Posts by: Ruth B

Online Opportunists Target Busy Festive Season

Recent broadcasts from security communities and publications are warning of a new Malware threat, disguised as originating from Royal Mail. The fraudulent email appearing to originate from the email account ‘noreply@royalmail.com’, is structured to notify the recipient that they have an undelivered package. The message then goes on to request that the recipient completes an attached form to the email, with the required details to process the delivery. However, upon opening the attachment identified as ‘royal_mail_shipping.exe’, a harmful Malware is triggered, which will then begin to install onto the victims system. Below is a sample of the email distributed;

Mail – Lost / Missing package – UK Customs and Border Protection

Royal Mail has detained your package for some reason (for example, lack of a proper invoice, bill of sale, or other documentation, a possible trademark violation, or if the package requires a formal entry) the RM International Mail Branch holding it will notify you of the reason for detention (in writing) and how you can get it released.

Please fulfil the documents attached.

Reports from security communities have identified the Malware having the ability to reconfigure system Registry and Firewall settings, potentially further compromising the victim. Additionally, the malicious program is also capable of harvesting data from the compromised system. This poses a major risk to businesses and individuals, whose private data may fall into unwarranted hands.

In response to the threat, Royal Mail has issued the following advice for their customers:

Advice from Royal Mail

  • Royal Mail will never send an email asking for credit card numbers or other personal or confidential information.
  • Royal Mail will never ask customers to enter information on a page that isn’t part of the Royal Mail website.
  • Royal Mail will never include attachments unless the email was solicited by customer e.g. customer has contacted Royal Mail with an enquiry or has signed up for updates from Royal Mail.
  • Royal Mail have also stressed that they do not receive a person’s email address as part of any home shopping experience.

This is not the first time and undoubtedly not the last, that opportunistic fraudsters have attempted to profit behind the mask of a courier service. In recent years similar attacks have been identified, disguised as originating from DHL, USPS & FedEx.

 

In order to best protect your system from falling victim, Action Fraud recommends if you receive one of these emails you should delete it immediately, report it to Action Fraud or the National Fraud Intelligence Bureau (NFIB) and don’t download the attached zip file. Additionally, ensure that all security setting and software are up to date for the system, to help detect and prevent malicious threats.

SRM's Project & Finance Administrator, Ruth B is a regular contributor to the SRM blog.

SRM Achieves a First Time Pass with PCI Council Audit

We are delighted to announce that SRM has met the desired level of quality, as laid down by the PCI Security Standard Council. As part of a recent PCI Security Standards Council audit, SRM’s services relating to conducting PCI DSS assessments were evaluated. This process included the production of PCI ‘Reports on Compliance’ and the safe and secure handling and storage of client confidential data. As some of our clients will be aware, the PCI Security Standards Council (PCI SSC) undertakes random audits of all QSA companies on a rolling basis. SRM was selected audit in May of this year, and the process of supplying redacted reports and providing the necessary quality assurance materials was undertaken by SRM and the PCI SSC quality team.

The results of the audit were received last week and we are pleased to announce that SRM was found to be satisfactorily meeting the requirements, as laid down by the PCI council.

SRM maintains a high standard with regards to business processes, and has been audited against theISO27001 standard for a number of years. SRM has also maintained QSA status since 2008, and also holds accreditation as a PA-QSA and PCI PFI, with some consultants also accredited onto to the more recent PCIP scheme.

SRM's Project & Finance Administrator, Ruth B is a regular contributor to the SRM blog.

SRM Blog

SRM Blog