Fake hardware seized by Police

Fake hardware has been seized by a City of London Police intellectual property crimes unit, following a recent raid in Kent.

The counterfeit networking equipment, worth at least £300,000, is believed to have been manufactured by organised criminals imitating the high-quality hardware of IT giant Cisco.

Small form-factor pluggable transceivers were recovered, which are used to convert optical data to conventional electrical signals as part of fibre-optic networks. 

Police believe the risks of organised criminal gangs being caught transporting imitation IT hardware are lower than for drugs or firearms, and that only technically-trained specialists would be able to distinguish counterfeit technology from the real thing.

Although no evidence of cyber-security intrusions have so far been found, engineers from Cisco stressed that small items like these could easily find their way into a business or public-sector supply chain, become mixed up with genuine network hardware, or fail due to low-quality manufacture.

Customers who suspect they may have encountered counterfeit items should isolate the hardware in question from other devices and report their suspicions to IT staff.

 

Lineal are a Cisco Select Partner – for hardware advice and support, please contact our team today: 01271 375999


Fake DVLA Emails: Tracing a Trojan Scam

Continuing our recent series on email phishing trickery including fake invoices and Apple ID theft, this week we discovered a new scam involving a fake communication claiming to be from the Driver & Vehicle Licensing Agency (DVLA).

You haven’t sent them your vehicle details: but never fear, enter them below and avoid a hefty ‘1000 GBP’ fine. Never mind that your garage should have organised a V5 document for you, just click the link and type in your details. This couldn’t be a scam? Right?

We set Lineal’s security trainee Lewis on the fake DVLA emails case – who found that the email links to a private (non Gov.uk) web-page with a extensive bit of PHP code running in the background. A classic Trojan, this webpage invited you to download your casefile – and likely something dangerous along with it.

trojan

Despite poor grammar, the format matched a GOV.UK page quite closely and the ‘official’ nature of the styling might easily have tricked unsuspecting motorists.

Avoiding the page itself, Lewis completed an HTTPS lookup on the domain hosting the fake web page – but found two servers running the same scam. The email itself appeared to be routed via the USA, in an effort to mask the attacker(s) identity.

Tracing both IPs seperately led back to the same address in Germany, registered under two different names which could either be part of an organisation (or more likely) both assumed identities stolen from others fallen victim to the scam.

German privacy law prevents Google StreetView from being completed across most of the country, so an aerial view of an unknown industrial building on the outskirts of Lippstadt was a close as we could get to sourcing the suspicious email itself.

Clearly a sophisticated operation, fake DVLA emails like this highlight the growing technical ability of online scammers and the need for solid IT security precautions.

 

For IT Security advice and support, contact Lineal today: 01271 375999