Author: comptroller

The Most Common Spam Messages

Brooklands Radio gets several hundred spam and scam messages per week and below are the most common in one month:

  1. People selling drones. Scammers seem to love claiming to sell these. Most have no products – they just take your money.
  2. People selling electric scooters and electric bikes – some are genuine sellers looking for gullible clients who wont realise they can buy the same products much more cheaply elsewhere.
  3. The ‘Married Women – have an Affair’ scam which is actually targeted at men.
  4. Dating sites – also targeted at men.
  5. Website builders, SEO offerings, social media management etc. – It seems that half the population of India want to offer website based services online such as website design, SEO services, social media management etc. Probably many are genuine idiots thinking they can get rich from these schemes and likely have little idea of what they are doing. The rest are scammers who believe they can con people confused by technology.
  6. Music submissions. It makes sense for aspiring artists and publicity companies to send demos to radio stations. But like most local radio stations, Brooklands Radio is only interested in budding artists who are local – rather than on the other side of the planet as so many seem to be.
  7. Phishing emails – trying to get your private information or login/password
  8. Malware messages – an attachment of some kind that is loaded with malware if the recipient is dumb enough to open it
  9. Pathetic stories of magic answers to diabetes or massive weight loss with no effort etc. – the scammers aim is just to get you to click a link to watch a video and they are paid for each of those clicks.
  10. Shed building. For some reason there are still lots of these emails offering free plans for building sheds. Who cares?

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Michael Page Jobs

Michael Page Recruitment is a well-known large recruitment agency.

Scammers sometimes choose such an agency to impersonate when making fake job offers.

We have received a very impressive feedback concerning you based on your preceding work experience in your current company”.

You can see this is a general statement that could apply to anyone at any time.

The sender has no idea of my name, job situation or anything else so is making general statements such as

“We would like to discuss the available job opening with you”.

No mention of what the job is supposed to be.

Then comes the supposed clincher.

Sadly, in accordance with current data protection (GDPR) as well as Data Protection Act 2018 we are not allowed to share additional details in an unsecure email text.”,

This is not true of course – GDPR is about safeguarding data on customers, suppliers, staff etc. not job offers.

Then the message claims if I click the link to open the attached documents then I will see the prospective employer and financial details.

But the sender’s email address is a give-a-way as it is @convergence.it which is not Michael Page.

All rubbish

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Stupidest Scam of the Week Royal Mail Delivery

Most people have received scam emails and text messages claiming to be from Royal Mail trying to deliver something but failing and needing you to login and pay some small fee or give them your name and address etc.

Some scammers go to great lengths to make the messages look as genuine as possible and some are just lazy and only put a few lines, with no effort to look genuine.

This latest scam is in the middle – some effort but still pathetically obvious as a scam.

The message sender claims to be Royal Mail but is in fact chukyo-bane.co.jp  which is a Japanese domain name.

“Royal Mail has received your item from your City Council” is a strange phrase as Royal Mail will contact you about delivery not about how they received a delivery in the first place.

“Unfortunately, nobody was home to deliver your parcel.”  Makes no sense as the person doing the delivering should be the postal worker not the person at home who would receive the item not deliver it.

The link to click to track the delivery tries to look like an NHS address which is very odd and presumably from a different scam email and it is in fact to cutnbrush.ch which sounds like a barber shop in Switzerland – obviously not Royal Mail.

Ridiculous

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Kitboga Has Fun With Scammers

Kitboga is the Internet alias of an American YouTuber whose content primarily focuses on scam baiting against scams conducted over the phone.

His YouTube channel has over 2 million subscribers.

In mid-2017, Kitboga found out that his grandmother had fallen victim to many scams designed to prey on the elderly, both online and in person. He then discovered “Lenny”, a loop of vague pre-recorded messages that scam baiters play during calls with the aim of convincing the scammer that there is a real person on the phone without providing any useful information to the scammer. After seeing these videos uploaded to YouTube, he decided to have a go himself.

. While he started out streaming for his friends on Twitch, his viewership soon started growing beyond his immediate circles, eventually leading to the growth in popularity he has experienced since starting his channel. Kitboga hopes that by wasting scammers’ time, he can prevent them from scamming others, while also providing a source of entertainment and education to his viewers.[5]

In March 2020, with the growing prevalence of the COVID-19 pandemic, Kitboga started baiting scammers who were selling an essential oil which they dishonestly claimed was a cure for COVID-19, following a warning from the United States Federal Trade Commission to consumers to be alert for coronavirus-related scams.[6]

Technique[edit]

In his Youtube videos, Kitboga engages in scam baiting with several types of scammers.

Typically technical support scammers, refund scammers, tax  scammers, social security scammers, and more.

To misdirect scammers away from his real identity, as well as for viewer entertainment, Kitboga often poses as a number of different characters during his videos, including a grandmother named either Edna, Vera, Matilda, or Bernice  a Russian man named Vicktor Viktoor.

He always plays characters who know little about IT and can be easily cheated by the scammer.

Kitboga plays along with the scammer, misdirecting, apparently making mistakes again and again and so on.

At the end of bait calls, Kitboga sometimes turns off his voice changer and reveals that he has been scambaiting.

Usually that results in a hangup, but some are so dumb and so used to lying that they carry pretending it is real.

You’ll find Kitboga’s videos at https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

The SharePoint Phishing Scam

Security researchers at Microsoft are warning all users of SharePoint about phishing scams imitating SharePoint.

SharePoint is a Microsoft collaboration tool for businesses and it is very popular so there are millions of users for these scammers to target.

The scammers try to steal logins and passwords from business users. It might seem a strange way to get money but the scammers will use those credentials to access company data in the hope of finding sensitive information, bank accounts, payment cards etc.

Even just email accounts and passwords they find  can be sold to other scammers on the dark web.

Some scammers focus on getting access to sensitive information then trying to blackmail the company – pay or your files will be encrypted or deleted.

These scam messages are generally profession looking and have the correct logos etc. Without inspection, they look real and users not familiar with fake SharePoint messages can sometimes be fooled.

The message contains a link that looks like a normal SharePoint link but if you check then you will see it doesn’t go to a SharePoint address but to a standard website address nothing to do with your business.

If you click the link you will be asked for your login and password. This is not SharePoint behaves so don’t give your details.

The messages subject line can be anything from Holiday booking to late meeting to price book to invoice due.

If you receive a SharePoint message and are unsure then check the ender’s email address. If its not the person you expected then delete the message.

If you have any experiences with these scams do let me know, by email.