Tag: phishing

November 3, 2018

Time-Wasters Update

An email from Western Union tells me they have a money transfer waiting for me and I just need to tell them my full name, contact address, telephone number, country, passport number etc. to receive that money. This is a standard phishing scam – just after my personal details which can be sold to other scammers. The message is from Mr. Goodluck James. The only good luck is for the scammers if anyone replies.

Travis Stork claims that his wife lost over 50 pounds and she credits it to one fat flushing food exactly one hour before bed. You can lose 14 pounds in 10 days just by adding this to your diet – one hour before bedtime. No. The only thing you would accomplish is furnishing this scammer with your money. Magic diets with no effort NEVER work, especially ones where you can apparently eat anything else you want.

Another message from Yahoo saying my account will be closed if I do not verify my account immediately. Just the usual phishing message – in this case from lateliertana @yahoo.fr which is a Yahoo France personal email address, not from Yahoo itself.

Steve warns that we should never exercise more than 90 minutes per week. That would make life difficult for marathon runners, tennis players and a lot more people but then Steve is presumably a moron for sending out such drivel.

An email that shows lots of other people’s email addresses that have also received the message and only contains a link but no attempt to describe what it is for. The email is from stitchedup22 so at least this scammer has a sense of humour.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

September 29, 2018

Time-Wasters Update

Natalie White kindly sent me our expected BACS documents to review. But lloydsbankbacs .com is not really Lloyds bank and we don’t have an account with Lloyds in any case. Just a sad scam.

A “quick reminder” from an unnamed person that I may be eligible for $6095 grant money for my schooling. There’s a link to click to see if I am eligible. It’s a phishing scam of course – the scammer wants personal details to sell to other scammers. This scammer is so dumb she forgot to replace {senders name} at the bottom of the email with a suitable sounding name.

The email claims I can lose 50 pounds by mid October so that means 50 pounds in 23 days or more than 2 pounds per day. Wow. That would be amazing but is obviously unrealistic as only starvation can lead to such rapid weight loss. I guess it’s the ultimate cheap diet – eat NOTHING.

Another free energy scam email. This one is from powergenerator @saucellec.us and the title says it all “56 y.o Geography teacher humiliates power companies”. The emails claims it can show how everyone can power their lightbulbs at zero cost. Just a typical pathetic scam.

Thomas Eastwood (email address roland @ieatvienna.at) wants to know if any of my relatives were born in 1951 as he wants me to be a next of kin legitimately appointed by him. He just needs my name and phone number to progress this. So, his email address doesn’t match his name, the domain name ieatvienna is obviously not real, he doesn’t know my name yet wants me to be somebody’s next of kin and he assumes I will infer there is money involved in this. The only money is what he hopes to scam from me – so he won’t be getting any.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

August 29, 2018

Phishing Message Targets

What are the targets for phishing messages?

Phishing is where scammers send messages by email, text or phone pretending to be from someone you are likely to trust e.g. your bank, British Gas, Microsoft, your Internet provider, local government HMRC etc.

Basically, they do this in order to get information from you – personal information that can be sold to scammers, spammers and identity thieves. That includes email addresses, phone number, payment card details, bank account details, date of birth etc.,

Proofpoint’s 2017 Human Factor Report, shows that a quarter of all phishing scams target Apple IDs (i.e. login and password)

TARGET	Percentage of Phishing Messages
Apple	25%
Microsoft	17%
Google Drive	12.9%
USAA	12.4%
Paypal	10.6%
Adobe	5.8%
Dropbox	4.8%
Blackboard	4.7%
LinkedIn	4.5%
CapitalOne	2.2%

According to the survey, Scammers seem to have the most success when phishing with Dropbox as that gets far more clicks (13%) than say phishing for Apple (1%)

The fact that fake invoices are used in 26% of phishing scams is not surprising as it is the most popular phishing technique aimed at businesses.

The next most common approaches are:- malware infected file attachments, mail delivery failure messages, fake orders and fake payments.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

May 14, 2018

The Account Approved Phishing Scam

You receive an email from Customer Service that says “Your Account Has Been Approved”.

Sounds good.

Hang on a minute – an account at which business?

The email doesn’t specify – there is no business name.

There is loads of stuff about IDs and passwords and congratulations etc. and the link they want you to click seems to be to www.account-uk.ga/UK/account

The suffix .ga means the website is registered in Gabon, West Africa.

The lack of a business name and the registration in West Africa point to the email being a scam. Plus the simple fact that I haven’t applied for any new accounts and hence cannot have been approved for an account I actually want, makes this abundantly clear.

The temptation with these emails is to click to find out what the account is – but don’t be tempted – it’s just a simple phishing scam whereby the website link takes you to a page that asks for more personal information. Plus, clicking the link will mark you as a gullible person suitable to be targeted for future scams.

These emails often name a well-known bank or other financial organization, large retailer, APPLE, Microsoft etc.

All scams.

Do not click the link.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

November 7, 2016

The Government Gateway Phishing Scam

The Government Gateway is a service that gives you access to online government.

You have to register on Gateway to create an account then you have access to a range of online services including State Pension Online, Driver Licensing Online, Gambling Tax Online and hundreds more. This is to avoid people having to register for each of the government services separately and having numerous logins and passwords.

This phishing scam is not designed to find out your current Gateway login and password but to get you to create one at the scammers website while believing it to the Gateway website. This will give the scammer your confidential information which can be sold but also provides answers to the questions that Gateway asks a new person registering, hence the scammer can create a Gateway login in your name and access those government services and claim money etc. This could really damage someone’s life.

The email has an enticement to make you register – it claims to be from HMRC and that you are owed a tax refund of £424.26 and you just need to register to claim it.

The bottom half of the email is text copied from the HMRC website intended to make the email look authentic.

As usual, the message to take from this is DO NOT CLICK ON LINKS IN EMAILS and always think before inputting any confidential information.

If you want to register on Government Gateway then find the official website at www.gateway.gov.uk and register there.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

September 14, 2016

How to Spot a Phishing Email

Phishing is where you receive an email that appears to be from a trusted organisation but is designed to get your personal information such as login and password or credit card details.

Anti-virus software can protect you from some of these emails but many get through that protection.

Never put your personal Information in an email!

No reputable company will ask for personal details such as passwords, credit card details, mother’s maiden name etc. by email. So, if you do get such a request – refuse.

Phishing Emails will usually have some or all of the following indications.

Typing and Grammatical Errors

Many scam emails are translated from another language and that often leaves a tell-tale of poor grammar and odd use of words. Anything with typing errors shows lack of professionalism and is unlikely to be found in an email from a reputable company. Also, some scammers deliberately put grammatical errors in messages to reduce the number of return messages they get.

An attachment

Never click to open an attachment unless you are sure it is safe.

Attached files can contain viruses and other malicious code that can damage your computer, steal confidential information or hold you to ransom. If the company is one that you already deal with then contact that company to check the email and attachment are safe.

Links

A link may look as if it is safe but if you hover the cursor over the link then it may display a different value and not what you expect. If this is different to the text, then clearly something is wrong and potentially unsafe.

Don’t Fall For Stories

If an email appears to be from a family member or friend in trouble don’t reply immediately – check the truth of the story first by other means.

The “From” entry

This is just text so the sender can make it show anything they want. To check the email sender – hover the cursor over the name and it should show the real senders email address. Even if this matches it does not absolutely prove that the email came from that address .

The “To” entry

If the email is from a reputable company that you already deal with then it should show your correct name. If it shows nothing or ‘To recipients’ or an unknown name then the email is almost certainly a spam message sent out to large numbers of people. Beware.

STAY SAFE