0345 2413052
Telephone0345 2413052

Phishing email – would this one get you?

phishing emails - easy money - easy targetsHere is an update to this 2011 post about another phishing email received.

My colleague received this phishing email yesterday:

From: (my real first name and surname) [mailto: mdprivatemailbox @ gmail.com]
Sent: 21 June 2016 11:32
To: XXX  XXXX – XXXXXXX Ltd (my  colleagues real name and company)
Subject: Quick Request

Hi XXXX, (staff members real first name)

Are you available to quickly process a payment for me? Kindly confirm asap so I will email the necessary details you will need to process the payment.

XXX (my real first name)


The email purports to come from someone you know and sends to someone in the same domain name space, probably the same domain as your “normal” company email address. It cleverly uses first names to reduce the chance that someone will check it more carefully. It looks pretty convincing.

The phish: To convince my colleague at my company that I want them to confirm they can send a bank transfer today and that by emailing me to say that they can, that I would then give them the details of where to send the money to.

So if they do reply then they will automatically be sent account details probably somewhere abroad where it’s difficult, if not impossible to get the money back from.

(If you get caught by this one the your bank maybe able to get away with not compensating you as it would have been your specific instructions that sent the money and you were not hacked – in my opinion anyway).

Clearly the English grammar isn’t quite right and the fact that this would never happen is also of some protection.

But would you get caught if you were in a hurry? – Worth thinking about and discussing with your staff and colleagues. .

ALWAYS look closely at the ACTUAL email address that is sending you the email and never rely on the displayed name. Whenever there is any money involved or reference to finance or account details always check the reality by telephoning the person asking if they really sent it, if it is someone you know of course.

Stay safe online.



Original article published June 5th 2011:

As an example of a phishing and not “spear” phishing would be the following email received a few minutes ago.

phishing email but not spear phishing
Have you received this one?

Nice little logo huh?

The email address purports to come from Lloyds bank, when you look at it says “info @ email.lloydstsb.co.uk”, so far so good you might think…

But the link embedded in the email is to a site called “faakarfibreglass .com” I have taken the link out to discourage any clicking on it!

Watch out for these!


More on Google Spear Phishing Problem

Google spear phishing becoming common

As an update to my post (https://www.clickingmad.com/blog/2011/05/google-hacking-thru-spear-phishing/) on the 28th May. I read an article on the BBC iPad news application which confirmed that it was this type of “Spear phishing” that resulted in high ranking email and account details of folks in the US and in Far Eastern countries being compromised.

It’s worth a read on this link: http://www.bbc.co.uk/news/technology-13626104

Please remember never but never, click on any link in an email that says something has changed on your account or login details or some such nonsense. This includes emails apparently from your bank, an online service, your credit card company, your email provider. If you see one in your inbox, contact the organisation concerned by using their official website contact method, or phone them. If you’re unsure then call us for free and we will advise.

“YouTube” spam is potentially more than nasty…

You tube is one way “into” google. Spear phishing at it’s most cunning

I received this today and I think you should be informed..

An email supposedly from YouTube saying that your video is “on the top of YouTube”

It looks very authentic and is piggybacking the YouTube email address so you can’t see that it’s not from there.

There is a link in it for you to check, and because you are so excited to see that your video is “on the top”, you click it.

You then get a nasty website selling apparently Canadian drugs, or put more simply; unofficial Viagra etc.

There may well be something much more sinister within the link as well so my advice is Don’t Click The Link. Delete the email straight away and warn your friends.

Here is the screen shot of the email I received..