019?

Location & Address

On its website, the company lists its location as 10th Floor, 3 Hardman St, Manchester M3 3HF, United Kingdom. Doing a google search for the address, we found that 3 Hardman street is home to a 16-storey high-rise building. The 10th floor is occupied by a company called Regus which offers “serviced offices, virtual offices, meeting rooms, and videoconferencing to clients on a contract basis”

So Fx Farms is operating out of a virtual office space, meaning they are not physically there but rented the address, for such a company making lofty claims this is a huge red flag.

Owners & Management Team

This is where things get even murkier. On the about page, Paul Miller is listed as the founder and head of the traders at Fx Farms. But a search of the company on Companies House, the United Kingdom’s registrar of companies, shows Gabriel HUTCHINSON as the sole director and owner of the company.

Also, the nature of business is listed as 64301 – Activities of investment trusts. What this means according to the UK Standard Industrial Classification of Economic Activities 2007 is that “This class includes legal entities organized to pool securities or other financial assets, without managing, on behalf of shareholders or beneficiaries.  These entities earn interest, dividends, and other property income, but have little or no employment and no revenue from the sale of services.”

Basically, they have no business managing investments for people or earning revenue from the sale of services. But the exact opposite is what we see on the FX Farms website.

Furthermore, Mr. Andrew Morgan is listed as the technical head of Fx-Farms but a google search showed him on another website as a customer called Kane Hiddleston.

What this means is that Kane Hiddleston or Andrew Morgan might not even be a real person and the picture is likely that of another individual.

Putting it all together, we have an entity without a physical location which lies about the identity of its owner, and has a fictitious person listed on its management team, and is participating in business activities that it is not licensed to do, this has all the telltale signs of fraud, the public is advised not to transact any business whatsoever with Fx Farms.

Black Friday Scam

It is that time of the year when retail stores offer huge discounts to their customers. Typically called Black Friday, retailers are looking to offer their customers mouth-watering deals before the Christmas season.

Unfortunately, cybercriminals are also hoping to cash in on the season as they now have a good pretext to execute their nefarious schemes. One of such was spotted by our intelligence team, it was making the rounds on WhatsApp. The scam is called “JUMIA BLACK FRIDAY GIVEAWAY PROMO.”

The scam tries to use the buzz around Black Friday to get unsuspecting individuals to click a link. The link leads to a bogus site that asks the user to spin a wheel to win a prize and then share to a certain number of people on WhatsApp to claim their prize.

The injurious nature of this scam is that the domain contained several redirects that eventually led to a site serving malware. Since these scams are becoming more frequent, below are a few tips to help keep you safe during this season.

  1. Do not click links: Especially, in messaging apps like WhatsApp, we cannot stress this enough. If you must know where a link leads to, click, and hold for a while then release, this will copy the link. Go to a service like virustotal.com and paste the link. Then run a scan. This will show if the destination website is malicious.
  2. Be URL aware: Be on the lookout for links that begin with bit.ly. This is a URL shortening service which can be used to hide the true destination of a link. It is a favorite of cybercriminals, so when you see it be extra careful.
  3. Always think: Pause and think. Don’t be too quick to believe everything you see or read. Be skeptical and do more research, remember google is your friend.

The Following are more precautions to take during this Black Friday season and any other holiday season.

Update All Your Devices

Make sure the software on your phone, laptop, desktop, and tablet is running the latest version. Also, now is a good time to check for those pesky updates and make sure you install all of them, this will ensure your device is running optimally with fewer opportunities for cybercriminals to exploit.

Don’t Click on Links of Discounts on Email and Social Media

You’re seeing a lot of great deals during this period whether via ads on email, social media, or some other source. Do not click on any of these links, rather go to the online marketplace such as Jumia or Konga and search directly for these offers.

Practice Good Cyber Hygiene

Use strong and unique passwords for all your accounts, this can be easily done if you’re using a password manager. You should also consider using a virtual card in which you can fund with only the amount needed for the items you wish to buy. Finally, make sure multi-factor authentication is enabled across all your online accounts.

Shop From Only Reputable Marketplaces and Retailers

If you see a deal or offer and the online store is unknown, it might be best to avoid such because cybercriminals have been known to set up fake online stores to hoodwink unsuspecting people. Naturally, any online store in which you want to make a purchase should have a good reputation and should be well known. Always do some research on the store and item and if you want to make a purchase.

Monitor Your Bank Accounts

Make sure alerts are enabled and functional on all your accounts. Also, make sure you have the contact numbers or email of your bank’s customer support in case you need to reach them. You can check for this information by clicking the link below:

Table of banks in Nigeria and ways you can contact them if you are a victim of fraud

NoGoFallMaga – The Video

Yes oh! We’re bringing it hot straight out of the kitchen!!!

What have we been cooking?

NoGoFallMaga – The Video

All the essential Cybersecurity advice distilled into 3+ minutes. Watch below and share the tips with your family and friends make dem No Go Fall Maga.