Nigerian Enterprises Development Interactive Scheme (NEDIS): An Investigation

Our attention has been drawn to a scheme that is set to give out funds to SMEs, Farmers, and Traders in light of difficulties experienced due to COVID-19. The scheme is called NIGERIA ENTERPRISES DEVELOPMENT INTERACTIVE SCHEME (NEDIS) and the domain is nedis.ng, which has very scant information about the scheme except for a blurb on the home page which says:

NIGERIA ENTERPRISES DEVELOPMENT INTERACTIVE SCHEME (NEDIS) is determined to support and build stable economy in Nigeria through collective efforts. NEDIS COVID-19 SPECIAL FUND 2021 is Contributory Intervention Fund (CIF) structure from NEDIS Interactive Partners, Individual Donors, Corporate Organizations, Government and International Community to support SMEs/Farmers/Traders badly hit by COVID-19 pandemic.

nedis.ng

The scheme claims to be a contributory intervention fund but does not list the donors, corporate organizations, or which government agency or parastatal involved, its’s all very vague.

Going to the contact us page reveals an address

The address, “35 Port Harcourt Cresent, Off Gimbiya Street, Area 11, Garki Abuja” is the current address of The Small and Medium Enterprises Development Agency (SMEDAN). Visiting the SMEDAN website we find no information concerning NEDIS on their list of programs or anywhere else on the website. Instead what we find on the SMEDAN website is a program called NADEP which NEDIS seems to copy. So here we have a purported scheme using an address that does not belong to it.

Moving on, we noticed a big green button on the top right corner labeled “guidelines,” clicking it takes us to the guidelines page.

Clicking on the “DOWNLOAD APPLICATION GUIDELINES” open a pdf document. The document has boldly written in red, “BEWARE, APPLICATION IS FREE”

But the second step of the applications process asks for payment for “Minimum Account Opening Balance.” The question to ask is since the scheme has several donors and funders why do you need to pay for a minimum account opening balance? Why don’t the donors cover this cost? Note that it is typical of scams to collect money under such pretexts as “registration” or “verification.”

Sure enough, navigating to the home page and clicking “Open Account Now” leads to a page that collects payment via flutterwave.

We also noticed the registration form asks for sensitive details as BVN and TIN numbers

Running the pdf file (registration form) through a document metadata checker we find the author’s name is given as “Henridam.” So Henridam is the author of our document.

Another thing we noticed on the homepage was a link to a login portal.

Looking at the source code of the portal we find that it is copied from another domain nedis.org.ng

Pulling up the whois information for both domains, we find nedis.org.ng was registered on the 25th of May while nedis.ng was registered on2nd of August. From this, we can infer that nedis.org.ng must have been the previous domain used before migration to the current domain nedis.ng

Doing a google search for the number listed as the Tech contact for nedis.org.ng turned up an interesting result. It led to a Facebook post by a page called “Integrity Heroes International Development Network.”

Snooping around the page, we found an image the listed the owner as Damkor T Henry.

As already noted above, the author of the document found on nedis.ng is HenriDam, this seems like a short form for Damkor T Henry, several other lines of evidence point to this conclusion. First, a search on Facebook led to a Facebook page with details pointing to nedis.ng

Clicking on the groups tab of the page, we find that it is linked to a group called ONE BENUE – ONE VOICE

Looking at the group admins for ONE BENUE – ONE VOICE, we found that two are named Damkor Henry

Second, nedis.ng has a link to their twitter handle @nedisexpress on their contact page. A visit to the twitter handle shows they are following 10 accounts and have 31 followers.

Perusing the 10 accounts followed by @nedisexpress we found one is named @DamkorHenry

From the foregoing we can deduce Damkor Henry is intimately connected with the scheme.

In conclusion, we strongly advise against registering for this as it appears to be an imitation of SMEDAN’s NADEP program, is not connected to any government instutution and has all the telltale signs of being a scam.

The post Nigerian Enterprises Development Interactive Scheme (NEDIS): An Investigation. appeared first on #NoGoFallMaga.

Escaping Social Media Impersonation Scams

Recently our Intel team received reports of cybercriminals impersonating brands on social media. We will like to highlight two of such cases.

The first is the impersonation of naijauto.com, a quick check reveals their social media handle on Facebook to be @Naijautocom – https://web.facebook.com/Naijautocom

We also see that the page was created on August 1, 2017, and has 111,311 followers.

The fact that it was created in 2017 and has a large number of followers are pointers that this is the real Facebook page for Naijauto. A search for Naijauto.com on Facebook revealed several other impostor accounts.

A visit to one of the impostor pages revealed it was opened on June 2, 2021.

And obviously, the social media handle is @naijauto.ng, a variation of the real account @Naijauto.com

The Modus Operandi of these scammers as revealed by someone who made a report is to make and advertise posts with pictures of cars slightly below the market value. Once a potential victim makes contact, they would claim the car is at a branch office in a faraway state and would need funds to deliver the car, and that full payment would be made upon delivery. Naturally, this sounds reasonable, as soon as the first payment is made, they begin to manufacture more issues to extort money till the victim finally realizes it is a scam.

The second is the impersonation of NPG farms on Instagram. A quick search showed several accounts.

The good thing about this was that the real account, @npgfarmsng had put out several posts warning people about other accounts impersonating them.

From the foregoing, here are simple steps you can take to protect yourself from these kinds of scams.

  • Always do a search using the profile or page name of the company on social media. If you see multiple accounts do not proceed till you can determine which if any are genuine. Note that cybercriminals also seek out businesses that do not have a social media presence to impersonate, hence seeing only one account does not mean that it is genuine.
  • Rather than trust what you see on social media, use a search engine to determine the website of the company or vendor, then navigate to their social media handles using the links listed on their website.
  • Look for historical information related to the account. Twitter lists when the account joined on the accounts profile, use page transparency for Facebook to see when the account was opened, and use name history for Instagram. An account that has been recently opened or has changed its name numerous times is more likely to be a scam.
  • Be wary of paying money into personal accounts. Of course not all businesses or vendors will be able to have a company account, but established businesses or vendors should have company accounts. If you find that the business or vendor is big or well established then a request to pay into a personal account is a sign that you might be dealing with scammers.
  • Always do a internet search with the business name and phone numbers given with words such as “scam” or “fraud.” Use search engines, search on various social media and forums like nairaland.
  • It’s always safer to make a purchase from a business or vendor who you know someone has used and comes highly recommended.

Adhering to all the aforementioned steps should keep you safe from social media impersonators.

The post Escaping Social Media Impersonation Scams appeared first on #NoGoFallMaga.

CBN Backs Cybersafe Foundation, CCISONFI As Cybersecurity Awareness Campaign Gains Steam

… Launches NoGoFallMaga Campaign

Following the increase in digital and cyber activities, especially in the financial sector, it is expected that activities of cybercriminal will also increase as technologies evolve. To this end, the Central Bank of Nigeria (CBN) has backed the partnership between Cybersafe Foundation and the Committee of Chief Information Security Officers of the Nigeria Financial Industry (CCISONFI) to put structures in place in a bid to create awareness of cybersecurity among Nigerians.

Speaking at a Media Parley to flag off the campaign, Executive Director of Cybersafe Foundation, Confidence Staveley acknowledged the changing tide in cybercrime and the need for awareness: “With Social engineering being the method of choice by cybercriminals to perpetuate electronic fraud in the country, efforts to educate customers of financial institutions on cyber hygiene best practices, especially the most vulnerable, must be stepped up.”

She noted that the launch of the new campaign, NoGoFallMaga, in partnership with CCISONFI will enable them join forces to reach the 40million Nigerians who currently access financial services across the country, raising mass cybersecurity awareness and consequently reducing the success rate of cyberfraud attacks against customers.

In his speech at the launch, Director of Banking Supervision at the CBN, Haruna Mustafa noted that cyberattacks are major threat to financial system stability, not only through their impact on one institution, but also through their impact on multiple components of the financial system.

According to him: “The development of robust mechanisms to ensure that financial institutions have in place the necessary safeguards to protect against loss of data, fraud and cyber incursions in their respective systems was part of the Governor of Central Bank’s 5-year  policy thrust 2019-2024.

Mustafa, who was represented by the Deputy Director, Banking Supervision, Adedeji Adetona Sikiru, disclosed that the CBN has taken some measures to improve cyber-resilience of supervised institutions including the issuance of the CBN Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks in 2018, but that the campaign to also reach customers will help achieve the aim of curbing cyberfraud.

“Despite the significant investment by the CBN, banks, Fintechs and other industry players to thwart the success rate of cyber-attacks, the human element remain a weak link. Cybersecurity awareness is a key in mitigating cyber-risk, and the CBN is ready to partner with industry stakeholders to sustain efforts at educating staff and customers on fraud information and cybersecurity hygiene practices.”

In his response, CCISONFI Chairman, Abumere Igboa explained, “This initiative looks at tackling cybercrime that poses a threat to customers & the Nigeria citizenry in conducting reliable and safe financial services. As Chief Information Security Officers, we have also witnessed an increased adoption of digital/technology platforms post the Covid-19 pandemic crisis by our different financial institutions for delivering innovative financial solutions, expanding its operations, and being able to reach both existing and potential customers.

He said the campaign will help in “successful achievement of our target objectives which include reaching more than 40million customers in the first two years of its launch and finally delivering awareness contents and messages in major Nigerian languages including pidgin English.”

Staveley called on the media to play a proactive role in the campaign. “Talking about the media, your importance in shaping society cannot be over emphasized, we acknowledge this huge role you play and that is why a meeting with you is the first activity on our agenda. Simply put, we need you. We need you to come with us on this journey and work closely with us in fighting the monster called Cyberfraud. Just like you helped the Health sector fight ebola and you are currently helping with fighting misinformation around COVID, we need you to work passionately with us to fight this problem that is threatening digital innovation around financial services.”

CyberSafe Foundation is Nigeria’s foremost non-Governmental organization in the information security domain, on a mission to facilitate pockets of changes human capacity and behavioural changes that ensure inclusive and safe digital access in Nigeria. the Foundation’s Flagship initiative #NoGoFallMaga, also adopted as the name for this cross-financial industry cyber awareness campaign, is a national movement of young people, working to combat preventable digital fraud with consumer-centred sensitization and education. Digital fraud in this context includes, email deception, phone-based scams, online fraud – particularly where cybercriminals impersonate trusted organizations. We leverage fun experiences and content, to catalyse the decline of cyber-related fraud, one trickle of knowledge at a time.

Nairainflow (nairainflow.com): An Investigation

While doing our usual investigations of investment platforms making the rounds, we came across Nairainflow with the domain nairainflow.com. The site promises huge earnings, from ₦40,000/$100 to ₦100,000/$400 Weekly.

Intrigued by this, we decided to take a look at their “how it works” page to find out how they intend to pay out such huge earnings. This is what was written there:

How Can I Earn ?

As soon as pay your reg fee of ₦2,500, we will give you a product worth ₦10,700, which has a lot earning opportunities you may never find anywhere, this is an electronic guide where you will learn over 100 types of businesses in fullest details. This product will open you up to divers career opportunities you never thought could make you rich and how to completely set them up A-Z with support.

Earning opportunities like

How to create a Clickbank account and how to earn $250 through it
Earning at least $100 daily through Bitcoin
Creating a PayPal account that can send and receive funds and how to earn $10 daily with it
How to earn at least $50 daily through AD link and how to withdraw from it and many other premium products that will be discussed as soon as you become a member

The Second way to earn money is through the affiliate part which gives you ₦2,000, ₦4,000, ₦8,000 and beyond till you reach ₦40,000 cash in commission, when people purchase our product with your affiliate link, most members earn up to ₦40,000 cash in a 4 days, kindly read below an example that illustrate how you can earn using your affiliate network

All you have to do is to invite four persons (affiliates) to purchase our product and the system takes it up from there !!!

Your Own Personal Work

Bronze cost ₦2,500, so you will enter this level by paying ₦2,500, the four affiliate you have been inviting will upgrade to you which gives you ₦8,000 or more, once you earn your first ₦8,000, quickly move to silver.

The System Works For You

Silver cost ₦6,000, so you will enter this level by upgrading with ₦6,000, once you have upgraded the system brings 4 affiliates or more that will pay you ₦5,000 each = ₦20,000 and beyond, once you have earned ₦20,000 in silver, quickly upgrade to Gold

Gold cost ₦12000, so you will enter this level by upgrading with ₦12,000 and the system automatically brings 4 affiliates or more that will pay you ₦10,000 each = ₦40,000 and beyond, this is only a glimpse that shows how the affiliate system works, it is possible to earn ₦100,000 in a day if you put your little effort

This process barely take a week to complete, once you have redeemed, you will be out from the affiliate income to start over again

Disclaimer : this is only an illustration of how the affiliate system works, most affiliate earn up to ₦200,000 cash weekly, which is totally possible because their is no limit to the amount of money you can earn using the affiliate system

All this can only be possible once you register and activate your account with just ₦2,500. Don’t miss this opportunity for any reasons.

Why we are Dynamic
With a one time fee of ₦2,500 you will make ₦40,000 or more weekly, because there is no limit to the amount of money you can earn with the affiliate system of NairaInflow.

While we do agree with the website disclaimer stating that this is not a Ponzi scheme, this is clearly a pyramid scheme. Pyramid schemes unlike Ponzi schemes give their victims the opportunity to recruit others into the scam.

The next thing on the website that caught our eye was the testimonials.

testimonial

A reverse image search showed several other websites with the same photos

So we see clearly the website is making use of fake testimonials. Following this, we decided to take a closer look at other pages on the website. We found another red flag on the eshop page. We found a reference to a Chop40k.

A quick google search of the term Chop40k leads to a website called biz7days.com that has a review of a platform called Chop40k. It has similar wordings as Nairainflow and is owned by the same company, Jcyber Tech.

The website also has a link to the Chop40k site which is currently not accessible. But a quick visit to the way back machine revealed the website chop40k.com is a replica of nairainflow.com, also they both have the same contact number 0903 2989 974 on their “vendor-acquisition” pages.

A google search of this number revealed several connections. First, it is listed as the support contact for biz7days.com and is also found on the “vendor-acquisition” page of another pyramid scheme called Global Alat.

So far, we’ve discovered that the platform nairainflow.com is a pyramid scheme, uses fake reviews, and is connected to other pyramid schemes. Next, we decided to check out the company behind all these on the CAC website. We find that J CYBER TECHNOLOGIES is a business name and has a listed address of “No. 12 Idris bori street off abacha road.”

Going back to the website biz7days.com, we find a review of a platform called payobilz.com, it has a similar address with J CYBER TECHNOLOGIES listed on its contact page.

Obviously, this platform belongs to J CYBER TECHNOLOGIES, even though on its “how-it-works” page there’s a claim that it “created under the auspices of Anoxzzy Global International a registered company in CAC with number RC 1199677,” a CAC search showed there is no company with that name. Furthermore, the website showed similarities to nairainflow.com and chop40k.com

Putting it all together, we can conclude all the websites are run by the same individual and all should stay clear of them.

The post Nairainflow (nairainflow.com): An Investigation appeared first on #NoGoFallMaga.

How To Spot An Agricultural Investment Scam

Nigeria has a teeming population estimated to be over 200 million people, and this figure is expected to rise to over 400 million by 2050. What this translates to is that food production and sufficiency will always be on the front burner, as such, agriculture will always be a critical sector of national development. Recently, there has been an influx of investors, entrepreneurs, and innovators applying technology to solve the myriad of challenges bedeviling the agricultural sector. Unfortunately, the sector has also seen an influx of individuals with malevolent motives. Such individuals prey on the unsuspecting through various scams, a notable example being Ponzi Agriculture Investment Schemes (PAIS).

Below, we elucidate the key factors you should be on the lookout for when you’re about to invest in an agricultural scheme, following this advice judiciously will save you from falling prey to scammers and their ilk.

Verify physical presence

Before investing in any agricultural platform it is necessary to visit the physical location of the farm as stated on their website. If you can’t visit, get someone else who can confirm the farm is at that location. Some fraudulent agricultural platforms state farm addresses that are non-existent or belong to other people. Visiting their stated locations will enable you to fish out such scams.

Conflicting or hidden details of the team/individual behind the scheme

Every business is managed and run by a team or an individual. It would be proper to run a background check of the individual or directors of the company to determine their credibility. If the team lacks credible or traceable digital details or doesn’t explicitly tag themselves to the investment platform. That is a warning sign.

Unrealistic Return On Investment (ROI)

The first question to ask about returns is how it is calculated. Is it paid per product cycle or per annum? Keep in mind that most agricultural investment scams give outrageous rates in a bid to lure their clients into investing in their platforms. Hence, review the prevalent market rates and compare it with what you’re being offered. The best bet here is to seek the services of an investment professional and ask that a cost–volume–profit analysis (CVP) be done to evaluate the reality of the advertised return on investment.

Verify that it is insured

As most agricultural products are perishable and farming cycles could become untenable due to weather or other conditions, it is important to make sure the scheme is insured. Also, make sure to contact the insurance provider to understand the type and extent to which the farm is insured. Is the insurance for the produce, equipment, livestock, or all of the above? Usually, most premiums don’t cover the ROI, so in a case where something bad happens, you will not get your expected returns till the farm can begin operating again.

Verify Accreditations and Partnerships

The business should be duly registered with the Corporate Affairs Commission and its fillings up to date. Also, accreditations from the Security & Exchange Commission and NAFDAC are a plus. Verify partnerships such as extension service providers (agencies that provide advice and information to improve production), suppliers for raw materials, and off-takers (people who buy off harvests or farm produce), if any or all of these missing then you should not proceed.

Finally, it is less risky to invest in an already existing agricultural business looking to scale up or one looking for a second round of funding after start-up. As always, don’t be in a hurry, take your time and investigate all that has been recommended and you can be sure you’ll keep scammers at bay.

Contributors:

Temitayo Oloruntoba

Agbaze Jeremiah

The post How To Spot An Agricultural Investment Scam appeared first on #NoGoFallMaga.

Facebook Partners Cybersafe Foundation to provide online safety tips for parents.

Facebook, in collaboration with Cybersafe Foundation, a leading non-governmental organization in the information security ecosystem in Nigeria, recently hosted a parents roundtable event designed to gather insights on the kind of safety tips parents need; determine how they would like to receive these tips and equip them with digital skills needed to navigate the digital world.

The virtual event focused on teaching parents how to use and access some of the basic safety tools and features available on the Facebook platform to help keep children safe online.

According to Facebook, providing parents with these basic digital literacy skills while on their parenting journey is an important step in helping the next generation of leaders to better understand and utilise the power of digital tools to take full advantage of what the internet has to offer.

“Facebook is committed to the safety of users on our platforms and especially that of young users. We have developed partnerships, policies, tools, programmes and resources that are aimed at keeping our users safe online,” Sylvia Musalagani, Safety Policy Manager, Africa, Middle East and Turkey said while speaking at the event.” By teaching parents how to use and access some of the basic safety tools and features on our platform, we are taking necessary steps in ensuring that the next generation are equipped with the online safety training they need to have better online experiences in the future,” Musalagani added.

While speaking on the partnership with Facebook, Cybersafe Foundation, Confidence Staveley, said “This roundtable presented a perfect opportunity for parents to provide feedback directly to Facebook on its current child online safety resources and desired additions or improvements that they’d like to see. We are pleased that the main sessions and breakout rooms made for very conversations and parents in attendance shared their opinions freely”, Staveley added. 

In recent years, Facebook has trained thousands of people on digital literacy skills. In 2021, Facebook is preparing to train over 20,000 participants across Africa on safe, responsible and beneficial usage of the digital platforms.

Facebook is committed to the well-being of individuals and communities visiting its platforms and has invested in initiatives designed to build awareness on responsible online behaviour, critical thinking and understanding of social issues. 

VPN: A Few Important Things To Know

It’s hard to surf or use the internet without coming across a recommendation to use a VPN. Digital ads promise VPNs with capabilities ranging from keeping you completely anonymous to absolute protection as you surf the internet. How much of these claims are fluff or real? Well, let’s start with understanding what is a VPN.

What is a VPN?

A virtual private network is a digital tool for recreating the security of a physical private network. It’s impractical to have your device connected with a cable straight to the bank server. That’s why VPNs do it via your regular internet. 

When you have a VPN running on your device, all the data you sent out is encrypted. This process turns all the information you’re transmitting into a mess that no modern computer can crack. That means that nobody – hackers, spies, or internet service providers – intercepting it can read it. That data then travels to the VPN server, which decrypts it and forwards it to your original destination. When the service sends something back, it all works the opposite way around.  

As such, typical use cases of VPNs include hiding your IP address, bypassing government restrictions, accessing geo-restricted content, hiding internet traffics, and connecting to a home or business network while you’re away.

Free vs Paid VPNs

As with many other technological products, VPNs come in free and paid tiers, knowing the risk associated with each tier can help you make a decision about which to use.

Something to keep in mind about Free VPNs is that the producers have to make money somehow. In the best-case scenario, you’ll have a slow, data-capped connection that may annoy you with ads. At worst, the app will track users and have malware as part of its code – research shows that 38% of free VPN apps contain malware. Some free VPN can steal your data also – they can even steal your credit card info. 

In contrast, the major advantage of Paid VPNs is that it provides decent speed. Using a VPN anyway slows down your Internet connection to some extent, so your aim should be to use a good, paid VPN that provides decent speed. Paid VPN providers invest a large percentage of their profits on bandwidth and servers, so even when hundreds of people use the service at the same time, the speed doesn’t slow down. This is a benefit only available with paid VPNs.

It is also important to note that even top-tier paid VPNs can provide little help if you yourself compromise your data. Here are few tips to help you stay safe online while using a VPN:

Do not visit untrustworthy or fake websites – These can be masquerading as legitimate websites you want to visit, but only exist to steal your data once you enter it.Do not login to your banking application or crypto wallet – If you’re suddenly trying to log in from an unrecognized IP address – and especially if it is from a foreign country – your connection might be blocked as a measure to prevent fraud. And truth be told, fraudsters do regularly use VPNs to cover their tracks. So rather than trying to keep tabs on patterns of IP address usage by legitimate users, some organizations simply don’t allow VPN connections.Make sure you have a robust anti-malware and password manager – An anti-malware package will help keep you safe as you surf the net while a password manager will help secure your passwords.

These and similar online hygiene practices are necessary to overcome these passive measures of data theft. Our other resources found on our website www.nogofallmaga.org address staying safe online.

If you decide to go the free route, here are some great options:

MysteriumWindscribeFree VPNProton VPN (free version)Nord VPN (free version)1.1.1.1VPNTunnel BearOpenVPN

The above-listed VPNs also have paid versions which are great, and it is important to note that some other security tools have VPN embedded as a feature. E.g antivirus and password manager apps.

Other things to keep in mind

VPN protocols determine how the data is routed from your computer to the VPN server. Some protocols are faster and more secure, while others are slow and have vulnerabilities. Some of the different types of secure VPN protocols include OpenVPN, IPSec, Layer 2 Tunnel Protocol, and Secure Socket Tunneling Protocol.

If you’re concerned about privacy make sure you read the VPN provider’s privacy policy to know if they keep logs (record of user’s activities) and what type. A good privacy-focused VPN provider should have no traffic logs, no source IP logs, DNS leak protection, not share an IP address and accept payment via bitcoin.

Finally, as in most things, a paid solution trumps a free version.

Contributors:

Wale Osoba

Hassanat Kehinde Obanla

The post VPN: A Few Important Things To Know appeared first on #NoGoFallMaga.

How To Spot A Scam Website

Annually, millions of people around the world have become victims of scam websites as the influence of the internet reaches unassailable heights. During the global pandemic last year, Helpnetsecurity.com reported that Phishing and scam websites continued to increase and peaked in June with a total of 745,000 sites detected. That is, on average, there were more than 18,000 fraudulent sites created each day. Given this huge number, being able to spot a scam website can therefore go a long way in not becoming a victim of promoters of such malicious websites as you would not likely enter your card details or upload personal information that could be used against you.

 Tips On How To Spot A Scam Website.

Here are few tips on how to spot a fraudulent or scam website:

Beware of “too good to be true sites”

Websites with offers that are “too good to be true” e.g. offers like 70 % off are more often than not untrue. Fraudsters and scammers use juicy offers as click baits to entice people to click or register on these sites. Internet users see discounted fees or free products online and think “Great offer” or “Awoof”. One key thing to remember when you see free things online is there is always more than meets the eye. So do well to investigate to know how authentic this offer is.  You should take heed not to upload your personal details or card information on such sites.

Verify Website Security

The padlock sign close to where the website URL is in your browser shows whether a website is SSL(Secure Sockets Layer) secured or not. The SSL certificate issued to a website helps to establish trust between browsers and clients. To view this certificate, you can click on the padlock sign for desktop or check the page information when using a mobile device. This certificate would show information about the organization, the date the certificate was issued, and who issued this certificate. A website without this padlock sign close to a website URL should not be trusted.

This also means that the URL should start with HTTPS Sites with HTTP (without “s) might not necessarily be a scam, but you probably should start getting suspicious as information transmitted on such sites is not secured as they can be intercepted.

Also, URL Links that start with “bit.ly…..” are shortened URL links and should be expanded before visiting the link, that can be done with a site like “https://unshorten.it” to know where the site actually leads.

Look Closely At The Domain Name

Phishing websites often have a slight alteration to the genuine name of a website. This can be quite difficult to detect and could be easily overlooked. An example of this is www.facebook.co instead of www.facebook.com and www.jumia.co.ng instead of www.jumia.com.ng

You can also lookup the domain age on websites like www.whois.domaintools.com (The Whois Lookup Domain Tracker) or the GoDaddywhois tool. They will tell you how long the website has been active and other information about the domain and its owner. You can use this to distinguish between sites that came up yesterday and sites that have been running for 8 years. Generally, the older the site, the safe it is.

Secure and Known Payment Option

In a bid to carry out untraceable fraudulent activity, scammers would suggest using untraceable methods of payments such as cryptocurrency, Western Union, and Moneygram which are often difficult to trace in case of an investigation. When you see these methods of payment on a website, it is a pointer to a scam site. Ensure you use known and secured payment options like PayPal, Credit Cards (MasterCard, Visa, American Express, etc.)

Run a virus scan

Some sites are just trying to trick you into downloading and run programs that can harm or lock you out of your computers like Ransomware, Viruses, and Malware. So when you are suspicious, do well to run a virus scan on the website. Scanners like VirusTotal, ReScan, Astra Security, etc. are awesome tools to check websites for viruses.

Public Reviews

Check for external public reviews about that particular offer or website using search engines or sites dedicated to reviews (scamadviser, Trustpilot, etc) to know whether they are authentic or not. Do well to note that reviews found on public forums or social media of the said “suspicious website” MUST not be trusted as they can be uploaded there by the scammers.

Check The Website Content

A legitimate website would have content dating far back to the time it was launched. Also, check for the quality of their content and grammatical errors. Genuine websites put a lot of effort into the quality of their content to maintain the good name and brand of their company.

Verify Social Media and Trademark Links

Click on the social media logos to see if they have a legit social media presence. Also, you can click on a trademark logo to verify if they are a certified user with a legitimate seal.

Verify “About us” and “Contact us”  page information

The “About Us” page of fraudulent websites will often be devoid of information about the owners or those running the company. If there is a picture of an owner or member of the management team, do a reverse image search or search for them on LinkedIn to verify that the person whose picture is there is an actual individual.

Also, a “Contact Us” page without a physical address is a red flag. If an address is listed, make sure to copy and paste it in a search engine and, if there are other businesses located there (virtual address) or you can’t find it, you should proceed with caution.

Following all the steps above doesn’t totally guarantee that you will spot all fake websites you come in contact with. You will however to a significant extent reduce the chances of being a victim. Like the popular saying goes “Shine Your Eye”!

Contributors:

Oluwaseun Adio

Badmus Anuoluwapo

Agbaze Jeremiah

The post How To Spot A Scam Website appeared first on #NoGoFallMaga.

Is werecoverfunds legit or a scam?

Recently our Intel team came across werecoverfundlmt, they claimed to be “an investigative and consulting hired mainly by victims of online fraud to help them get their money back.”

Visiting their website, we noticed several red flags. First, there wasn’t any address listed on their website, just a telephone number, and two email addresses.

We also caught a typo on the home page, bad grammar and poor spellings are synonymous with scam websites as English is sometimes not the first language of the scammers.

Next, we noticed that there’s no information about owners, management team, or staff on the website. Doing a web search using the email “[email protected]” listed on the website, we find it is listed in a review of another website “wehelponfunds.com.”

Checking the review on Scamadviser, we find that someone named Jerry had reviewed the website calling it “100% Scam.”

At this point, we also search for werecoverfundslmt.com on scamadviser and find another worrying review.

From the review, we can see that after promising no upfront payment, they still tried to extort money from the reviewer.

The strongest evidence we could find linking these two domains together is that they were registered by the same person Helponrefunds Bruce

Doing a further review of the website, we noticed that they weren’t any social media handles. Doing a search on Instagram, we found an account with the username darkweboj that had the website listed on its profile.

A Google search of the email address “[email protected]” listed on the profile, shows that it was posted as a comment on a post about a romance scam

This comment reveals how the person behind werecoverfundslmt operates. Basically, he posts messages pretending to be a victim of a scam and claims their funds were recovered by his fake recovery agency.

A quick search showed several other forums where the website is mentioned

During the course of this investigation, we also came across other scam websites offering recovery services. Below is a list,

  • lucrerecoup.com
  • financialreimbursement.com
  • thefraudlabpro.com
  • recoverytemple.tech
  • investmentbloom.com
  • atriumforensics.com
  • trackforcerecovery.org
  • corecrypto.tech
  • recoveryempire.com
  • chargeitbacks.com
  • lallroyal.org
  • blockchain-chargeback.com
  • reduxrecovery.org
  • cyberspace101.com
  • assetfixrecoverynetwork.com
  • activebonorum.com
  • efundsrecovery.com
  • royalfinancialrescue.com
  • solutionglobalrecovery.com
  • financialspringrecovery.com

From the foregoing, Our advice would be not to trust any website offering to recover your money after you’ve been a victim of Binary options, Cryptocurrency, or Catfish scams. Rather, report the incident to the law enforcement agencies or government-licensed agencies in your jurisdiction authorized to deal with such cases.

The post Is werecoverfunds (werecoverfundslmt.com) legit or a scam? appeared first on #NoGoFallMaga.

FREE MOVIES ARE MY FAVOURITE – CYBERSAFE x SISINERD

Always remember, you can never get “something for nothing.” The only people that provide a free service are foundations and not-for-profit organizations. As such, when it comes to downloading and watching blockbuster movies online, the question you should ask is how do those websites that offer this as a free service make their money?

In this week’s episode on Cybersafe with SisiNerd, our resident cybersecurity expert sheds light on the popular but dangerous habit of downloading free movies online and legitimate ways to get movies.