Category: Phishing

March 27, 2017

DVLA Phishing Scam

The email title is “Failure of Notify Change of Keeper – Final Warning”

Then

Final Warning – Failure of Notify Change of Keeper

As is coherent that you haven’t told the DVLA that you no longer an owner of a means of transportation …..

Then blurb about a decision having been made but it can be overruled if I “contribute information that has not already been made handy to use” and a warning that I can be penalized 1,000 GBP if I don’t tell DVLA

The grammar and wording is quite ridiculous and that is most likely to be deliberate to ensure only the most trusting people reply and provide the personal information the scammers seek.

The link to click is a box labelled TELL DVLA NOW but it goes to com-serve.ru so it’s a Russian website. There seems to be a big scamming industry in Russia these days.

This is just a common phishing scam message.

Don’t be caught out.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

December 19, 2016

Women’s Clothes Special Offer Phishing Scam

Phishing is where the scammer is trying to get your confidential information by pretending to be an organisation that you would normally trust such as your bank, government, utility companies etc.

In this scam, it’s not a trusted organisation – just an instant sale of typically women’s clothes, shoes, accessories etc. The scammer uses anything to get you to click on the link.

The most recent such emails to the radio station have been for Michael Kors handbags at 70% off and for UGG boots at 70% off.

Sometimes these adverts are well crafted and sometimes really basic but they all have the same intention – to get you to click on a link which looks harmless but isn’t. Clicking gets you to a website asking for your details. Then the scammer’s got your information to sell.

Q. How can you tell it’s a phishing email?

That’s not always easy to tell. Fortunately if you have reputable anti-virus software installed it will warn you of the phishing content.

Check the email senders address. If it’s clearly a made-up or inappropriate name such as offshow28.br or metalfinishers.com or adjentcofeesupplies.ru then it’s likely to be a scam email.

Never click on a link unless you are sure it’s safe and always be careful who you give your confidential information to.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

September 14, 2016

How to Spot a Phishing Email

Phishing is where you receive an email that appears to be from a trusted organisation but is designed to get your personal information such as login and password or credit card details.

Anti-virus software can protect you from some of these emails but many get through that protection.

Never put your personal Information in an email!

No reputable company will ask for personal details such as passwords, credit card details, mother’s maiden name etc. by email. So, if you do get such a request – refuse.

Phishing Emails will usually have some or all of the following indications.

Typing and Grammatical Errors

Many scam emails are translated from another language and that often leaves a tell-tale of poor grammar and odd use of words. Anything with typing errors shows lack of professionalism and is unlikely to be found in an email from a reputable company. Also, some scammers deliberately put grammatical errors in messages to reduce the number of return messages they get.

An attachment

Never click to open an attachment unless you are sure it is safe.

Attached files can contain viruses and other malicious code that can damage your computer, steal confidential information or hold you to ransom. If the company is one that you already deal with then contact that company to check the email and attachment are safe.

Links

A link may look as if it is safe but if you hover the cursor over the link then it may display a different value and not what you expect. If this is different to the text, then clearly something is wrong and potentially unsafe.

Don’t Fall For Stories

If an email appears to be from a family member or friend in trouble don’t reply immediately – check the truth of the story first by other means.

The “From” entry

This is just text so the sender can make it show anything they want. To check the email sender – hover the cursor over the name and it should show the real senders email address. Even if this matches it does not absolutely prove that the email came from that address .

The “To” entry

If the email is from a reputable company that you already deal with then it should show your correct name. If it shows nothing or ‘To recipients’ or an unknown name then the email is almost certainly a spam message sent out to large numbers of people. Beware.

STAY SAFE

June 20, 2016

The Tax Refund Scam

We received an email about a pending tax refund.

Usually these come from email addresses that show the email is fake – such as a Gmail or Hotmail account or anything obviously not related to the Inland Revenue.

This email is from [email protected] and the refund amount is in pounds rather than dollars as is often the case.

The email has a button marked ‘click here to start your claim’ – that shows it’s a scam as no government department (or most reputable organisations) would include such a button in an email.

Now revenue.com is the wrong address for the UK tax authorities but it does look meaningful. All UK central government emails have gov.uk on the end

But what is revenue.com?

That’s hard to tell. It seems to be a legitimate article distribution site but there are some warnings on the Internet about it being unsafe to visit.

Never respond to an email requesting personal details or by clicking anything that could be suspicious.

May 2, 2016

The Bank Account Reactivation Scam

The email is titled ‘Reactivate Your Online Banking’ and looks to be from NatWest.

It’s well laid out and looks plausible but it’s a scam.

How do I know it’s a scam – I don’t have an account with NatWest, but even if I did I know that banks never never send out messages with click here to access your account or to login or to reactivate your account. Therefore it’s a scam. Also, although the email address says its from NatWest – the actual email address that sent it is “senderodelamor.com” – i.e. not NatWest bank.

The email explains that to reactivate your account you need your customer number which is made up of your date of birth followed by the four digit number they gave you when you set-up the account. They also tell you to have your online banking password ready.

And there’s a link to click to reactivate your account.

That link will take you to a screen where you can input the supposed customer number.

Clearly they are trying to get your date of birth and that 4 digit number they want is of course your PIN number.

With those two pieces of information and your name which they already have they’ll be able to empty your bank account.

The bottom part of the email is clearly copied from a real NatWest bank email or from the website – to make it look genuine. But it isn’t.

Don’t click.

February 24, 2016

What is Phishing

Phishing is a scam where criminals send out emails pretending to come from banks, credit card companies, retailers, utility companies, eBay and others. They usually try to trick you into going to their website which will be a copy of the real company website but will steal your login and password and/or other personal details.

They trick you by making the email look genuine and urgent or important. It might say “your account is locked” or “there has been suspicious activity on your account” or “your password must be changed” or something similar. Anything to catch your eye and make you do what they want you to.

Fake emails can be difficult to spot sometimes, but there are things to look out for:-

The sender’s email address is different from the trusted organisation’s website address. E.g. an email supposedly from Barclays bank but the email address is [email protected]
The email is sent from a completely different address or a free webmail address such as Hotmail, Yahoo mail, Google mail etc. Companies never send out email from these kind of addresses. .
The email does not use your proper name, but uses a general greeting such as “Dear Sir or Madam, or Dear customer.”
A sense of urgency; for example the threat that unless you act immediately your account may be closed.
A request for personal information such as username, password or bank details.

If in doubt, do not click on any links in the email – contact the company or go to the company website and check your account or just delete the message.