google293e9850b7c2cd86

All posts by Davidhb

Is this the World’s first real cyber war?

In 2016 a piece of malicious code was attached to a popular accounting package in the Ukraine. Although the publishers strenuously deny it, all the indicators point to the code being part of an update to Ukraine’s MEDoc accounting software package. This gave birth to the ransomware that came to be known as Petya. But is it really ransomware or are we seeing the first salvo of a true cyber-war?

First came the Wannacry ransomware that had a devastating effect, in terms of infecting systems. It relied on a single flaw to access computer systems. Once inside a system, it quickly spread to all the computers attached to that system. The code itself, was rather amateurish, with a simple kill switch (registering the domain it was looking for). However in hindsight, was it a test for what was to follow?

Next came the Petya ransomware. This spread in a similar manner to Wannacry but unlike Wannacry, it uses multiple flaws to get around computer security measures. This one is playing havoc with the Ukraine power grid and somehow jumped from there to some hospital systems in the USA.

Both of these were ransomware. They demanded a payment in Bitcoin. We assume the objective was for profit. The Wannacry ransomware was removed once confirmation of payment was received. So far we have no evidence that any system infected by the Petya ransomware, has been freed, once the money has been paid.

Now we have the next evolution – the “Not-Petya” or “Netya” ransomware. Like the Petya ransomware, this uses a variety of vulnerabilities to gain entry into a system. Once inside, it wreaks havoc by encrypting the files, like Petya and displays a ransom note. However, the Netya ransomware then attacks the master boot record (MBR), crashing the entire system, to the point where it will not start up at all – no more ransom note. This begs the question, if the ransom note cannot be displayed, was the goal really ransom?

If there is no way to make any payment, no ransom note and no master boot record to start the computer up, to the point where it can operate, then what was the purpose of the attack? Even if the MBR was repaired, the files are encrypted – unreadable.

Experts in several computer security companies agree that the Netya attack code was designed on a large budget. There are examples of repeated amendments to the code after trials. That is not usual where a single person or few hackers have collaborated. This looks like a larger group of very professional programmers, have spent a lot of time writing multiple exploits, for a wide range of vulnerabilities. If we are not looking at a small group on a tight budget, then we are looking at an organisation. There’s no demand for payment or any way to recover the files, so what was their aim?

The only option left, is cyber-war.

Let’s look at the evidence:

  1. The USA claims Russia hacked the emails of different election candidates to swing the votes in favour of Donald Trump, a self confessed friend of Vladamir Putin and therefore Russia. They claim to have evidence that points to Russia directly.
  2. The French claim to have evidence of Russian cyber tampering with their recent elections.
  3. The Petya and Netya ransomware first attacks appear in the Ukraine – a country at war with Russia, the perfect test bed for a cyber attack.
  4. There appears to be a progression of developments and tests leading up to the Netya ransomware. Not typical of a sole operator. Were these tests for Netya or is something worse coming?
  5. The code seems to be written by an organisation aiming to disable systems en masse, not for any financial gain.

Postscript

Since writing this, the Netya attack has jumped from the Ukraine and USA to thousands of other systems in various countries, as far away as a chocolate business in Tasmania, Australia.

An affordable investment – 6

No Tax bill!

This is not a sales pitch for Harmoney or P2P lending and I’m no investment adviser nor registered finance consultant. I will not receive any rewards from anyone for writing and publishing this information. I just found something that’s working well for me, that could do likewise for you too and unlike investment advisers, who charge a fat fee and get commissions, I personally have invested my money in Harmoney – you could say, I have put my money where my mouth is. There will be an equivalent organization like Harmoney in your country.

Most other ways of creating wealth from home, on line over the Internet look good until you deduct taxes. They focus on gross returns, not net.
One of the biggest killers of any investment is tax. Many investments can get you into trouble because you receive your returns with interest and spend it. Then comes tax time and there’s a nasty surprise when you do your tax return – a large debt to the tax man.

Something I forgot to mention, Harmoney withhold an amount you choose, for tax. Depending on your other earnings you might have some extra tax at the end of the year but whatever it is, it is usually less than you would have from franked shares. Compared to other investments you’ll get to keep more of the rewards. Just to be safe plan on losing a bit extra in tax at the end of the year.

Screenshot of Harmoney Lender's dashboard showing withheld tax
Harmoney withhold tax so you won’t get any nasty surprises at tax time.

Some P2P lenders do not withhold investor funds for tax. If this applies to your lender, you will need to deduct tax from your investment earnings. I’d look at what your usual tax rate and deduct tax from your investment at the next rate up. For example, if my top tax rate is 30% (30c in the dollar) then I should withhold tax at the nest level up (in NZ that’s 33%). By doing this, you won’t get any nasty shocks at tax time. Remember that’s tax only on earnings.

An affordable investment – 5

Strategies to maximize your investment.

This is not a sales pitch for Harmoney or P2P lending and I’m no investment adviser nor registered finance consultant. I will not receive any rewards from anyone for writing and publishing this information. I just found something that’s working well for me, that could do likewise for you too and unlike investment advisers, who charge a fat fee and get commissions, I personally have invested my money in Harmoney – you could say, I have put my money where my mouth is. There will be an equivalent organization like Harmoney in your country.

I love the idea I can make money from home, on line by using the Internet. There’s also a few things you can do to maximise your investment too:

Be consistent – the biggest killer for any investment scheme is not being consistent. Set an achievable amount you can deposit into your investment each pay. Remember – the beauty of this investment is the small amounts you can deposit to build it up. It doesn’t require a lump sum, so make the most of it by depositing each pay day. People tend to focus on the amount rather than the frequency they deposit into their investment account. Down the track, if something comes up and you can’t make the full amount, you tend to think it’s not worth depositing a smaller amount – wrong!

One of the nicest things about P2P lending investment is you can deposit anything, it doesn’t have to be $25 or more. It goes into a bank account and when there is $25 or more, you can buy a note with it. If you can’t spare $25, depositing less this pay, is better than nothing. When you see it grow and get to say $22.00, you’ll be motivated to put an extra $3 in to afford to buy another note.

Make a rule at the very start, to deposit every pay, regardless of the amount, then select a manageable amount to deposit. Because my wages were up and down like a yoyo, I decided to put in only $25 a week. There were a few weeks where I couldn’t spare that, so I put in only $5.00 (2016 had some wild ups and downs for me – redundancy, workplace injury etc, in hindsight, a crap year but I still put something away every week).

Make a plan and stick to it – As your investment grows your attitude will change. Many people start taking more and more risks as they see the returns growing their investment. It’s the greed syndrome. What they forget is they are raising their risks of failure. Each loan has a credit risk from A1 being the lowest risk, to F5 being the highest risk of default. When you see a B3 rated loan at 15.16% and compare it to an F3 loan at 39.61%, it’s tempting to take the F3 loan but there is a significant difference in the chance of a default. Set out with a plan on day one and stick to it. My plan was to distribute my notes over all the categories evenly. This way I spread the risk of any defaults. Today I still use that same strategy.

If you feel this is a high risk investment strategy, then plan to have most of your notes in A and B loans.

Diversify – this is something Harmoney also stresses heavily but it applies to any investment.. Invest a single note in each loan rather than many notes in one loan. You will reduce the risk of losses from any defaults. Defaults are not common but they can happen so we have to factor them into our planning.

The way I look at it is: Murphy’s Law says that if only one person will default, the chances are it will be the one I have invested in. By investing in many people, The chances of all of them defaulting is much less than just one person. If I make 20% each on 5 notes and if the 6th one defaults, I haven’t lost any money (I haven’t gained either). The returns on the 5 will make up the loss on the 6th.

But it gets better – this only applies if the 6th person defaults on the very first payment. That’s rare. Most defaults occur down the track, when part of the loan is already paid off. In this case, you are not even losing the full value of your note, part of it will have been repaid already. In my portfolio, I would have to have every third note default before I would lose money. That’s highly unlikely.

An affordable investment – 4

Starting off in P2P lending investment

This is not a sales pitch for Harmoney or P2P lending and I’m no investment adviser nor registered finance consultant. I will not receive any rewards from anyone for writing and publishing this information. I just found something that’s working well for me, that could do likewise for you too and unlike investment advisers, who charge a fat fee and get commissions, I personally have invested my money in Harmoney – you could say, I have put my money where my mouth is. There will be an equivalent organization like Harmoney in your country.

The key factors to look for are:
1. No lump sum minimum to start up.
2. They have a credit worthiness assessment system for their borrowers.
3. They have a collection process for loans in arrears to prevent defaults.
4. They respond to your questions and not just divert you to a FAQ.
5. They withhold funds for taxation.

Most high yielding investments require a large amount of money and a high level of risk. Bank interest is below inflation, so investment has become beyond the reach of the average person who wants to get ahead. P2P lending could be a solution. It does have risks but I believe when you compare it to other investments, you have more control over your risk. It requires no lump sum to start it off, returns very good interest and locks the money away so we can’t spend it until it’s grown. Unlike fixed term investments the funds trickle back into your account so you can accumulate them and re-invest them.

Research – do your research first. Check their web site and also search for complaints with them. If the P2P organization is called XYZ, then do a search for “complaints about XYZ” , “Is XYZ a scam”, “Problems for lenders with XYZ” and “Borrower problems with XYZ”. Often you’ll get some moaners who broke the rules, so read the results with an open mind.

If they appear good, open an account and deposit a small amount, say enough for one “note” only. This should be money you can afford to lose. The idea is to see how the system runs. How long does it take between depositing to actually owning a note. This is important because as P2P lending becomes more popular, there will be a scrum for buying notes, you need to know the processing time. Watch their site once a day for a week or more. They will usually have one day where they release a lot of loans – day where you have far more choices.

Look at their borrowers. Who are their customers? Are they borrowing for home improvement, debt consolidation, holiday expenses or are they all businesses that could fold tomorrow and vanish into thin air. Ideally you want an assortment, not all “Ebay Power Sellers looking for investment funds to grow their business”.

Are they trading in fiat currency or crypto-currency (e.g. Bitcoin). Crypto-currency means you can trade internationally but you’ll need extra security to secure your digital funds (e.g. a cold store digital wallet) and there will be an extra delay in lodging funds to purchase notes.

In the next installment, we’ll look at some ways to maximize your returns and reduce the risks:

An affordable investment – 3

Creating personal wealth through Local P2P Investment
After looking at a few options for P2P investment, I chose Harmoney. I can make money from home and on line, using the Internet. By depositing small amounts I can afford, on an intermittent basis, I can build up a substantial investment I could not afford otherwise.

This is not a sales pitch for Harmoney or P2P lending and I’m no investment adviser nor registered finance consultant. I will not receive any rewards from anyone for writing and publishing this information. I just found something that’s working well for me, that could do likewise for you too and unlike investment advisers, who charge a fat fee and get commissions, I personally have invested in Harmoney – you could say, I have put my money where my mouth is.

The interest rates with Harmoney P2P loans range from 9.99% to over 39%. The risks rise accordingly in relation to the interest rate. The higher the rate, the higher their assessment of the risk of default but there are some ways to reduce the effects a default would have on your total portfolio:

Screenshot of Harnoney's Lender's page
A screenshot of some Harmoney loans on offer, showing the risk rating and the interest rates.

Only buy one note in each loan. If you want to buy 5 notes, buy one note in 5 different loans, as opposed to 5 notes in a single loan. The chances of a default wiping out your investment are reduced through diversification. If one person defaults you will only lose $25, not $125. At 20% interest rate, you can lose one in 5 loans and still break even (actually due to the compounding effect, this is possible with just 2 loans at a high interest rate). It’s now January, 10 months since I started investing in Harmony. I have 74 notes and only two have defaulted. Even then, they didn’t default on day one, so I still got some money back. I didn’t lose the whole $25 outlaid for each loan. The proceeds from all the other loans will still yield me a return of 23% on my investment portfolio and that’s with those defaulted loans factored into the calculations.

Your greatest risk is at the very beginning when you have the least number of notes to diversify with. One default when you only have one or two notes, is devastating. One default when you have 50 notes is not a tragedy.

Accept the fact that there will be some defaults and they can occur in any assessment score category. Just because the person is scored A1, doesn’t mean the loan is bullet proof either. It does mean that statistically there is less risk of a default than an F5 loan.

To reduce the risks, invest in many notes right across the risk range. Reign in the greed impulse to invest only in the high interest notes. It’s easy to see the A1 notes at 9.99% as low returns, compared to those at 39.99% but even at 9.99% you are investing at a rate far higher than any bank will offer you and you are able to invest small amounts. Try that with a bank!

I started with 10 notes in March this year. They were spread across each score category. To date none of them have defaulted, all have been making payments on time. Today (December 2016), I have 49 notes, one has been fully repaid, four are late with one payment and none have defaulted (so far!). Even if all four default the total return after tax, on my Harmoney protfolio will be 16.47%. Try getting that from any institution and in only $25 investment increments!

In the next installment we’ll look at some strategies to maximize your return, supplement your portfolio and reduce your risks as you create a P2P investment portfolio.

An affordable investment – 2

The risks – International P2P lending

I also looked at some International P2P finance organisations. The one that appealed most to me was Bitbond, run from Germany. It transacts in Bitcoin and doesn’t require a huge investment startup deposit, however the part I was wary of, was the Bitcoin itself. The value of Bitcoin is extremely volatile, especially lately with hackers stealing from exchanges. Also they favored European accounts, making it a bit messy for anyone starting up outside the European community. Lately, thinking about security (as opposed to being user friendly) they asked for video identification as an extra security measure. That sounded fine at first, until I discovered they wanted me to hold up my passport to my face, in the video. Imagine if their security was preached, what would that be worth to an identity thief?

My investigations uncovered some complaints about unusually high losses resulting from loan defaults with Bitbond. It seemed they did very little to follow up defaults. Their last resort was to give you the details and let you pursue yourself. Oh yeah – I’m going to chase an eBay seller in Paraguay?
At that default rate, it wouldn’t be long before they gained a reputation as a soft target and all their customers were Nigerians. (They have since partnered with a credit collection organisation and significantly reduced their default problem.)

While they gave me assurances that their system was secure, the customer I.D. number didn’t work in their software either. As a programmer for over 30 years, if you can’t get your software to work in one area, you can’t assure people your security will work in another. It’s a whole package that either works or not. Much in all as I liked the international aspect of Bitbond, I have serious doubts about supplying such sensitive personal information to any organisation with software issues. While I have researched their methods, I have not opened an account and tested them and would have strong reservations about advising anyone else to do so. Bitcoin transactions attract hackers like bees to honey so you can’t be over cautious, in my view.

The risk with any form of lending, is the person could default and not repay the loan. Harmoney use the same credit collection practices as any other lender, so the risk is no higher than if you loaned the money through a solicitor, in my view, with one huge exception: if the Harmoney customer person defaults I’d lose $25. If the solicitor customer defaults, I’d lose at least $2,000.

To summarise, International P2P lending has more risks than local P2P lending because:

  1. It uses cyber currency, requiring extra security for your currency.
  2. It is usually based in Europe or the USA and has problems, or at least extra steps to deal with a nion European or non U.S. bank.
  3. Collection problems – it’s difficult and very costly to collect debts from hundreds of different countries.
  4. Because you are dealing in a foreign currency,transaction fees can eat heavily into your returns.
  5. Higher defaults because the borrower is not local and difficult to recover funds from.
  6. Higher debt recovery costs because they are operating overseas through agents with extra exchange rates and fees between you and the borrower.

While there’s a certain romance in becoming an International Investor, come back to earth – there’s also a lot of added costs. Unless you are looking to invest a large sum, I would not suggest International P2P lending with any organisation. There’s better opportunities closer to home.

Next installment we’ll look at one.

An affordable investment

I came across an article for peer to peer lending, purely by accident and decided to do a bit more research. I found several sites that managed P2P Funding. Most wanted over $1,000 to start but to my surprise I found one here, right on my doorstep in little ol’ New Zealand that ticked all my boxes.

I suppose, like me, when someone says the word “High Yield Investment”, you immediately imagine you’re about to see some great idea that you can’t afford, probably run from Queensland. An idea that will need a thousand (or usually many thousands) of dollars to start off and as a result makes the rich, richer. When they start talking returns on your investment, with percentiles well into the double digits after tax, when the banks can’t offer you 5%, well you start to think it’s a fairy story.

When I discovered this P2P lending investment back in March 2016, that even I could afford, I decided I’d test it. I have to say at the time, it sounded too good to be true but I couldn’t see any reason it wouldn’t work. Writing consumer articles, I set out to research this apparent scam from the inside, by investing $25.00 in it.

I had a few questions so I rang their help line and spoke to a human (with no Indian or Filipino accent) who in addition to answering all my questions, went to great lengths to explain the risks, explaining that having only one note invested, did mean a single default could wipe out my entire investment portfolio. If on the other hand I had ten notes, one going bad would be more than offset by the returns on the other nine. Expecting a sales pitch to come, I was disappointed when he simply said that his advice was to get a few more notes ($25 investments) happening as soon as I could afford them. By the end of March I had invested another nine lots of $25.00. After all, to be fair in my review, I needed to give them a fair go right?.

Just for the record, I’m not a financial consultant or involved in the financial industry in any way. I am not in any affiliate program or any other arrangement to receive a commission or any form of reward for the information that follows. If you copy what I did, I will receive no benefit at all.

I have some shares in a “blue chip” company that has done better than a lot of other “blue chip” companies but they are currently yielding only 3% ROI (given the performance of the ASX that’s not doing too bad). You don’t hear stories of fortunes made on the stock market any more, do you?

If I was going to retire on anything except abject poverty (because my superannuation was used up when I was retrenched) I had to work some kind of investment magic. High interest bank savings accounts were so bad that even the banks didn’t call them that any more! Experience had taught me that unless you had thousands to invest, the only people who come out better off are the investment advisers.

Like 99% of people out there, I needed to find some investment with a high interest rate, that didn’t require a lump sum to start off and would accept small deposits. As a contractor, my wage was up and down like a yoyo, so I couldn’t rely on making regular deposits. That ruled out any investment in a trust fund and the ones I knew were yielding much lower returns than this promised.
It sounded too good to be true.
You be the judge:

1. A high interest return (starting at 19.99% and going upwards beyond 30%)

2. Did not require a lump sum to start up.

3. Could be fed with small deposits (a minimum of $25.00) on a drip feed basis.

4. Did not lock me in to regular payments. It would accept intermittent payments.

Realistically when it comes to any form of investment the risks are proportional to the returns. If you want high returns from a high interest rate, you have to be prepared to take a high risk. However, given what else was out there, I didn’t think the risks were that high. Spreading many tiny investments over many different contracts was a good way to reduce the risk of failure.

The organisation I discovered is Harmoney (there could be others too but I stopped looking) and here’s how they work:

  • Someone wants to borrow money, so they approach Harmoney for a loan.
  • Harmoney vets them the same way a bank does and gives them a score from A1 (lowest credit risk) to F5 for the highest chance of defaulting during the life of the contract. This determines the interest rate they will pay on the loan.
  • They then divide the loan amount into lots of $25, called “notes”. So a $5,000 loan will become 200 notes and publish the borrower’s details, enough to give you some idea, without disclosing the borrower’s identity, like age, location, marital status, owning or renting, years at their current address, monthly income, purpose of the loan, monthly repayments and of course their credit risk score and interest rate.
  • You as lender, can buy a note in that loan and when 200 notes have been bought, the loan becomes official.

Because they are not a bank with a huge administration with a parasitic management, shareholders, overpaid board members and hundreds of branches, nearly all of the interest is returned back to you.

Once you have opened an account and they have verified who you are, you can start with just one note at $25.00 if you want. They only lend for 3 or 5 years so your money is not tied up too long.
This is no get rich quick scheme and there are risks and in the next installment we’ll look at those risks.

12. Cryptocurrency – Taxation

At the moment Bitcoin may not be on the Tax Office’s radar in your country. Don’t bank on it remaining that way too long. Bitcoin is still experimental and new improvements are happening all the time.

As it increases it’s user base, it’s only a matter of time before all Tax Offices have legislation to enforce taxes of Bitcoin transactions. Remember all transactions are recorded and displayed openly, right back to day one. That could create a hefty tax bill further down the track. I’d think about paying the correct taxes today.

A handy trick for any business is to extract an amount to be withheld for taxes but take 20% of it and invest it in p2p funding finance. By the time the tax is due, half of the funds will be paid back and if the business cannor meet the other 10%, a payment scheme arranged with the Tax office will at worst cost half the persentage return you’ll earn on the crowd funding finance. We’ll be looking more into p2p funding after the crypto-currency topic.

The last time I searched the news, the major Australian banks were looking at adopting Blockchain security and the Commonwealth Bank was reviewing trading in Bitcoin. In Europe, several big banks are currently setting up for Bitcoin trading. It’s important to remember cybercurrencies effective shut the banks out, so the fact that banks are no longer refusing to acknowledge it, means it’s only a matter of time before it is accepted. Once a few major banks accept cybercurrency trading, it will open a floodgate of competition. Even if they try to invent their own altcurrency, it will still have to be compatible with Bitcoin, which is already well established.

Just a question that might be worth looking into; what would happen if you convert crypto-currency into a high value currency (e.g. Sterling or US dollars) then bring it back home to Australia or New Zealand when the exchange rates are favorable? The increase could offset some of the tax, if the transfer fees are not too high.

Update – New research.

Firstly an apology:
The posts here have been erratic, with long delays between. Sorry folks but I have been flat out investigating an online income stream, which involved one month of course study (it was supposed to take 3 months) and another two months of testing, which is due to expire at the end of December. We are about three quarters of the way through testing (and $5,000USD out of pocket – Ouch!) so far. When this goes to press, I think there might be some ruffled feathers out there.

This will throw some light on some of those ‘fast track to becoming a millionaire’ ads you see peppered all over the Internet.

Meanwhile below is the latest instalment of our crypto-currency investigation…

Thanks for your patience.

 

11. Cryptocurrency – Privacy

Because all Bitcoins transactions are visible, one of the ways it is proofed against fraud and manipulation, you need to take some effort to protect your privacy with Bitcoin. Because all transactions are stored publicly on the network, they show the cyber address, generated by your wallet and the balance of your Bitcoin account. The cyber address does not give away your real address until the purchase take place and even then, only to the other party in the transaction, not to anyone else on line. However anyone obtaining this address can see all the transaction related to that address. For this reason you should only use a Bitcoin address only once.

To protect your privacy, you should use a new Bitcoin address each time you receive a new payment. Additionally, you can use multiple wallets for different purposes. Doing so allows you to isolate each of your transactions in such a way that it is not possible to associate them all together. People who send you money cannot see what other Bitcoin addresses you own and what you do with them. This is probably the most important advice you should keep in mind.

Publishing a Bitcoin address on any public space such as a website or social network is not a good idea when it comes to privacy. If you choose to do so, always remember that if you move any funds with this address to one of your other addresses, they too will be publicly tainted by the history of your public address. Additionally, you might also want to be careful not to publish information about your transactions and purchases that could allow someone to identify your Bitcoin addresses.

Because Bitcoin operates on a peer to peer network, you IP address can be read with any transaction. There are ways to trace an IP address back to a physical address, so it’s a good idea to conceal your IP address with a program like Tor ( http://www.torproject.org ).

Another method of concealing your identity is using a mixing service. This is a deceptive and misleading method that is considered as akin to tax evasion in some countries. Also the mixing organisation has all your information, so you need to trust them and hope they have sufficient cyber security in force.