Passwords can only do so much, even when implemented correctly; passwords are limited in helping prevent unauthorised access. If an attacker discovers or guesses your password, they are able to impersonate you!
A few words about Passwords
- Boring – Yes, everyone knows that they are a pain and no one wants to be told any more about them.
- Essential – Yes, nothing in life seems to work without a password anymore.
- Key to your Digital front door – Think of your password as just that – if you use a simple password and use it on multiple accounts – it’s the same as having the same key for everything you have in the real world – and if you lose that key or someone finds it and uses it – they have access to all of your doors and drawers. If someone guesses or hacks your password – how many digital doors and drawers can they open?
- What’s the worst that could happen? – Using your email address and password, criminals can lock you out of your online life, pretend to be you and even sell your accounts.
Be Cyber Savvy, Not Cyber Sorry. Passwords need to be strong secure and unique to each account
If someone knows or guesses your password, then they will have access to that online account.
So if you used the same password on more than one account, the criminal now has access to those accounts as well.
“It won’t happen to me, I live in Dyfed Powys, and cyber criminals aren’t interested in me”.
Hundreds of Cyber related incidents are reported to Dyfed Powys Police each year and those are just the ones we know about, many are never reported.
• PINs and passwords are your first line of defence on your computer, mobile device, apps, online bank accounts and social media.
• Create passwords that are strong, don’t share them and use a different one for every online account in case one or more gets hacked.
One secure password for all accounts is not the answer. If you use the same password on all of your accounts, no matter how strong it is; if that one password gets hacked or known, all of your accounts are now at risk.
Instead of creating extremely long and complex passwords, choose three random words. Examples used on the NCSC website are: ‘coffeetrainfish’ or ‘walltinshirt’.
Avoid using easy to guess passwords, such as ‘one two three’ or the names of family members or pets as this will make you an easy target for hackers
You can write it down safe and securely – not the best solution, but it’s better than having one easy to guess password – if you do it this way, use a little black book that you keep safe somewhere. You could use a Word document which is password protected or possibly look at using a Password Manager.
Google, ‘Password Managers’ to find out more or visit the websites mentioned below:
Whatever you do – make sure you have a unique and strong password for each of your online accounts. In that way you are making yourself a much harder target for the cyber criminal and 95% less likely to get hacked in the future.
Next time we will look at Two Factor Authentication (2FA) – but until then, take some time to look at sorting your passwords out.
Some light relief…
You Should Probably Change Your Password! | Michael McIntyre Netflix Special -https://www.youtube.com/watch?v=aHaBH4LqGsI
THE PARISH TAP
The monthly newsletter for the parishes of Boughrood, Llandefalle, Llanstephan, Llyswen and Talachddu
The planned services for May and June are shown here but please be prepared for the fact that some, or indeed all, of these may have to be cancelled. It will all depend on the advice received from both the Welsh Assembly and the Diocese. The final decision remains, as always, with the Church Wardens. Please be patient as they’re doing everything in their power to furnish us with a weekly service and at the same time to ensure the safety of the congregations.
It’s hoped to publish the next edition of the Parish Tap at the beginning of June so please get anything you’d like featured in it to me no later than 26th May by email to firstname.lastname@example.org or ring 01874 625140.
Services Spring/Summer 2021
All services will be at 10.30am unless otherwise indicated
All of these services are open to everyone from the five Parishes, but if you’d like to come to any of them please contact Mrs. Ursula Pumphrey (Churchwarden at Llyswen) on 01874 754355 or at email@example.com or Mrs. Vera Harley (Treasurer at Llandefalle) on 01874 754594 or at firstname.lastname@example.org to reserve your place as numbers have to be limited.
Do remember that any or all of these services may be cancelled at short notice due to Coronavirus restrictions.
When attending church please adhere to the latest COVID-19 rules.
The Parish Tap has been in circulation now for nine months and it’s pleasing to note that it seems to have been generally well received. When the Parish Pump was still in publication it was usual in May to ask for an annual subscription but we don’t wish to do that with the Parish Tap; we would much prefer for it to remain as a free newsletter. However, it does have to be admitted that paper and ink cost money and currently that charge is being borne by a few members of the parishes. Some people are receiving their ‘Tap’ online and that, of course, costs nothing. If you’re not already getting your copy by email and feel that this is something you’d be happy to do please let one of the people listed here know.
For Llyswen – email@example.com for Llandefalle – firstname.lastname@example.org for Boughrood – Catriona.email@example.com for Llanstephan – firstname.lastname@example.org and for Talachddu (or if you aren’t sure which parish delivers your ‘Tap’) – email@example.com
Don’t worry if you’re unable or would rather not do this, you’ll still get your free paper copy each month but if you can, your help would be very much appreciated.
Condolences go to Mrs. Gwyneth Phillips and all the family on the recent death of her mother Mrs. Joan Price who passed away peacefully in Brookside Nursing Home. Our thoughts and prayers are with you all at this sad time.
Llandefalle Flower Rota
May – Mrs. Sue Rees June – Mrs. Peta Mellors
A Date For Your Diary
Llandefalle Church is hosting a Nature Day Event on 13th June. More details in next month’s ‘Tap’, or from Joan on 624167. The event will be particularly suited to families but all are welcome. There will be no charge but booking is essential.
Gareth and Sue Davies, Cwmgwilym, are pleased to announce the engagement of their daughter Rhian to Olly Jennings. Preparations are in order for the wedding in 2022. Both families send love and very best wishes to them both
You’ve Got to Laugh
The biggest lie I tell myself is “I don’t need to write that down, I’ll remember it.”
I tried donating blood today …. NEVER AGAIN!!! Too many stupid questions. Who’s blood is it? Where did you get it from? Why is it in a bucket?
My mind is like my internet browser. I have 19 tabs open, 3 are frozen, and I have no idea where the music is coming from.
The man who invented autocorrect should burn in hello.
Don’t wear headphones while vaccuming. I’ve just finished the whole house before realising the Hoover wasn’t plugged in.
Help the worshippers find the temple
Read Matthew 7:7-11 and then see if you can fit the missing words into this sentence:
___ ___ ___ and it will be ___ ___ ___ ___ ___ to you; ___ ___ ___ ___ and you will ___ ___ ___ ___;
___ ___ ___ ___ ___ and the ___ ___ ___ ___ will be ___ ___ ___ ___ ___ ___ to you.
Why couldn’t the pony sing himself a lullaby? He was a little hoarse.
How do you know if there’s an elephant under your bed? Your head hits the ceiling!
FELINFACH COMMUNITY COUNCIL
TALACHDDU, DANYPARC COMMON & BRYNHAUL KIOSKS
THE COUNCIL ARE IN THE PROCESS OF HAVING THE KIOSKS REPAIRED AND PAINTED .
THE COUNCIL TOOK OWNERSHIP OF THE KIOSKS FROM B.T. AND HAVE A RESPONSIBILITY TO MAINTAIN, WHICH HAS A COST IMPLICATION TO THE COMMUNITY VIA YOUR COUNCIL TAX
THE COUNCIL WOULD LIKE TO INVITE YOU TO SUGGEST YOUR IDEAS ON THEIR FUTURE, AND HOW THEY CAN BE USED.
PLEASE CONTACT ME ON:
FACEBOOK via FELINFACH COMMUNITY PAGE
TELEPHONE – 07971 160396
COVID restrictions are now lifting but large gathering are still illegal.
If you have any information relating to a crime, no matter how small you may think it is, please report via 101 (or 999 if in progress) online or via your local PSCOs Emma Jackson 8188 and Hazel Jones 8076 email addresses being firstname.lastname@example.org and email@example.com.
If you receive a Facebook Message asking “is that you”?
Do not click on the link
Do not enter your Facebook User ID and Password!
How to protect yourself against phishers
Use unique and complex passwords for all of your online accounts. Password managers help you generate strong passwords and notify you when you reuse old passwords.
Use multi-factor authentication (MFA) where possible.
Beware of any messages sent to you, even from your Facebook contacts. Phishing attacks will usually employ some type of social engineering to lure you into clicking malicious links or downloading infected files.
Watch out for any suspicious activity on your Facebook or other online accounts.
Courier fraud: conning people out of PINs, credit card details and savings
On 22nd January 2021, DC Gareth Jordan has said that Dyfed Powys Police have had 10 calls in 2 days regarding calls from people purporting to be a police officer from Paddington Police Station. The criminal goes on to talk about fraudulent activity on the persons bank card, or tell them that they need to transfer money to another account due to suspicious activity.
It is the prelude to Courier Fraud where someone comes to pick up the bank card (after extracting all the details such as PIN number from the victim), or getting the person to go to the bank to withdraw money that can then be collected or sometimes transferred into other accounts.
We are trying to get bank staff to look for the tell-tale signs of this, and contacting their branch managers to ensure staff are aware.
We are asking our PCSO’s to visit banks that are open on their patch and ask bank staff to inform any customers withdrawing money or transferring money about this scam while they are in the process of requesting the transaction.
This scam is often aimed at the older generation, who have a respect for the police and may fall for the story that much more readily. What is worrying is that it can be just the start of further fraudulent activity including phoning the victim up purporting to be the bank and getting the victim to transfer money to another account in the deceitful belief that their own account is now at risk due to fraudulent bank card use. The third part is investment fraud and Gold purchases.
The Three Phases…
• A person, usually male, phones the victim pretending to be a police officer. The bogus Police officer explains that the victim’s bank accounts are under threat from fraudsters. He convinces the victim to participate in a fictitious undercover police operation to catch the fraudsters and safeguard their funds. They are told not to inform anyone, including their bank, as bank staff are equally under suspicion. Often the bogus Police officer discloses private financial information about the victim, which is used to encourage the victim to trust them.
• First phase: To influence the victim, the suspect asks about his/her bank account balances and overdraft facilities in place. The victim is then instructed to withdraw a small amount of cash (depending on victim’s bank balance). Victim is instructed to hand over the cash to a courier who must confirm a password/pin number provided by the suspect. Victim is later called on the phone and told most of the cash was identified as counterfeit.
• Second phase: Once the victim trusts and believes the suspects’ instructions, he/she is provided with several bank account numbers (mule accounts). Victim is instructed to move a large amount of their money (often £100,000 to £300,000) into what is purported to be “safe” accounts, which are actually the mule accounts. Often the holders of the beneficiary accounts are third parties (patsy) who are unaware of the sources of the credit in their account. The money is quickly dissipated from the beneficiary accounts into accounts outside UK Jurisdiction. Monies in the beneficiary account may simply be withdrawn from any UK ATM.
• Third phase: Victims are instructed to either buy gold bars or high valued watches. Again these items are handed to a courier who confirms a password given to the victim over the phone by the suspect.
• The order of the phases differ from victim to victim. The suspects invest a considerable amount of time and effort in building a rapport with the victim. The suspects usually instruct the victim not to divulge any details to anyone because the ‘operation’ must remain covert. Victims are coached with a cover story for bank staff, if their transactions (unusual) are flagged by the banks safety measures.
Dyfed Powys Police Website article: Door-to-door and courier fraud | Dyfed-Powys Police (dyfed-powys.police.uk)
DC Gareth Jordan from Dyfed Powys Police has said they have been noticing a large increase in scam calls where the criminal calls the victim and pretends that they are from Amazon.
The call may state that £79.97 is owed – but if they don’t want to renew, they can cancel Amazon by pressing ‘1’.
It may be a call that states that there has been unauthorised spending on the account (often over£1,000), and again, the request is to press ’1’ to go through to the ‘Fraud Department’.
With any of these types of call, If ‘1’ is pressed, the victim will be connected to a ‘customer representative’ who will attempt to obtain as many personal details as possible from the victim, they will also try to gain access to their bank details – often under the auspice that it is to provide a refund.
Unfortunately, these criminals are very adept at social engineering, and sound thoroughly convincing.
Many people think that the scammers will have a ‘foreign’ accent, but this is not always the case. Many criminal gangs now use previous UK based victims to carry out the phone calls, in order for them to pay off their debt.
For any of these types of call, it is best to hang up, and then check your account online by using the app on your phone, or typing in the correct address such as
and then log into your account that way and check.
Do not follow links if the criminal texts or emails them through – these will normally take you to fake sites that look authentic.
Please feel free to share this advice to help try to stop these criminals being successful.
Criminals are trying to make it look like they are Amazon or similar companies calling. They state you owe money or unauthorised spending…
Just hang up…
Residents at risk of being scammed over COVID-19 vaccine.
Dyfed Powys Police Economic Crime Team has become aware that criminals have been sending texts and emails attempting to lure people to apply for the COVID-19 vaccine.
DC Gareth Jordan, from the Cyber Crime Unit, said: “The text is made to look like it comes from the NHS and states ‘we have identified that you are eligible to apply for your vaccine’ and advises you to follow a link to get more information and ‘apply’.”
“If you follow the link, you are taken to a convincing looking, but fake NHS website that asks for your personal details.
“After entering your details, it then requests bank/card details to ‘check your identity’.”
“But as with all scams, if you look a little closer, you will see it is not real. In this instance, note the URL is not www.nhs.uk/
“As multiple vaccines are now being approved for use in the UK, these types of fraud attempts will continue as criminals look to take advantage of the vaccine roll out.
“It’s not only texts, beware of cold calls and emails regarding the vaccine as scammers are also asking people to pay for it over the phone. Remember – the vaccine is free of charge and there is no way to jump the queue by paying for a ‘priority slot’.
“If you receive one of these calls, hang up and block the number.
“If you have received an email, which you are not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) at firstname.lastname@example.org
“Suspicious text messages should be forwarded to 7726. This free-of-charge short code enables your provider to investigate the origin of the text and take action, if found to be malicious.”
Stop: Take a moment to think before parting with your money or information – it could keep you safe.
Challenge: Could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Protect: Contact your bank immediately if you think you’ve fallen victim to a scam and report it to the Police.
Remember – The NHS, The police, or your bank, will never ask you to withdraw money or transfer it to a different account. They will also never ask you to reveal your full banking password or PIN.
Do not click on links or attachments in unexpected or suspicious texts or emails.
Confirm requests are genuine by using a known number or email address to contact organisations directly.
Always check the URL of a website.
Scammers are trying to trick people regarding the Covid-19 Vaccine
The NHS don’t need your bank details and won’t ask for them in an email or text.
Warning – New domain pretending to be Microsoft could fool a lot of people!
The campaign has so far targeted over 200 million Microsoft Office 365 users, including those working in the financial services, healthcare, manufacturing, and utilities industries. Users receive an email, purportedly from Microsoft, to test a new feature of O365 which states that it allows them to reclaim emails mistakenly marked as spam. When the user clicks the link, however, they are redirected to a fake Microsoft portal which requests they enter their credentials, which are then harvested by the attacker.
This is a timely reminder to always be vigilant and always check the email address of the sender thoroughly.
- Always check the domain of the sender carefully: Micros0ft.com, MIcrosoft.com and Microsoft[.]com are not Microsoft domains.
- If you are on a web page, look at the address in the URL bar – make sure it is the correct domain.
- If you have clicked on a link and entered user information and password, report it to IS&T
- Be extra vigilant on the run-up to Christmas of fake shopping sites that have been made to look like the originals
ROYAL MAIL SCAM
DC Gareth Jordan from Dyfed Powys Police states that they have become aware of fake Royal Mail notifications being sent out via email…
The scam involves an email which claims Royal Mail has tried to deliver a parcel – and then asks you to pay £1.99 to arrange redelivery.
The style of the email and the low fee makes the scam appear legitimate.
It may look similar to the below – (they do differ)
The email directs you to an official-looking page where you will be asked to give away your bank details.
NOT CLICK ON THE LINK. Forward the email to email@example.com
(this reporting service is run by the National Cyber Security Centre and aims to take down fake websites)
- Anybody who receives an email claiming to be from the Royal Mail must remember that they will never be asked to pay a redelivery fee.
- Never input your bank or card information after following a link on any emails that claims it is from the Royal Mail, because it will result in your card details being stolen by criminals.
- If you have reason to believe that you may have been tricked, it is essential that you contact your bank and cancel your card at once, additionally check your statements for any signs of unauthorised transactions.
- If you have been the victim of a payment scam, report it to your local police.
Warning – Fake phone calls to residents pretending to be from the Police!
We have been notified by Dyfed Powys Police that criminals pretending to be Police officers are calling residents and trying to carry out what is known as ‘Courier Fraud’… this could be happening in the rest of Wales too
They phone you to tell you about fraudulent activity on your bank card, but then start asking you for personal information or even your PIN to verify who you are.
They may try to offer you peace of mind by having someone pick up your bank card from you to save you the trouble of having to go to your bank or local police station (Courier).
- These callers are criminals who will try gain your trust by making you think they are police officers.
- Do not engage in conversation with them.
- Do not allow them to arrange collection of bank cards.
- Put the phone down.
- Block the number they called from.
- Tell your friends and neighbours about this scam
- Report it to your local police force by contacting them via their online webpage or 101
FELINFACH COMMUNITY GROUP
This Community Group was set up by Dorian Thomas who is a resident in Felinfach with the aim to support local people through the Coronavirus pandemic.
It offers support to all residents in Felinfach and the surrounding area with the idea if anyone is self isolating due to being venerable health wise or unable to venture out due to a family member being venerable then help is at hand.
Offers of collecting prescriptions ,shopping, telephone calls if your feeling lonely and isolated are available, obviously all this is offered by volunteers free of charge and the service is relying on all members staying safe and exercising social distancing at all times
The group is set up on facebook, please search Felinfach community group and request to become a member.
Also we have the Village Emergency Telephone System which also offers support by ringing
This will also connect you to volunteers willing to support you.
Security experts say a spike in email scams linked to coronavirus is the worst they have seen in years.
Cyber-criminals are targeting individuals as well as industries, including aerospace, transport, manufacturing, hospitality, healthcare and insurance.
Phishing emails written in English, French, Italian, Japanese, and Turkish languages have been found.
The BBC has tracked five of the campaigns.
1. Click here for a cure
2. Covid-19 tax refund
Hackers pretending to represent the World Health Organization (WHO) claim that an attached document details how recipients can prevent the disease’s spread.
“This little measure can save you,” they claim.
But Proofpoint says the attachment doesn’t contain any useful advice, and instead infects computers with malicious software called AgentTesla Keylogger.
This records every keystroke and sends it to the attackers, a tactic that allows them to monitor their victims’ every move online.
To avoid this scam, be wary of emails claiming to be from WHO, as they are probably fake. Instead visit its official website or social media channels for the latest advice.
The subject line reads: Covid-19 – now airborne, increased community transmission.
It is designed to look like it’s from the Centres for Disease Control and Prevention (CDC). It uses one of the organisation’s legitimate email addresses, but has in fact been sent via a spoofing tool.
Cofense, the cyber-defence provider, first detected the scam and describes it as an example of hackers “weaponising fear and panic”.
It says the link directs victims to a fake Microsoft login page, where people are encouraged to enter their email and password. Then victims are redirected to the real CDC advice page, making it seem even more authentic. Of course, the hackers now have control of the email account.
Cofense says the combination of a “rather good forgery” and a “high stress situation” make for a potent trap.
One way to protect yourself is to enable two-factor authentication, so that you have to enter a code texted or otherwise provided to you, to access your email account.
FELINFACH COMMUNITY CORONAVIRUS HELP SYSTEM
IF YOU ARE ELDERLY OR SELF-ISOLATING AND NEED OUR HELP
PICKING UP SHOPPING
A FRIENDLY CALL
PLEASE CALL THE FOLLOWING NUMBER:
CALL THE ABOVE NUMBER AND WE WILL DO OUR BEST TO HELP FREE OF CHARGE
CORONAVIRUS IS VERY CONTAGIOUS, PLEASE TAKE EVERY PRECAUTION TO ONLY SPREAD KINDNESS