0345 2413052
Blog
blog
by
Telephone0345 2413052

“Comcast” Phishing email

comcast phishing emailQuick notification of another scam in the form of a phishing email that suggests you have paid an American cable company with your credit card.

The links are all to a .ru domain (Russian) and go to a .php file, which could seriously harm your computer at the very least.

Don’t click anything and don’t forward it!

If you have a cable subscription from Comcast (which I doubt you do if you’re in the UK) then go to their main website and to your account etc.

The proper website is: https://www.xfinity.com/

Stay safe folks.

Some nasty new emails to watch out for..

Dangerous emails
Your pc is at risk of infection if you click on a link or open an attachment  in these emails

Phishing emails on the rise again – don’t get caught!

I came across 3 new spam/phishing emails and one Trojan Horse email this week alone. I thought you need to know about them and consider yourself warned NOT to open any link or attachment.

Phishing Email 1

Apparently I’ve bought a phone from Amazon.com and this is the shipping confirmation.

I haven’t bought anything from Amazon in the States (dot com domain name) and I already have an iPhone.

What is more dangerous about this email is that it is not telling you to click the link, it just sits there expecting you to want to find out more. The link goes nowhere near Amazon and you will end up giving some criminal your Amazon login details.

Phishing Email 2

Another nasty email using the Amazon brand name is this one purportedly offering an Amazon reward card etc.

They don’t even pretend that they are Amazon and even let you know that you need to give the more details before you may get a gift card. I doubt any exist.

Phishing Email 3

Dropbox is an excellent tool for storing documents and allowing others to access them from anywhere, including you.

The link wanting me to open this file apparently shared to me from an Educational email address goes nowhere near Dropbox. Do not click this link!

Malware/Trojan Horse Email

This is another that bothered me. Apparently Companies House has had a complaint about our business. Companies House do not receive complaints about companies. They have confirmed this.

The problem is the Word attachment. Unfortunately Microsoft word can contain programming called MACROS which can install malware on your computer. Do not open the attachment if you get this.


Some definitions to help you

malware

noun
Software which is specifically designed to disrupt, damage, or gain authorised access to a computer system.

Trojan Horse

noun
A program designed to breach the security of a computer system while ostensibly performing some innocuous function.

phishing

noun
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.


Stay safe folks….

Phishing email – would this one get you?

phishing emails - easy money - easy targetsHere is an update to this 2011 post about another phishing email received.

My colleague received this phishing email yesterday:
________________________________________________________

From: (my real first name and surname) [mailto: mdprivatemailbox @ gmail.com]
Sent: 21 June 2016 11:32
To: XXX  XXXX – XXXXXXX Ltd (my  colleagues real name and company)
Subject: Quick Request

Hi XXXX, (staff members real first name)

Are you available to quickly process a payment for me? Kindly confirm asap so I will email the necessary details you will need to process the payment.

Regards,
XXX (my real first name)

________________________________________________________

The email purports to come from someone you know and sends to someone in the same domain name space, probably the same domain as your “normal” company email address. It cleverly uses first names to reduce the chance that someone will check it more carefully. It looks pretty convincing.

The phish: To convince my colleague at my company that I want them to confirm they can send a bank transfer today and that by emailing me to say that they can, that I would then give them the details of where to send the money to.

So if they do reply then they will automatically be sent account details probably somewhere abroad where it’s difficult, if not impossible to get the money back from.

(If you get caught by this one the your bank maybe able to get away with not compensating you as it would have been your specific instructions that sent the money and you were not hacked – in my opinion anyway).

Clearly the English grammar isn’t quite right and the fact that this would never happen is also of some protection.

But would you get caught if you were in a hurry? – Worth thinking about and discussing with your staff and colleagues. .

ALWAYS look closely at the ACTUAL email address that is sending you the email and never rely on the displayed name. Whenever there is any money involved or reference to finance or account details always check the reality by telephoning the person asking if they really sent it, if it is someone you know of course.

Stay safe online.

Shaun

________________________________________________________

Original article published June 5th 2011:

As an example of a phishing and not “spear” phishing would be the following email received a few minutes ago.

phishing email but not spear phishing
Have you received this one?

Nice little logo huh?

The email address purports to come from Lloyds bank, when you look at it says “info @ email.lloydstsb.co.uk”, so far so good you might think…

But the link embedded in the email is to a site called “faakarfibreglass .com” I have taken the link out to discourage any clicking on it!

Watch out for these!