Stupidest Spam of the Week John Lewis

The John Lewis stores are very well known across the UK with more than 40 department stores and hundreds of Waitrose supermarkets.

So, an email from someone claiming to work for John Lewis and asking us to provide our products to the stores group is surprising, but obviously a scam.

The grammar is reasonable but a little odd e.g. “Indeed we are interested in your products, we would like to know if you can provide them”.

The message sender claims to be a “Senior Executive Purchase” at John Lewis but his email address is a Gmail account.

The scammer has created a fake email address at johnlewispartnerships.com, but that is not John Lewis at all.

Just a dumb scammer with a simple lying message, looking for gullible people to reply.

If you are in business and are unsure whether such an email offering to do business with you is fake or real – lookup the real contact details for the business and contact them directly, but never reply to unsolicited emails or text messages.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

January 23, 2021

Time-Wasters Update

The latest 419 scam is titled “Inheritance Discuss” and is from goonhooh65. He claims to be Mr Wilson Victor and the boss of a bank in Abidjan and his problem is that he has to transfer $160 million to an overseas account and needs your help. Of course, you will receive a big share of the money for helping. The message starts with ‘II wish to inform you that this letter is not a hoax mail’ but the only people who need to use such language are scammers. The end of the message is the funniest part as it is fake Latin ‘Lorem ipsum dolor sit amet’ etc. Many people will recognise this as the text used in computer software to indicate some text should replace it. This scammer forgot to read his own rubbish before sending it out.

Brendan Wardill offers a list of web sites where you can advertise without charge and get huge volumes of traffic to your site. Obviously lies. There are websites where you can advertise without charge but they make use of your website links, insist on reciprocal links and don’t give your site any worthwhile traffic – only robot generated fake usage. The only links that are worthwhile are from websites relevant to your website’s content.

Notify @ringscentral.com tells me there is a new audio note from a contact in my address book and I just have to click the link to listen to the message. Never heard of ringscentral.com so is bond to be a con, plus they obviously don’t have access to my contact list, or the name of the sender would be showing. A simple scam. Never click on links in unsolicited emails.

An email in German but also translated into English – seems to be a mark of a lazy scammer who cannot be bothered targeting her scam emails by country. This one claims to be from Lerynn West who has a donation of 1.93 million Euros for me as she won 349.3 million Euros on the Powerball lottery. A straightforward 419 scam offering a fortune, but I would have to make a series of small payments to get it and of course the millions only exist in the mind of the scammer. This scammer is so dumb that she sent this email and one a few minutes later with almost identical words and figures but supposedly from a different name.

Some scammers take a minimalist approach. An email from wyanhtun says “Dear Sir, Please see attached document and action Thanks.” It has an Excel file attached but opening that would be a very bad idea as all Office documents can contain macros i.e. computer code.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

January 22, 2021

Legal Path to Recover Stolen Money

This is a series of steps for attempting to recover money stolen by fraudsters.

It has been created by Barrister Gideon Roseman following his skirmish with fraudsters. You can read about that at

https://fightback.ninja/amateur-detective-recovers-stolen-money/

Immediately phone your bank and ask to speak with the fraud team

Explain what has happened and demand they immediately contact the fraudster’s bank, i.e. the bank you transferred your money to.

Immediately contact a solicitor or barrister who can accept instructions directly from members of the public (or alternatively you can attempt to do this yourself). Ask them to immediately make an application to freeze the fraudster’s bank account and any other bank account that the fraudster has with their bank. The application should include a request for an order that the fraudster’s bank provides the following information:

all contact details (mobile phone, home phone, email address, residential address etc.) for all signatories to the fraudster’s bank account and any other bank account held in the fraudster’s name or any other signatory to this bank account that is held at the bank
all bank statements for the fraudster’s bank account and any other bank account to which the fraudster or any other signatory has with the bank in question for a period of 6 months; and
the current balance of all bank accounts with the bank that is in the fraudster’s or any other signatory’s name.

Once you get hold of the court order, this will need to be immediately emailed to the fraudster’s banks’ ‘court orders’ team who can process it. You can ask your bank for this email address.
As soon as you receive the information from the fraudster’s bank, consider the following points:

(i) has your money been transferred or paid to any recognisable company you can contact, such as a known retailer

(ii) if you can identify a company that has received your money, you can then contact this company, explain what has happened and request they either cancel the transaction made by the fraudster or request them to hold onto the money they have received and

(iii) has the money been transferred to other bank accounts.

If your money has been transferred out of the fraudster’s bank account and into another bank account, you have the option of returning to court and making an application for the information set out above and repeating the process set out above.
When you have received the fraudster’s bank account statements, try to work out the dates and times of the transfers out of their accounts. Your bank will be under a duty to contact the fraudster’s bankers, who will then freeze the fraudster’s account.

If your bank has failed to act within a reasonable period of time after you have notified them of the fraud, which has enabled the fraudster to transfer your money without a trace, it is likely that your bank will have breached their duty and will have to compensate you.

Good luck.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

January 21, 2021

Email Auto Forward

The FBI has warned businesses of the threat posed by cybercriminals who create auto-forwarding rules on their victims’ web-based email services, in an attempt to make them more susceptible to Business Email Compromise.

Business Email Compromise is an American name for fraud where hackers send an email message that appears to come from a known source making a legitimate request but ends up with the recipient being defrauded.

e.g. the hackers manage to get the email address and details for a solicitor conducting a house sale and email their customers asking for payment to be made to a new bank account (controlled by the criminals).

Or a hacker spoofs the email address of the company CEO to instruct a ledger clerk to transfer some company money to a new bank account.

Email Auto Forward Rules

With many email systems you can create rules that automatically move emails to folders or mark emails or delete messages from specified senders or auto forward emails containing specified keywords then delete them, for example.

The criminals use a variety of methods to get access to email systems, the most common being the sending of phishing messages to get the victims to enter their email credentials into a fake website page believing it is something to their benefit e.g. a free prize draw.

With access to the email, they setup rules that, for example, will auto forward any incoming message with the keywords ‘bank’, account’, ‘payment’ or ‘money’ then delete the messages.

The hackers hope this will give them emails containing enough information to be able to create matching fake emails and send those to the relevant companies asking for money to be transferred or to change the bank details for a payment due etc.

The hackers continue this until someone realises their payments are going astray.

If you have any experiences with these scams do let me know, by email.

January 20, 2021

Man United Ransomware Attack

Manchester United football club experienced a ransomware attack in late 2020. They were held to ransom for millions of pounds by cyberhackers who targeted the club’s computer systems and demanded payment to stop them from releasing sensitive data.

It is a difficult decision for any business – pay up or risk seeing highly sensitive information being wiped out or leaked into the public domain.

The club were clear from the start that the attack was very serious but it did not impact on their schedule of matches.

United brought in a team of technical experts to contain the attack and they informed the Police and the National Cyber Security Centre (NCSC).

The NCSC revealed that in 2019 an English Football league club was hit with a £5m ransomware demand. They were unable to access their CCTV or use entry turnstiles, but its’s not believed that they paid anything.

It took weeks of effort to get things back to normal following the attack and United could face fines of up to £18 million or two per cent of their total annual worldwide turnover from the Information Commissioner’s Office if the attack is found to have breached their fans’ data protection.

The NCSC has previously warned that there is a growing threat to sports clubs.

It took roughly 2 weeks for United IT staff and outside experts to regain control of the situation. It is believed they did not pay the attackers.

The episode was embarrassing for United and they are still under investigation by the Information Commissioner’s Office.

If you have any experiences with these scams do let me know, by email.

January 18, 2021

European Health Insurance Card Scam

UK travellers visiting the EU are used to getting the European Health Insurance Card (EHIC) for free which covers health costs while in the EU to the same standard as if back in the UK.

As of first January 2021 that changed as the UK is no longer in the EU so why should UK citizens get free medical treatment?

If you already have an EHIC card then it remains valid until it’s deadline.

For pensioners and a few other cases, new medical insurance will remain free for travel to the European Union, but for the majority it is finished and we will have to pay for travel medical insurance in the E.U. as we already do for the rest of the world.

Scammers are starting to offer free EHIC – just click the link in the emails and fill in your details to get the free cover.

But the messages are fake and the websites are fake – just a means to get your personal information that can then be sold to other scammers.

You can check at https://www.nhs.uk/using-the-nhs/healthcare-abroad/apply-for-a-free-ehic-european-health-insurance-card/ if you want to see if you are eligible for a free EHIC card but don’t expect it be Yes unless you are a pensioner.

If you have any experiences with these scams do let me know, by email.