Tax Break

 In ITC's Threat of the Week

As you will all have realised from the seemingly endless blipverts coming out of the ISA punters, the accountants and if you are very unlucky Her Majesty’s Revenue And Customs, it is the end of the tax year this week in the UK.

The end of any arbitrary period always presents opportunity for someone. The end of a budget year in local government for instance seems to inexplicably lead to a mass of started, not finished, with no Oompah Loompahs on show, meaningless construction projects.

The end of the tax year is amongst the most abused opportunities by online criminals to scam the vulnerable. In this case ‘vulnerable’ consists of the elderly, the disorganised and the distracted, perfect candidates for a good old exploitation experience.

As Gareth Corefield of the esteemed El Reg reports, this year is no exception with phishing scams in abundance. We recommend that you make sure that you keep in touch with your elderly, distracted and disorganised selves/relatives and bring this matter to their attention.  Basically if it isn’t in a brown (the international colour of phear) envelope with your middle name on it, it is probably a scam.

We are seriously considering giving the trustworthy folk at the nearest thing to an online Holy See, Facebook, its own blog as it seems to blunder from jaw dropping data mismanagement to mismanagement of data that leaves one agog.

This week, hot on the heels of revealing that millions of customer passwords had been stored in the buff for years (nothing to worry about though, deffo not compromised) and being captured for requesting user’s passwords for email accounts unrelated to the holy book,  Now it transpires, wait for it, that no fewer than Half A Beellion sets of user data managed by third party suppliers of zuckbook, have been hanging out in unsecured S3 buckets for some time.

Fortunately these did not appear to include password data, but did include ‘likes’ and other details such as the name of your pet (ahem). Without wanting to sound too smug, we have banged on about both leaky S3 buckets and third party supplier management ad nauseum.

Our Director of Cyber Advisory Malcolm, is discussing third party risk at the snappily named ‘Retail Risk London’ event on April 11.  If you have the time, sign up and get yourselves along. If you cannot make it, please do give us a call and we can help you out with the boring old holy buckets, associated plumbing related tedium and third party risk management.

That is a pretty good offer. Contact us at: [email protected] or call 020 7517 3900.

Have to go now. Some bloke called Mark is calling.

Author: Kevin Whelan

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900