Consumer energy awareness for front line workers with the Big Energy Saving Network.


Transition Town Worthing (TTW) has been chosen as Worthing’s champion for the Big Energy Saving Network 18/19 (BESN). The project is funded and administered by Citizen’s Advice, and the aim is to engage consumers, particularly those who might be vulnerable through reasons such as age, disability or financial situation, with their energy bills, assisting them to learn more about what they’re paying and how they’re paying for it, enabling them to acquire a fairer deal, and access any further assistance that may be available to them.

People who are not actively engaged with the energy mark

et often end up paying significantly more for their energy than they need to, exacerbating fuel poverty.

As well as assisting consumers directly, an important requirement of the BESN involves sharing valuable information with front line workers, enabling them to support their service users on matters relating to their energy bills and the warmth of their home, so that this knowledge can be reach a greater number of vulnerable consumers.

Professionals and volunteers that work with vulnerable or elderly energy consumers can acquire the tools and information needed to add additional means of support to their services, equipping them to identify individuals and households who may benefit from some help minimising their energy costs, and encourage them to take action like changing payment method, making an application for the Warm Home Discount, or visiting our Energy Shop for more in-depth advice. Take part in the fight against fuel poverty through the support you deliver, and by helping TTW fulfil its funding obligations so that we can continue to deliver valuable free and impartial energy advice clinics to the residents of Worthing.

The awareness raising workshops involve a presentation with ongoing discussion, and time for Q&A. Sessions last between 30-60 minutes depending on level of discussion and number of questions from participants. In previous years, after attending a workshop there was the opportunity to complete an e-learning course at one’s leisure for an accredited CPD certificate worth 3 hours, however it is not yet confirmed if this is the case again this year.


For more information, contact Sam Bailey at This email address is being protected from spambots. You need JavaScript enabled to view it. or 07792198665.

  • Hawkeye keylogger using fileless delivery system via Amazon AWS

    We have been seeing a massive increase in Malspam emails delivering Hawkeye keylogger / infostealer trojan. The vast majority have either a zip file containing the trojan itself or a malformed word doc either containing macros or using one of the Microsoft Equation Editor Exploits like CVE-2017-0199, CV-2017-11882 or CVE 2017-8570 that download... Read More
  • ISRStealer via fake Prudential Assurance Company Purchase Order

    Every now & again we see a resurgence of ISRStealer  info-stealer / Keylogger Trojan Malware. This malware has been around since 2011 and gets intermittent distribution campaigns. You can now submit suspicious sites, emails and files via our Submissions system Prudential Assurance Company Singapore has not been hacked or had their email... Read More
  • Trustee & Leadership Networks meets on the 16th October.

    ‘How to become a Charitable Incorporated Organisation’Date: 16 October 2018Time: 6.00-8.00pmVenue: Gordon Room, Worthing Town HallCost: FreeBook: via Eventbrite Read More
  • Get Safe Online will help you keep your online payments safe.

    Trust Get Safe Online to help protect your finances with safer payments advice from the GSO experts These days, you can pay for almost anything online: products, services, tickets, holidays … even your next car, van or motorcycle. You can donate to charity, buy a driving licence or passport or pay to download, stream, play or gamble. It’s fast and convenient, but there are also risks attached, with cybercriminals doing all they can to divert your money into their pockets. Read More
  • Fake DHL email delivers an unknown keylogger coupled with a phishing scam

    I was extremely surprised to wake up this Sunday Morning to a whole slew of fake DHL delivery notice emails with a macro enabled  word doc attachment that eventually downloads some sort of Keylogger. There is some dispute as to what the actual Keylogger is. Some AV on VirusTotal describe it as an AgentTesla generic, whereas Anyrun app calls... Read More
  • banload and stealer

    Some weird malware possibly banload and a stealer. Details were uploaded to our submissions system Starts with email link that downloads from This zip contains genuine google updater & a bat file which downloads a powershell script from Then... Read More
  • Free EU Citizens' rights and Brexit: info session and Q&A , Brighton, Thursday 6 December

     Are you an EU citizen living in the UK? Do you have questions about how Brexit will affect your rights to stay here? The embassies of EU countries and the Representation of the European Commission invite EU citizens to an information session in Brighton on EU citizens' rights and Brexit. Read More
  • Nanocore RAT via fake DHL failed delivery in Chinese

    A quick post about the latest in a long, long, long, very, very long line of fake DHL delivery failure emails delivering all sorts of malware. Today’s version is slightly different to the ones we frequently see in UK. Today it is delivering Nanocore RAT in a zip file attachment. Firstly it is written entirely in Chinese, so most recipients... Read More
  • Big Energy Saving Network

      Consumer energy awareness for front line workers with the Big Energy Saving Network.   Transition Town Worthing (TTW) has been chosen as Worthing’s champion for the Big Energy Saving Network 18/19 (BESN). The project is funded and administered by Citizen’s Advice, and the aim is to engage consumers, particularly those who might be vulnerable through reasons such as age, disability or financial situation, with their energy bills, assisting them to learn more about what they’re paying and how they’re paying for it, enabling them to acquire a fairer deal, and access any further assistance that may be available to them. People who are not actively engaged with the energy mark Read More
  • More AgentTesla keylogger campaigns

    WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days. Today is no exception with quite a few so far. I don’t always post them here, unless there is something slightly different or unusual about either the delivery method or the malware itself changes. I just submit to Antivirus companies &... Read More
  • Keybase keylogger via fake indofuels invoice

    We don’t see a lot of malware at weekends in UK, so it was a bit of a surprise to get a whole swathe on emails overnight pretending to be an invoice from indofuels. The keylogger and info / credential stealer the criminals are using this weekend is Keybase,. I personally haven’t seen keybase for a couple of years, although reports of... Read More
  • Fake Council Tax refund phishing scam

    I was sent the details of a very interesting and extremely well done phishing scam, that pretends to be  a Council Tax refund. The scammers have chosen an extremely good domain name to perform the scam & copied almost exactly the genuine site complete with all branding & Postcode lookup. I don’t have the original... Read More
  • Fake order eventually drops Lokibot but something else happens

    I am not entirely sure what the in initial binary download with this one is, but there are indications it might be Dark Comet RAT. What we do know is that it drops a Lokibot binary The word doc is actually a RTF file containing embedded ole objects. This appears to contain 5 identical ole objects that in turn drop an Excel macro enabled worksheet... Read More
  • AgentTesla keylogger campaigns continue

    WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days. I don’t often post them here, unless there is something slightly different or unusual about either the delivery method or the malware itself changes. I just submit to Antivirus companies & most times tweet the details to other security... Read More
  • Very strange Barclays bank Phishing Scam

    We see lots of phishing attempts for email credentials.  This one is quite strange and weird, It pretends to be a message from Barclays Bank  to update card details. I don’t know what is happening but several  times I tried, I get redirected to the genuine Barclays Bank website. But from anyrun using MITM and sometimes from my... Read More
  • good quality grant applications from registered community groups

    good quality grant applications from registered community groups

    Homity is a small, independent, Brighton based Charitable Trust. Since 2014 we have awarded many small grants to local causes in real need of funds that will make a BIG difference. Our Trustees and Grants committee meet 3 times a year to consider the best quality applications and can award smaller (<£1000) funds quickly to those groups showing real need Read More
  • Watch out for these fake TV Licensing emails.

    Watch out for these fake TV Licensing emails. We’ve seen a sharp increase in reports about fake TV Licensing emails claiming to offer refunds. The emails state that the refund cannot be processed due to “invalid account details”. The links provided in the emails lead to phishing websites designed to steal personal and financial details. Read More
  • Formbook back hitting UK in fake order emails

    We haven’t seen any Formbook malware / Trojan / Info-Stealer hitting the UK for ages, so it was quite surprising to see this one arrive overnight. Unlike previous versions who generally used exploits or macros / embedded ole objects in Microsoft Office to deliver the payload, this is a simple .exe file inside a zip that pretends to be an... Read More
  • More AgentTesla keylogger info-stealer campaigns hitting UK

    We are still seeing continuous AgentTesla keylogger / Info-Stealer campaigns hitting the UK. We sill aren’t seeing a lot of other malware at the moment. I have received about 20 different versions over the last week that have all been nothing special, with no outstanding features worth mentioning, so I have just submitted to AV companies and... Read More
  • Fake invoice tries to deliver Remcos RAT

    This is a strange & slightly more difficult than usual to analyse  malware, mainly because the bad actor appears to have made a total mess of the distribution. I do not know if this will actually run on a proper computer, it obviously doesn’t like a sandbox / VM . The email was received with a .dat extension, which is what... Read More
  • AWC Community Transport Grants are open!

    Good morning  Just to share that these new grants opened today, all the details on our website: Deadline is 19th October. Best wishes, Jo Joanne Clarke Communities and Third Sector Lead, Adur & Worthing Councils Read More
  • Fake Update Notice delivers Qbot backdoor

    It has been very quiet with regards to malware in the UK for the last month or so. All I have been seeing has been the commodity malware like AgentTesla, Hawkeye & Lokibot that is frequently used by Skiddies and low grade bad actors who buy an off the shelf exploit kit and just fill in a few variables. These are so common that I haven’t... Read More
  • Fake Fedex Express Shipment For Pickup in iso delivers nanocore using Sendgrid

    The next in the overnight malware campaigns is a fake Fedex Express email delivering Nanore RAT via an img ( Iso) file. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better... Read More
  • Carer Innovations Fund

    The Carer Innovations Fund aims to support accessible, carer-friendly communities and public services and also seeks to provide evidence on effective interventions to support carers.  The fund seeks to identify and promote creative and innovative models that look beyond statutory services to ensure that carers are: Read More
  • nanocore RAT via fake order in password protected word doc with wrong password

    I was sent a message via the submissions system last night with the email the victim received attached. At first glance it looked like the typical password protected word docs we see regularly pretending to be either an order, invoice or resume, that frequently drop or download some sort of ransomware. At first I could not open this word doc using... Read More
  • learn more about online safety and online fraud.

    In partnership with Get Safe Online we are running a free training event, for our residents to learn more about online safety and online fraud. This free event is so they can gain better awareness and understanding about steps that can be taken to stay safe online and how to be vigilant of scams (and what you can do to avoid becoming a victim). There are 6 sessions in total running on 9th October, 27th Nov and 23 Jan. The Eventbrite link is attached . Read More
  • The Adur and Worthing Poverty Truth Commission

    Briefing meetings October 3rd 2018: Open to all. The Adur and Worthing Poverty Truth Commission (AWPTC) are pleased to announce that we will be holding two open briefing meetings for the community of Adur & Worthing to meet with us and our national Coordinator Andrew Grinnell from Leeds. The Adur and Worthing Poverty Truth Commission aims to generate solutions for the local area by bringing together decision makers with those with first-hand experience of poverty. Read More
  • It looks like another DNS compromise hack happening

    I saw a fairly short-lived, reasonably low volume, malspam campaign earlier this morning that looks like it comes via Necurs Botnet and is somehow using a “new” compromise or security hole in the DNS system. These appear to be targeted at UK only and as far as I can tell ONLY a UK IP number will get a redirect to the scumware site.... Read More
  • Get Safe Online With Switched On Parents In July 2019

    Get Safe Online With Switched On Parents In July 2019

      Do you really know what your child does when they’re online? For our children and young people, the internet is a wonderful place where they can explore, learn new things, communicate, be entertained and much more, with their curiosity and appetite for new content evolving and growing as they do. At Get Safe Online, we embrace these benefits, but equally, we know that it can be a challenging and potentially hazardous experience. Do you know how long they’re spending online, what content they’re viewing or who they’re chatting with? Are you concerned that they could be bullied, befriended by the wrong kind of people or even being persuaded to commit criminal offences? Or even that it could be your child who’s the abuser or budding cybercriminal? (After all, everyone is somebody’s child). Ironically, the fact that Read More
  • Another Agenttesla campaign using a compromised Iraq Government site

    WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days. Today is no exception with quite a few so far. I don’t always post them here, unless there is something slightly different or unusual about either the delivery method or the malware itself changes. I just submit to Antivirus companies &... Read More
  • new AgentTesla Keylogger install method – Choice.exe

    We continue to see AgentTesla keylogger / Infostealer on a daily basis. The UK generally has been fairly quiet for malware over the last few months ( since Easter 2019) and we are only seeing the “commodity” malware like AgentTesla, Hawkeye, Nanocore, Lokibot etc on a very frequent basis. Over the last week or 10 days we have noticed a... Read More
  • Urgent to all residents: email delivers Ursnif payloaf

    Urgent to all residents: email delivers Ursnif payloaf

    These malicious attachments normally have a password stealing component, with the aim of stealing your bank, PayPal or other financial details along with your email or other log in credentials.Be very careful with email attachments. Most of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Read More
  • Have Your Say On Sussex Police Funding

    Have Your Say On Sussex Police Funding

    This week 70 new police officers completed their training, and a further 38 have started theirs as part of the biggest recruitment drive in Sussex for over ten years, made possible by this year’s increase in the police element of council tax - the precept. Last week the Government announced the provisional funding settlement for policing in a £970 million package that gives Police & Crime Commissioners the ability, should they wish, to raise the precept above the current £12 limit. This unprecedented funding opportunity could help Sussex to recruit substantial numbers of PCSOs and even more police officers, as well as improving the public contact service, especially the 101 non-emergency number. Although no final decisions will be made until early February next year, the Chief Constable and the PCC, Katy Bourne, have indicated their commitment to ensure that residents will see and feel the benefit of any extra funding raised locally. If you have not already done so, you can give the PCC your views on police funding by completing a very short survey available on her website at I have been asked by the PCC to pass on her thanks to all Neighbourhood Watch volunteers for your support of Sussex Police throughout the year, which I am doing with great pleasure. Season's greetings to all Read More
  • Fake PrivatBank email delivers AgentTesla and Phishing

      I received a rather interesting email earlier today. It pretends to be an email from and written mainly in Ukranian.  There is not a known bank using anywhere I can find listed although a website for this domain was registered many years ago (2001). The closest  legitimate bank that I can find is... Read More
  • Hawkeye keylogger via fake receipt. Stolen data sent to another keylogger site.

    Over the last month or 6 weeks we, along with many other researchers, have noticed quite a drop in Malspam, in fact in spam generally. Nobody quite knows why but generally this means one or other of the major spam sending botnets has been taken down or is retooling & getting ready for a  new set of campaigns. One of the few constant... Read More
  • curry pcworld data loss 2018

    curry pcworld data loss 2018

    On June 13, we began to contact a number of our customers as a precaution after we found that some of our security systems had been accessed in the past using sophisticated malware. We promptly launched an investigation. Since then we have been putting further security measures in place to safeguard customer information, increased our investment in cyber security and added additional controls. In all of this we have been working intensively with leading cyber security experts. Our investigation, which is now nearing completion, has identified that approximately 10 million records containing personal data may have been accessed in 2017. This unauthorised access to data may include personal information such as name, address, phone number, date of birth and email address. While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and we have no confirmed instances of customers falling victim to fraud as a result. We are continuing to keep the relevant authorities updated. Read More
  • A Friday the 13th failure for Agenttesla campaign

    It looks like Friday the 13th  is unlucky for this malware bad actor, trying to deliver yet another AgentTesla keylogger / info-stealer  because as far as I can tell this malware chain is broken so the victim should not get the payload. WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days.... Read More
  • Lokibot via fake purchase order but won’t run in W7 or W8.1

    I have got a very unusual and somewhat difficult to analyse set of malware files here. I received 2 different versions of this email. The first with just an XLSX attachment, the second with both an XLSX and a .rar attachment. Running the xlsx file through Anyrun  using W7 64 bit resulted in a system freeze where it took so much memory &... Read More
  • More AgentTesla keylogger and Nanocore RAT in one bundle

    We are seeing a continuation of even more AgentTesla malspam campaigns again this morning. However today’s is somewhat different to usual and also delivers a Nanocore RAT. Actually the Nanocore RAT  is downloading the AgentTesla keylogger. And after a bit of digging around and seeing an Open Directory listing on the AgentTesla download... Read More
  • West Durrington Community Facilities - opportunity for an organisation

    "Adur & Worthing Councils own a number of community buildings and lease these to strong, community-focused groups and organisations to manage. The buildings are valuable assets for our local residents and the wider community - and meeting their needs, wants and expectations are essential. The Councils need organisations with sound experience, leadership and passion to take on a new lease and be the driver of good things in, and with, the local communities." Read More
  • Phishing on a compromised Brazilian ISP via fake Fax email

    Just a very quick post about a phishing scam this morning. This is only noteworthy because the phishing takes place on a compromised website belonging to a small Brazilian ISP.  The email pretends to be a fax message from your own domain, so the ones I received pretended to come from... Read More
  • Free Conference Brighton Pier 13th June - Protecting young people against radicalisation and grooming on the internet

    Free Conference Brighton Pier 13th June - Protecting young people against radicalisation and grooming on the internet

    Creative Exchange is working with the EU and Erasmus who have funded projects across EU partner countries and for the past 18 months we have been working on Radicalisation and Protecting Young People from Internet Grooming. It is called the Heads-Up Project. Read More
  • Fake TNT delivery drops WSHRAT via DiscordApp

    It seems to be the week for harder to analyse & dodgy delivery systems that more carefully target specific countries / regions or even specific  isps. Yesterday we saw a fake e-fax notification in German language that eventually led to a Buran ransomware. I couldn’t analyse that one properly or get the full payload, but with lots of... Read More
  • AgentTesla keylogger as fileless malware.

    I am seeing a somewhat different to usual AgentTesla malspam campaign this morning. This is using a multistage downloader eventually resulting in the AgentTesla keylogger / infostealer being run on the victim’s computer as a fileless malware. It all starts with the Word doc attachment, which is actually a RTF file that is using the... Read More
  • Lokibot via fake Reconfirm Bank Account Details with extremely large rtf attachment

    We are still not seeing a lot of interesting malware in UK at the moment, but this one has a few interesting parts to the delivery system. The Lokibot binary that is eventually delivered is nothing special and we see this sort of commodity malware on an almost daily basis. What is slightly unusual is the size of the word doc ( RTF ) attachment... Read More

    • Find out more about future plans to enrich and protect this special part of the South Downs National Park. • Discover more about the planned improvements at the Truleigh Hill Youth Hostel (YHA) • Talk to YHA staff about holidays, school trips, local and national YHA services. • Sample delicious refreshments from the YHA café. • FREE nature based and wilderness skills activities for all the family throughout the afternoon, coordinated by ‘So Sussex’ • Meet RSPB volunteers and learn about the local wildlife species you might spot – from barn owls to chalk hill blue butterflies • Take a virtual animated tour of the RAF underground bunker at Truleigh Hill, giving you a glimpse into the site’s history and hidden heritage. • Complete our online survey and tell us YOUR views uk/truleigh-hill-surveyPhil Paulo (Community Landscape Project Officer Truleigh Hill) Email: Phillip.Paulo@ Tel: 01730 819283 FREE Parking available at the YHA. A FREE Shuttle bus will run throughout the afternoon from the junction of Mill Hill and Erringham Road, Shoreham by Sea up to Truleigh Hill YHA and back. Read More
  • More compromised windstream email sending malspam with Orion keylogger

    Following on from Last Friday, it is looking like Windstream, Zimbra & Synacor still have a problem with accounts being compromised and mass malspam being sent.  Generally speaking the majority of ISPs are pretty good with blocking outgoing spam & malware emails. They generally restrict the numbers of emails sent per hour / day for... Read More
  • AgentTesla Keylogger and Binary Options scam

    We are still not seeing massive amounts of malware currently hitting the UK. We are still seeing the commodity malware like AgentTesla keylogger / info stealer, Nanocore RAT and Hawkeye Keylogger on a very regular basis. Today’s example of an AgentTesla campaign is somewhat more interesting than usual. The email is nothing special and... Read More
  • voicemail phishing scam involving compromised OneDrive for business site

    We see lots of phishing attempts for email credentials. This one is slightly different than many others and somewhat more  complicated. It pretends to be a message to download a voicemail. You can now submit suspicious sites, emails and files via our Submissions system Remember many email clients, especially on a mobile phone or tablet, only... Read More
  • eBook, "When I was young". guide to a summer outdoors,

    We're excited to announce the launch of our brand new eBook, "When I was young". A fantastic new guide to a summer outdoors, perfect for all the family. Think back to when you were young, do you ever remember being glued to a TV screen, games console or phone? No, neither do we, so let's show the next generation the excitement that can be had from the doorstep.    We want your children to enjoy being in the outdoors, just as you did when you were little. So we've created this brand new downloadable guide packed with fun activities, games and ideas to keep your family busy all summer long.   Get the kids to re-connect with the outdoors this summer and  re-create your childhood memories! Read More
  • compromised windstream email sending malspam

    Got a bit of a dodgy one here today, where it looks like the email service for has been compromised to allow a miscreant to send malicious emails that are passing all authentication. It is highly likely that it is an individual customer of Windstream that has been compromised, rather than the entire system, but the whole idea of a... Read More
  • Supporting Voluntary & Community Sector Groups in Keeping Children & Young People Safe

    Does your organisation work with a significant number of children and young people? If so, did you know that there is a VCS Safeguarding Forum that supports Safeguarding Leads as part of a network across the county?   Key Aims: • To bring together key VCS Safeguarding Leads from across West Sussex, to create networking opportunities and share best practice and training. Read More
  • Multiple Hawkeye malspam campaigns via GreenCloudVPS

    Another Hawkeye keylogger campaign again today. We see these most days and the emails are always such a generic invoice, order or Request for quotation so I don’t bother to post all versions we receive. I normally just tweet to the other researchers and submit to antivirus companies. These are all using CVE-2017-11882 RTF Today we are seeing... Read More
  • Launch of Worthing Refill

    Refill Worthing launch - 15th August, 5:30-8pm @ St. Paul's cafe, chapel Road, Worthing BN11 1EE   A scheme to break our plastic habit, which started in Bristol and has taken off nationally, is launching in Worthing. The Refill scheme signs up local businesses, cafes and venues to become Refill stations, where members of the public can refill their own water bottles for free. The nifty little Refill app, available at the normal places, shows people their nearest stations on a map. Folks can also upload their own favourite cafes if they too want to become Refill stations.  Read More
  • Hot Mobile Israeli Hebrew Phishing scam

    We see lots of phishing attempts for various credentials. This scam in Hebrew is a totally new one to me. As far as I can tell the Mobile phone company being spoofed Hot Mobile is an Israeli Mobile Phone company that has links to the Israeli defence Forces. All the info I am getting about this comes from Google translate or Wikipedia, so might not... Read More
  • claiming to offer a home insulation scheme which is supported by East Sussex County Council.

      East Sussex Trading Standards are warning residents to be vigilant about companies who are cold calling and claiming to offer a home insulation scheme which is supported by East Sussex County Council. However, it is possible that similar improper approaches may be made anywhere across the county. It is not in the remit for East Sussex County Council to support schemes that involve cold calling, and companies claiming that they do are misleading residents and may be breaking the law. This warning follows a spate of recent complaints from residents in Hastings about cold callers falsely offering an ESCC supported insulation scheme, but incidents may also be occurring elsewhere. Read More
  • Finding Additional Support In A Power Cut

    UK Power Networks own and run the electricity cables in most of our region and fix power cuts. They deliver the electricity which you buy through your choice of supplier. They provide a priority service for anyone who might face extra difficulty in the event of a power cut, including households with an elderly person, young children, someone less mobile or someone with a health condition. Read More
  • Watch out for these fake account emails.

    We’ve seen an increase in reports about fake account emails claiming that there’s an issue with your account, or that your account has been suspended. The email states that you need to “update” your account details in order to resolve the problem. The link in the emails leads to genuine-looking company phishing websites designed to steal your username and password, as well as payment details. Always question unsolicited requests for your personal or financial information in case it’s a scam. Never automatically click on a link in an unexpected email or text. For more information on how to stay secure online, visit Message Sent ByAction Fraud (Action Fraud, Administrator, National) Read More
  •  WSCC Care and Help at Home Service - Survey

    WSCC Care and Help at Home Service - Survey

    Voluntary and community organisations have the opportunity to give us their views on the future [Care and Help at Home service] and help us to understand how we might work better together to support independence at home. The survey should take around 10-15 minutes to complete.” Read More
  • Some changes to Remcos Rat persistence method

    It looks like we are seeing a few changes to the Remcos RAT install & persistence method. Over the last couple of weeks I have noticed a few tweaks to the persistence & auto start of several Remcos Rat versions. Today it has changed again to try to bypass protections. This all starts with the usual spam email, today’s ( or rather... Read More
  • More AgentTesla keylogger as fileless malware.

    We are seeing a continuation of the new style AgentTesla malspam campaign again this morning. This is still using a multistage downloader eventually resulting in the AgentTesla keylogger / infostealer being run on the victim’s computer as a fileless malware. The initial stage today is a .exe file though not a word doc / rtf f=doc in the... Read More
  • Remcos Rat via fake invoice using multiple delivery methods.

    I have heard of the “Belt and Braces ” approach to delivering malware before, but this malware campaign delivering Remcos Rat is using  the belt and 2 pairs of braces to try make sure the malware gets delivered. The email is a fairly typical Invoice Request that appears to a part of an ongoing conversation and contains 3 different... Read More
  • Gootkit banking Trojan via Fake UKPC parking penalty appeals

    I am hearing about a return of the fake UKPC parking charge appeals scam which has been quiet for about 1 year. At this time I don’t have a copy of the email that was received by the victim, only the link that was in it. I assume the email will be very similar to the ones described in these 2 posts  [1] [2]. UKPC are a nationwide... Read More
  • Bitcoin verify your Identity phishing scam hosted on Microsoft Azure hosting

    I  am seeing a bitcoin phishing scam campaign this morning hosted on Microsoft Azure/ The emails pretend to come from your own email address and are addressed to the same email address. All hosting companies get abused and used for malware, scams and phishing. Recently Microsoft Azure Hosting seems to be the flavour of the month.... Read More
  • Community Works Reps’ Nominations are open! Deadline Friday 12 October

    We are looking for representatives who would like to become champions for community groups and voluntary organisations, across Brighton & Hove, Adur and Worthing on behalf of Community Works. Do you want to ensure the voices of these groups are heard and understood? Are you keen to share your knowledge and expertise across a broad range of partnerships and agendas? Would you like to represent community and voluntary organisations at a strategic level? Read More
  • Phishing emails pretending to be sent from

    First of all I want to apologise to anybody who received a scam phishing email that pretended or appeared to come from our email address This email address is being protected from spambots. You need JavaScript enabled to view it..  These emails were not sent from this server but from a scummy server controlled by a hosting company  in Iceland who are used frequently by criminals for malware,... Read More
  • multiple malware delivered from compromised website run on a domestic BT IP address

    As I mentioned earlier in the week, we aren’t seeing massive amounts of malware, especially in the UK at the moment BUT we do see a steady lowish volume stream of commodity malware. These are the standard easy to purchase and use malware tools like Nanocore, Hawkeye, Agent Tesla and other keyloggers or remote access trojans that are so easy... Read More
  • Docusign phishing scam using a compromised law firm webspace

      Every now and again we see a phishing scam that stops you in your tracks and you think WTF. this is one of them. It starts with a fake Docusign email that contains a link to a short url. What makes this one so bad is that the short url has been live since 20 August 2019 and as of the time of writing has had 1801 clicks. Now to... Read More
  • various phishing scams via compromised Mexican Gov email address

    This set of phishing scams is noteworthy because the emails all originate from a compromised email account belonging to the Mexican Government or at least using the Mexico Gov domain. It seems to track back to the Ministry of Justice of Guanajuato state. They all pass authentication checks so are more likely to be delivered to prospective victims.... Read More
  • Over a third of Neighbourhood Watch members now more concerned about cybercrime

    Over a third of Neighbourhood Watch members now more concerned about cybercrime

    From Neighbourhood to Cyberhood: Over a third of Neighbourhood Watch members now more concerned about cybercrime than physical crime. Cybercrime now feels like more of a threat than physical crime for a rising number of households across England and Wales, with more people either falling victim personally, or knowing someone who has been a victim of online theft, according to research from over 14,000 Neighbourhood Watch members. The research, carried out in conjunction with Avast, a cybersecurity leader in the UK, found that those who believe cybercrime is less of a threat than physical crime are firmly in the minority (15%). Read More
  • Worthing Sporting Memories

    Sporting Memories is an opportunity for older sports fans to get together to talk sport over a cuppa. It aims to promote physical and mental well-being through reminiscence and tapping into passion, knowledge and love of sport. It is open to any one over the age of 50 who likes sport, and enjoys reminiscing about their experiences of watching or playing sport! It is free and takes place every Thursday 10.00 - 11.30am, at the Clubhouse, Worthing Football Club.   Read More
  • Fake Payment receipt vbs drops njrat bladabindi downloads Agent Tesla via Sendspace.

    A rather interesting malware campaign from overnight. It all starts with an email pretending to be a payment receipt that contains a .tar attachment which contains a vbs file. As per usual the email is just generic enough to entice a recipient to open it, read it & possibly extract & run the malware file. This is another one of the ... Read More
  • budget-developers and budgetcoders

    budget-developers and budgetcoders

    Recently i recieved an email (shown below). I do think about wordpress a lot, it along with drupal, and concrete and others are a major part of my daily life. When I get an email like this ( and thanks to for sending it to me) I have to wonder how far the expectation and experience of the sender goes. At least this one is not promising to put me at the top of "yagoing" or or with at NS9 compatible site.  Lets look at the email, them Me Read More
  • Training for groups or organisations that work with vulnerable adults, Tuesday 23 October

    Does your group or organisation work with vulnerable adults? If so, you have an important role to play in helping keep them safe. ‘Keeping Adults Safe’ is an introductory course for community groups and voluntary organisations who work with, engage and deliver activities or services for adults. The next course is on Tuesday 23 October 2018, 9.30am - 4.30pm, in Brighton. Concentrating specifically on the over 18s age group, the course will provide you with an understanding of your role in establishing a safe environment, and what you can do to create this environment. For more information and to book a place, visit: A small number of free bursary places are available to member organisations with annual income of less than £35,000. Read More
  • Lokibot via abusing the ngrok proxy service

    It looks like one of the criminal gangs behind some of the Lokibot campaigns have found a way to serve their malware almost undetected or at least without any known host that can take down easily or be blocked. What they have done with this series of campaigns is abuse a new(ish) service NGROK which basically acts as a proxy, direct tunnel or VPN... Read More
  • Fake Bose site selling goods at stupid prices.

    I have got a slightly unusual potential scam / phishing / ID and money theft or fake goods scam to report on today. Yesterday I received a message via our submission form about a look-a-like site selling Bose products. The reporter was a bit concerned, saying “This site looks impressive but the price reductions are massive. Not at all what... Read More
  • Wechat phishing via another compromised web developer

      Every now and again we see a phishing scam that stops you in your tracks and you think ” I really don’t believe it”. this is another one of them. I am absolutely gobsmacked by the amount of so called web developers, SEO experts or Designers who are totally incapable of securing their own website, let alone build &... Read More
  • Our actions have an impact. - Tearfund

    Our actions have an impact. - Tearfund

    As part of Tearfund’s Matched Giving Appeal, we are asking supporters to donate and pledge to reduce their plastic. When we speak out about plastic pollution and how it affects people in poverty, we are keeping the issue on the agenda. When we show by our actions that we want to live in a less wasteful world, we are valuing what God has given us and caring for our global neighbours, as well as sending a powerful signal that we want decision-makers to act. Join us by taking the Plastic Pledge to give up using one single-use plastic item for 40 days (or more!). Every single-use plastic item we save is one less thing in a landfill site, ocean or incinerator – or one less thing shipped overseas for another country to dispose of.Single-use plastics are plastic items that are only intended to be used once, such as soft drinks bottles. The most common items include disposable cups, drinks bottles, non-recyclable packaging, wipes and female hygiene products. Finding alternatives to these plastics is easier than you might think! It can be very satisfying to know that you are walking that little bit lighter on the earth – and often, it saves you money too. Read More
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78