Posts

Highlights

Scam Alert: Vanquis Bank

Image
You may - or may not - have seen a recent financial update relating to sub-prime lenders Provident Financial Plc. Their recent forecast for a full-year loss lead to a 90% slump in share prices, along with the revelation that their credit card division - Vanquis - was under investigation by the FCA.

Share prices dropped from the £30-mark to just 426p precipitating the removal of the CEO, Peter Crook, and the calls from investors that the investigation should have been disclosed sooner.

Background
A few years ago I'd applied for a credit card whilst trying to identify the cause of an issue on my own credit file; it turned out that another bank had made a serious error and 'marked' my credit file. They've since resolved the error.

I don't remember whether my Vanquis application was completed or not but last year - two years after my original application - and after no further contact from Vanquis, I started receiving spam through the post.

After a SAR in which they …

Scam Alert - DMR Financial

Image
Back in September I received a cold call from DMRFS, where the caller asked me about my unclaimed PPI compensation.

Having had a number of these calls I provided the caller false details in order to trigger documents in the post to me. The arrival of these documents confirmed the recipient (who the original caller avoided naming).

Background
DMRFS have been under investigation since mid 2016 by the Claims Management Regulation Service, under Regulation 35 of the CMA. This regulation relates to "complaints or suspicions of unprofessional conduct".

A small company run by Donald M Rees of Llanelli who appear to outsource their call centre operations to another firm (possibly in Cheshire).

When I received the information pack from DMRFS under the name I'd given them, I waited for a short period to separate out events a little and sent DMRFS a SAR in early September 2016. I received no bounces and no response for over two months and so, in order to remind DMRFS that their st…

The Joy of Ciphers (Revisited)

Image
Some time ago I discussed some of the cipher configurations in Windows 8.1 Enterprise, and with the unwelcome (to most) arrival of Windows 10 I thought I'd see if the landscape had changed. After all if we can prevent outdated modes of security at point-of-source, we're helping encourage a more secure and private internet.

Last time I discovered that when enforcing transport layer security by restricting cipher suites available to Windows and [at the time] Internet Explorer, a core set of websites and Windows services held everything back by requiring significantly lower security cipher levels. It wasn't just one or two periphery services either - a major CSP's hosted email service and the Windows Store.

A chain is only as strong as it's weakest link after all.

During 2016 some of our systems were the subject of attempted breaches. Thankfully they didn't get past the first layers of defence (and of course it goes without saying that nothing was accessed, leake…

[Belated] Naughty List 2016

Image
I know Santa's already been and gone this year but after last years interview successes he decided to review his options yet again this year. I've been swamped with solution design and development work since December so this article is very late.

2016 saw a marked decrease in spam from the 'major' jobs boards and some new comers then balancing that out by making up for it - Notably My Job Matcher Ltd, who still seem fine with buying your data from India data traders. More of that in the list (yes a spoiler....sorry about that).

2016 also turned up new vectors of spam and processors which are probably unsurprising to most. These new-ish vectors indicate that companies who have received subject access requests SARs from me in the past, decided to sell those details onto spammers and criminals.

Very funny. Should have seen that coming I guess, however I've started designing and writing an anti-spam solution - with help from Santa of course after he got so annoyed wit…

Scam Warning - CTO DTO (Updates)

Image
Updated March 2017  Accountancy practises seem to vary and I'm in the middle of moving my own corporate accounts to a new firm. There's so many accountants that it can be difficult to choose so you really have to define your objectives and ask some searching questions of each practise you review.

After spending a few weeks getting a list of practises I've just about whittled down the list of possible candidates to under five and am also planning a system migration in parallel.

One thing that is immediately obvious is that if a firm is too busy (over allocated with too many books to manage), works on more generic approaches or has very thin borders with tax avoidance schemes you should steer clear. Any firm that actively cold calls in this sector should also set off alarm bells.

I received unsolicited marketing from one such firm in Q4 2015 - at the time called Contractor Tax Optimisation - who claimed to be able to give me an 82% take-home income specifically a…

Scam Alert - Ian Burrows a.k.a. Alex (P) Haynes (Updated)

Image
Updated 29th November 2016 It's been a while since one of these alerts has been posted but we have a new scam trader who's worthy of the accolade. Because these characters sold the data to a bunch of accountants with blatant disregard for the law, it's worth adding his name - Ian Paul Burrows a.k.a. Alex Haynes - to the list of web search results. 
Ian's got previous for being economical with the truth, and if you only find a few references to activity there's probably a lot more that's unreported.
Hopefully future 'customers' will be smart enough to carry out due diligence before negotiating a deal. Hopefully people will also realise that any accountant making cold calls using illegally bought marketing lists should be avoided, as I discussed in a previous post. The Background After being contacted by a number of accountants firms offering their services (one's I'd never heard of) I started digging, along with other people receiving the same tr…