new (and old?) scams, spams and phishing.

[JohnD]

Here's a new one, to me anyway:

New Message Notification - Vōice

 

Dear customer 

you have a new auto message 

From:  +44 74362364**

Date: 16 June 2022 at 6/16/2022 02:05:36 p.m.

Duration :  00:00:26 

 To Listen to this message, you can click below to have instant access to all your messages on the go.

Listen to Vōice Mail

To my shame, I clicked on the link.  My only excuse is that I get valid voice messages on my mobile.     And the desktop screen lit up red!  Saved by my firewall!

Should have known, the sender was one " FBurke1216@hotmail.com"  not Vodafone at all.   

John

PS Now I look at it, there's another give away.   The 'o' in Voice.   It has a 'macron', a bar over it, used in languages other than English to indicate a long 'o'.     Such alien symbols are used  by scammers to make their false links look valid.   My vigilance is slipping.  J.

 

 

Edited June 17, 2022 by JohnD

[JohnD]

If this is a scam, it's a new one:

 

I think the dead give away is that no regisration No. is quoted.   I'm certain that would happen if this really was from the DVLA.  Plus the senders email.

Bin it.

John

[Escadrille Ecosse]

I got one the other day telling me my Apple+ subscription had just expired and I needed to click on a link to renew.

Interesting that I do have Apple+ but cancelled it again a couple of months ago as I only pay when there is something specific I want to watch.

And then there are the calls to your mobile that get flagged up as 'potential fraud'. If the phone company knows then why are these numbers allowed to remain active?

[JohnD]

And another new style scam/phishing

I got an email apparently from  an old friend.       It had his full name but the senders address was not his: s103507@student.uum.edu.my   Hmmmm, 'student', and that's a university in Malaysia!

Then, the message said: "Probably should have sent this invitation to you way earlier http://www.lozjs.nycekk. com/ "

It's rather obviously a scam, but how?    Has my friend a Trojan on his machine, stealing his address list?     Or do I, using mine to head false emails with friends names?      

If the second there would be more, surely?   My friend has scrubbed his machine and nothing was found.      Could his name and a connection to me have been picked up in Facebook?

Anyway, deleted now!

JOhn

[JohnD]

Am I the only one to get all this scamming?

The latest is most convincing. It looks like this:

The "Beneficiary" has a correct address, but the website wants details that are not in the email, and the genuine Gov.co.uk website for that North Regional Fixed Penalty Office includes the warning that, "Scammers are mimicking genuine HMCTS phone numbers and email addresses. They may demand payment and claim to be from HMRC or enforcement. If you're unsure, do not pay anything and report the scam to Action Fraud."

 

Global Ingenico is a company that deals in electronic payments, bu has long been abused by scammers.

I have reported the email, and deleted the scamming message.

John

 

Edited July 29, 2022 by JohnD

[JohnD]

New and global  scams continue to appear.   This one was headed "Order Update # 625022 "   That number rings a bell for me but I can't  recall or find what it means

It was allelegedly sent by "Royal Mail" but  my mailbox appends the senders address as "<royal.mail.service@ebiki.co.jp>"     www.ebiki.co is the name of a long established small firm that makes soy sauce and other condiments, in Japan, so I really, really don't think they will have the Post Office's contract for mail registration.

It looks like this:

No, I haven't clicked on the number starting "JK", which is highlighted and is very obviously a hyperlink, to "http://estarbizadvisor.com/tblstatus/6/index.php?www.royalmail.services"   EStar Business Advisors are company Accountants in Singapore, whose probity is unknown, but again are unlikely to be contractors to the Post Office.

Binned, and suggest you do too!

Are these reports of any interest, or useful as warning?   Or are you all just  savvy to the scammers'?

John

 

[JohnD]

This is a more worrying one!

I saw the senders address, "webarc.net" and assumed it was  spam/phishing, but went to confirm that by entering the tracking number on the Royal Mail web site.    I expected it to be unknown, but it was recognised!   As a parcel that was delivered two weeks ago!

Seems beyond coincidence that the phishers could pick a number at random that does that, so they must have access to the Royal Mail system!   Scarey!

John

[JohnD]

I fell for this one!   Because its the sort of thing that Amazon does send out. But saved by my firewall (Norton) that lit up RED with an "Unsafe site" warning!

The senders address should have warned me!

John

Edited August 23, 2022 by JohnD

[Nick B.]

There are certain small signs that warns me of on these scams.

If we look at the japanese scam from Royal Mail, they have misspelled 'incorect' with a single 'r'. That is a certain way to get me to delete mails.

The second one from Royal Mail also had troubles with spelling and wrote ' and u were away'. I doubt RM would replace 'you' with 'u'.

The third one from amazon. They appear to use your email instead of your name. I never use mail for username - so I always know if people greets me with my mailname, it is definately a spam.

However - they are getting better at it - perhaps they will even know how to spell some day!

 

Cheers

Nick

 

 

[JohnD]

Quite right, Nick!   There are lots of 'tells' that should raise suspicion. Another is the use of a symbol instead of a letter - there are so many in the digital lexicon and some look very like each other.

It may be worth notifying the "spoofed" organisation.  In this case Amazon has "stop-spoofing@amazon.com" but others may use "spam@....." or "phishing@...." or similar.

John

[JohnD]

Another new one!

On Facebook, an old colleague, now retired like me, asked to 'friend' me.     I was delighted, I haven't seen them for a couple of years or more.     I responded, and the subsequent conversation rapidly went 'off-piste'!     Whoever was Messaging me wasn't my old friend, and was keen to interest me in "Publishers Clearing House", which I had never heard of, but Wiki tells me is an online US company that sells subscriptions to magazines and sweepstakes.    They told me it was a charity that helped the disadvantaged!

I've posted on my friend's Facebook page to this effect, with my best wishes.   But in the hope of  preventing the interloper sending me any more spam, I've 'unfriended' my friend!     Dreadful!   I hope they come back.

John

[JohnD]

I'm really cross about this one!

I've volunteered for a local charity, and because it means patient contact, I'm asked to get DBS vetted (Disclosure and Barring Service).    So, I look for the DBS on Google, go to the first site and start to enter all the details requested.  Gosh, Nat.Ins.No., Passport No., Driving licence No., how many years at this address etc etc etc.    Then, please pay £80!!!

Hang on, what is this site?  It's "https://dbscheckonline.org.uk/apply/dbs-individual-check"    It is NOT where I should be which is at https://www.gov.uk/government/organisations/disclosure-and-barring-service   where, of course, the service is free.

But what really riles me is that the scammers appeared first on the list of hits when I searched Google for "DBS".  The Gov.uk site is second.  Google is helping the scammers!  I should not be surprised of course, no doubt they paid to get first on the list.    Google used to have "Don't be Evil" in its code of conduct, but no longer!

I've used the Google complaints procedure, but the scammers are still there!

John

Edited October 21, 2022 by JohnD

[JohnD]

I'm on Facebook - I know, its for the chattering classes, but anyway.     Recently, I received messages apparently  from people I am 'friends' with, trying to recruit me for "GGF" Global Growth Fellowship, a US org that purports to help the needy.   I wasn't interested and said so.     

Now, I hear from other 'friends' on Fb that they have had friend requests from me, although we are already 'friends'.   It looks like my Fb account and list of friends has been hijacked.     I've changed my Fb password and will do a hard disk sweep.    Suggest you do the same if you hear from "GGF".

John

[JohnD]

Done my housekeeping on FB, my guardian on the PC says nothing untoward, but I have had another 'Fb friend' say they have had a friend request since.      Notified Fb, but I don't suppose they will do anything.

Any ideas how to stop this, please?

John

[Escadrille Ecosse]

7 minutes ago, JohnD said:

Any ideas how to stop this, please?

Don't think there is anything you can do now John.

These scams rely on the person receiving the message replying to it. Doesn't actually matter what you say it's the reply that confirms their scam message was sent to an active account.

As so many things in life silence is the best policy. Ignore them and they will go away.

[JohnD]

Thanks, Colin, hope it does.

But here's another.   The TRansit needs new insurance, so I go to various brokers online.   I don't choose the cheapest but one that I've heard of, that quotes £500-odd.  Van insurance is expensive!   I've declared "Social & Domestic" use, but then it asks me if I want cover for carrying tools in the van - of course I will, it's a race truck.   So I say yes.

In that case the premium will be over £1000!   The Premium!!   Goodbye that insurer. and forget tools cover;  I'll remember to lock the van!

John

[Escadrille Ecosse]

Define 'carrying tools'. Every van carries tools. How do you change a wheel. 

Or for that matter make yourself a piece for your lunch (that's a sandwich) .

But not really any different from say carrying a bike I suppose. Insurance for those is not cheap either 

[zetecspit]

In this context it means "tools for your trade" as vans are usually used by tradesman. In your case I woukld say no, the van is not used for any trade purpose.

[JohnD]

On 10/21/2022 at 3:58 PM, JohnD said:

I'm really cross about this one!

I've volunteered for a local charity, and because it means patient contact, I'm asked to get DBS vetted (Disclosure and Barring Service).    So, I look for the DBS on Google, go to the first site and start to enter all the details requested.  Gosh, Nat.Ins.No., Passport No., Driving licence No., how many years at this address etc etc etc.    Then, please pay £80!!!

Hang on, what is this site?  It's "https://dbscheckonline.org.uk/apply/dbs-individual-check"    It is NOT where I should be which is at https://www.gov.uk/government/organisations/disclosure-and-barring-service   where, of course, the service is free.

But what really riles me is that the scammers appeared first on the list of hits when I searched Google for "DBS".  The Gov.uk site is second.  Google is helping the scammers!  I should not be surprised of course, no doubt they paid to get first on the list.    Google used to have "Don't be Evil" in its code of conduct, but no longer!

I've used the Google complaints procedure, but the scammers are still there!

John

Been advised to report to Google, an action accessed by the tiny, point-down triangle after the URL on the Google hit.   This gives you a number of options - the best in this situation is " "ad violates Google Ads policies" and then "It promotes a restricted product or service."    I'm further advised not to expect much follow up, or even action by Google, unless more people do the same, so pile in!

John

[JohnD]

Facebook "friends".

Recently, I've been contacted by people I know, in the real world, on FB with a 'friend' request.   This is apart from Fb's habit of pushing people who are already 'friends of friends'.   Each time, because I'm a friendly soul, and have liked the people involved, I've responded.

And each time, I get a message from the new 'friend', not with their news or requests for mine, but "Have I heard of the XYZ program?".  (Note the spelling!).    When I say that I haven't, I'm advised to contact the 'program' because my new 'friend' has received money from them.

No explanation, why or how, or what the 'program' is.    I've blanked them as 'friends' because I don't believe I'm talking to the people I thought I was, but to a computer, or else some programmer in Ylvatosk, or Xian Zan.

Anyone else had these?   Is this hijacking of FB accounts or a Wurm in my machine, and  how to warn the real people involved?

John

 

[JohnD]

For anyone who shops at Sainsbury's, and anyone else (perhaps not Waitrose) look out for the emails that offer you an "Air Fryer" in exchange for completing a marketing questionnaire.    For a start, they say they are from "Sainsbury", right typeface, wrong punctuation.    Then the four I have had have been from BT, gmail, etc when you might expect such emails to be from sainsbury's.co.uk and where from four different  names.

If you get one of these, and are a Sainsbury's shopper of not, delete them!

John

[JohnD]

Just got another, looks like this:

Sent from gmail by one "narong3467889".

I think not.

JOhn

[JohnD]

I sold my Citroen a little while ago, to "WeBuyanyCar".    Then this week, I had an email from someone purporting to be the buyer, asking me if the car had any problems (!).    How the HELL had he got my email????   WBaC had to have told him!

So I sent them an accusatory email alleging gross confidentiality breach.   They denied it, of course.   The buyer sounded genuine, so I replied, asking where did you get my email?      You left an old licence reminder in the service papers!

Oh.  Bugger.    OK, my fault, apologise to WBaC, and tell the buyer the worst.   I wish him luck with the car, which served me  well for twelve years.   BUt if you sell a  modern, make sure you clean the papers as well as the car!

John

[JohnD]

VERY worrying event today.

I use NatWest Bank, and my credit card acquires "Rewards", that I can exchange for shopping vouchers etc.  I ordered some yesterday, and was told that they would appear by email.  I queried this, by going to their support line, and was told this was the case, within 24 hours.   Nothing has appeared.

So I went back to Support, and spoke to the agent there.   They asked the usual 'security' questions, and then asked for digits from the code number that I use to log onto  Online Banking.    I gave two, second and fourth, but she said she couldn't hear, do it again; first and fourth.     I hope we've all seen that on TV where the operator does this repeatedly, until they have the whole code number?

It was then I noticed that the screen on my mobile was lit up in RED!  And said "Fraud Site"!!!  (The mobile is protected by Norton)  I challenged the agent I was speaking to, to tell me something that only the Bank and I could know from my account.      She refused to do this, tried to get me to stay on the line.  I  rang off.

I have told my bank manager of this extraordinary event.   Surely a major Bank cannot have their Support Line hijacked by swindlers?    And I'm still waiting for my vouchers!

John

[thebrookster]

17 hours ago, JohnD said:

VERY worrying event today.

I use NatWest Bank, and my credit card acquires "Rewards", that I can exchange for shopping vouchers etc.  I ordered some yesterday, and was told that they would appear by email.  I queried this, by going to their support line, and was told this was the case, within 24 hours.   Nothing has appeared.

So I went back to Support, and spoke to the agent there.   They asked the usual 'security' questions, and then asked for digits from the code number that I use to log onto  Online Banking.    I gave two, second and fourth, but she said she couldn't hear, do it again; first and fourth.     I hope we've all seen that on TV where the operator does this repeatedly, until they have the whole code number?

It was then I noticed that the screen on my mobile was lit up in RED!  And said "Fraud Site"!!!  (The mobile is protected by Norton)  I challenged the agent I was speaking to, to tell me something that only the Bank and I could know from my account.      She refused to do this, tried to get me to stay on the line.  I  rang off.

I have told my bank manager of this extraordinary event.   Surely a major Bank cannot have their Support Line hijacked by swindlers?    And I'm still waiting for my vouchers!

John

John, I hope you get this sorted! Always worrying when it involves bank accounts.

One possible explanation is that I don't think the rewards program is run directly with your account, I think it maybe a separate department so it is plausible they don't have access to your account details?

I have (possibly the same, NatWest and RBS are the same bank) a similar rewards account, albeit mine is linked to both credit and debit cards. I know when I log in to mine it takes me to a separate page? I've never claimed the vouchers, so can't provide any insight for that, I use my "rewards" to offset the credit card which has always worked for me. Does take a few days however.

Phil