Most Common Phishing Scams

Phishing scams are where the scammer tries to get your confidential information by subterfuge of some kind.

e.g. you get an email saying you have won the lottery and just need to fill in your details to claim the money or you have an overdue tax payment to make immediately and you have to login to make the payment (on a fake website) or …..

The most common categories of phishing in 2021 were :

Spear Phishing

This is where phishing is targeted at specific individuals or companies.

Perhaps an email arrives, claiming to be from a trustworthy source and the sender knows your full name, job title and department for example. The scammer has done their homework to get this information about you to give the scam a higher chance of success.

A link in the message takes you to a bogus website made to look like the expected website. The fake website looks legitimate but only exists to take the users confidential information and pass it to the scammer.

Whaling

This is where scammers target a “big fish” like a business executive or celebrity. These scammers often conduct considerable research into their targets to find an opportune moment to steal login credentials or other sensitive information. If you have a lot to lose, whaling attackers have a lot to gain.

Vishing

One scam on the rise is ‘vishing‘, or voice phishing. Con artists phone people and pretend to be bank staff or the Police or some other authority figure and have a story that lets them try to get the subject’s personal details, credit card details, bank account password etc. depending on the specific scam.

For the bank account scam, they typically warn of fraudulent activity on your account. They then persuade you to move your account to a safe place (which happens to be an account owned by the scammer) and they convince you to give them the details necessary for the transfer or convince you to move the money yourself.

Stay safe.

If you have any experiences with these scams do let me know, by email.

October 17, 2022

The OneDrive Scam

Microsoft OneDrive is file storage in the Microsoft cloud i.e. on the Internet.

It is included when you buy various Microsoft products and is available free on a smaller scale on any Microsoft Windows PC.

Scammers know that a huge number of people use OneDrive so they target them with emails that look like they may be from Microsoft warning you about new files on your OneDrive or files about to expire or files waiting to be authorised etc.

One latest such scam email is from no-reply @onedrive.com which is a genuine Microsoft domain name but the scammer faked that address.

The message tells you that 2 files have been sent to you via OneDrive – an invoice and a remittance advice and that they will both expire the following day.

It is perfectly possible to send files to someone using OneDrive and email, but you would add a message to explain why you are sending something – wouldn’t you?

So when a message states that OneDrive files are attached and there is no explanation, doesn’t say who they are from and the file names are meaningless then it’s just a scam.

Do not click any links. Just delete the message

If you have any experiences with these scams do let me know, by email.

October 16, 2022

Stupidest Scam of the Week LinkedIn Magic

A detailed email supposedly from Prabhip tells us all about how we can sell even more real estate at higher profit margins using his techniques.

This is from an email to the radio station and selling real estate is not our business.

But he seems convinced we sell real estate on LinkedIn and also coach people on how to do it and that we make a lot of money doing so, but of course he can help us to make even more money.

He claims to have seen our sales pitch on LinkedIn and read all about our coaching business.

This is just weird.

We’re a local radio station so all of this is just from some scammer’s imagination.

The email is to an Abigail at the station, but there is no such person.

Is it really just random rubbish or has someone slod this moron information that they had simply made up?

Who knows.

If you have any experiences with these scams do let me know, by email.

October 15, 2022

Time-Wasters Update

Amayah Vinson wants to sell to me the details for the 18,000 people who signed up to attend the UK Games Expo. This is obviously fake as those people didn’t sign up for their email addresses etc. to be sold to random people.

Mr Chen Chung works in Hong Kong and has $18,991,691 that he needs to move from a bank there to any other country and is willing to cut me in if I help him. His email address is testtest@… and that’s not a good sign and he wants me to reply to a different personal email address – also a bad sign. Plus he doesn’t know my name. Could anyone believe that a person who doesn’t even know your name wants to trust you with their millions of dollars? There is no money and no-one named Chen Chung, just a 419 scam to catch greedy stupid people.

There are numerous businesses that buy and sell lists of email addresses, physical addresses etc. and some go out of business. One trick used by scammers is pretending to be such a business shutting down and hence ‘giving away’ its lists at usually 90% or 95% or 99% discount. These are lies of course – they are after your financial information so they can add you to their spammers list for sale and to identity thieves. If you get one of these massive discount offers – don’t think yourself to be lucky – more the opposite as the scammers are targeting you.

An email arrives from 787266602911-erp092932120-poqwa232233222 @… Is anyone going to believe that is not from a scammer? It claims there have been abnormal activities on my email account so they have blocked it and I have to click the link to release the block. Pathetic drivel from a pathetic scammer.

A message tells me that the version of NHS jobs I have been using will close shortly and I need to register on the new website for NHS jobs. No – never heard of NHS jobs website and certainly not looking to work in the NHS. No thanks even if it was true, which it isn’t.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

October 14, 2022

What is Hacktivism ?

Hacktivism (a portmanteau of hack and activism) is the subversive use of computers and computer networks to promote a political agenda or a social change. Its ends are often related to the free speech, human rights and freedom of information movements.

Some people believe hacktivism is a growing force and will become more active and take on bigger challenges. But, others believe it is a spent force and will die away slowly over the coming years.

Mr. Robot

“Mr. Robot” is a TV series that tells the story of hacker Elliot Alderson and his role in an anarchist collective called “fsociety,” whose followers wear masks that resemble “Rich Uncle Pennybags” from the Monopoly board game.

The series was inspired by a notorious computer hacker named H who has gone from trying to bring down the authorities — to working for them.

As a key member of the hacking group known as Anonymous and a founder of its elite “LulzSec” unit, Hector Monsegur helped launch cyber attacks on government and corporate targets including the US Senate, the FBI and major credit-card companies.

But when he was arrested in 2011, Monsegur — known online as “Sabu” — began secretly cooperating with an investigation that led to a wave of arrests across the US, Great Britain and Ireland.

Today, Anonymous still goes by the motto it unveiled in 2009: “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”

Hector Monsegur

But Monsegur, 35, says society has little to fear from the online anarchists in Guy Fawkes masks as “Anonymous is irrelevant. “All it is now is a figment of hipsters’ imagination.”

Monsegur pleaded guilty to seven felonies as part of his deal with prosecutors and spent nearly eight months in Lower Manhattan’s infamous Metropolitan Correctional Center before being sentenced to time served in 2014.

The following year, Monsegur, landed a job working remotely as a “white-hat hacker” for Seattle-based Rhino Security Labs, helping companies identify vulnerabilities in their computer systems.

He admits that in comparison to what he used to do before, it’s not the same kind of thrill.

The article at http://www.fightbackonline.org/index.php/guidance/12-explanations/108-is-hacktivism-a-force-for-good has more information on Hacktivism.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

October 12, 2022

The Most Common Spam Messages

Brooklands Radio gets several hundred spam and scam messages per week and below are the most common in one month:

People selling drones. Scammers seem to love claiming to sell these. Most have no products – they just take your money.
People selling electric scooters and electric bikes – some are genuine sellers looking for gullible clients who wont realise they can buy the same products much more cheaply elsewhere.
The ‘Married Women – have an Affair’ scam which is actually targeted at men.
Dating sites – also targeted at men.
Website builders, SEO offerings, social media management etc. – It seems that half the population of India want to offer website based services online such as website design, SEO services, social media management etc. Probably many are genuine idiots thinking they can get rich from these schemes and likely have little idea of what they are doing. The rest are scammers who believe they can con people confused by technology.
Music submissions. It makes sense for aspiring artists and publicity companies to send demos to radio stations. But like most local radio stations, Brooklands Radio is only interested in budding artists who are local – rather than on the other side of the planet as so many seem to be.
Phishing emails – trying to get your private information or login/password
Malware messages – an attachment of some kind that is loaded with malware if the recipient is dumb enough to open it
Pathetic stories of magic answers to diabetes or massive weight loss with no effort etc. – the scammers aim is just to get you to click a link to watch a video and they are paid for each of those clicks.
Shed building. For some reason there are still lots of these emails offering free plans for building sheds. Who cares?

If you have any experiences with these scams do let me know, by email.