I think it is rather optimistic of the hapless souls that have been charged to think that the goods will be delivered to the fraudsters. Wiggle use Hermes, which is why as a lycra-clad carbon bike riding not quite MA-MIL I left them and asked them to delete my data last year. Any fraudster relying on hermes to deliver their ill gotten wares might need to reconsider their plans.
7 posts • joined 7 Sep 2018
No Wiggle room: Two weeks after angry bike shop customers report mystery orders on their accounts, firm confirms payment cards delinked
Phishy fishy FISH
I get regular emails to my nhs.uk account asking me to open the attached encrypted html file. They are genuine, from ESR, the electronic staff record people. The thing is, no matter how hard they scratch their heads, peeps cannot work out how wannacry got into the system and why people felt safe to click such emails.
If the good guys continue to engage in bad guy practice, the end user won't know which emails to trust and which not to. And I have reported at least 2 unsavoury emails to Trust IT departments that were truly bad.
Re: Connectivity ?
Maybe so on a general ward, but a very different picture on intensive care. There is a lot of data collected into ICU electronic records and I have no problem with that being done electronically. But the system should be designed from the perspective of a bad actor, not left wide open for updates over the network.
Alarm / alert fatigue is a massive issue in hospitals. One case I am aware of involved 27 people clicking through an alert about a critical missing medication.
Central notification is not all bad. ICU nursing is 1 nurse: 1 patient. But sometimes they need to help each other out with rolling patients or dealing with a deteriorating patient or checking drugs. Having alarms centrally monitored as well gives a degree of redundancy that is entirely appropriate.
It is 2018 and the NHS is still counting the cost of WannaCry. Carry the 2, + aftermath... um... £92m
Ah yes. NHS IT. Every April I get sent a 'secure message' from an external email address that asks me to open the html attachment to read the message. The thing is, it's genuine. So our IT department says - sure go ahead. Then we wonder why people open html attachments and spread malware.
The same happened with my flat managing company (Warwick Estates since you weren't asking). They were using zendesk chat and had hardcoded "http://" meaning all chat was unencrypted. They had no idea what I was talking about and it was only when I went to zendesk and got them to confirm it, they actually changed it.
Similarly, NHS jobs, until 2 weeks ago, was doing passwords and logins in the clear.
Last year I found the same with credit card details for bookatable. Again, hardcoded 'http://' on a 'back' button.
I am not even an IT professional. This kind of stuff is everywhere.
Naturalky no one has ever thanked me. But I'm not in this for the praise.