Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • quaybab
    • By quaybab 4th Nov 13, 4:19 PM
    • 85Posts
    • 16Thanks
    quaybab
    Santander data leak or address book assault ? AKA Direct Debiting Seminar Invite.
    • #1
    • 4th Nov 13, 4:19 PM
    Santander data leak or address book assault ? AKA Direct Debiting Seminar Invite. 4th Nov 13 at 4:19 PM
    Received a number of messages to disposable email addresses used with Santander, subsidiaries and previous successful acquisition targets titled "Direct Debiting Seminar Invite". Message originates from a US IP and the body mentions Natwest and the zip attachment is allegedly a trojan.

    By the looks of it, it is a leak of old data, stolen HD etc.
Page 2
  • Vodafone
    Hi reehsetin and Stompa,

    Thanks for making me aware of this.

    For further help with things there's some useful information about how you can protect yourselves against phishing emails in the Privacy policy section of our website.

    Although I can't provide you with a link to it due to the posting guidelines which company representatives are required to follow, there's a link at the of our home page which will take you to where it is.

    Kind regards,

    Lee

    Web Relations

    Vodafone UK
    Official Company Representative
    I am the official company representative of Vodafone. MSE has given permission for me to post in response to queries about the company, so that I can help solve issues. You can see my name on the companies with permission to post list. I am not allowed to tout for business at all. If you believe I am please report it to forumteam@moneysavingexpert.com This does NOT imply any form of approval of my company or its products by MSE"
  • yangptangkipperbang
    I am getting a steady stream of stuff to both my Santander email addresses now.
    The latest ones are advising me of an urgent voice mail on Skype !
    • Lomcevak
    • By Lomcevak 28th Nov 13, 7:31 AM
    • 604 Posts
    • 3,720 Thanks
    Lomcevak
    I am getting a steady stream of stuff to both my Santander email addresses now.
    The latest ones are advising me of an urgent voice mail on Skype !
    Originally posted by yangptangkipperbang
    And me - recently i've had that Skype message and several DHL 'delivery attempts', all with a .zip to open. Forwarded to Santander phishing address and not had any kind of response, even bot-generated.

    Unique email address on a domain I own (and not santander@...) so zero chance it is guessed or taken from somewhere else, must be a Santander-internal leak. I've only been a Santander customer for a few months, so must be quite recent too.
    MFiT-T4#126, £135k to 60k: £23,965/£75,000(31.96%), 2016 MFW#12 £12,000/£12,000 (100.00%)
    £30k-in-’15#56 £31,845.60/£30,000 (106.15%)
    • Stompa
    • By Stompa 28th Nov 13, 8:37 AM
    • 7,463 Posts
    • 3,594 Thanks
    Stompa
    And me - recently i've had that Skype message and several DHL 'delivery attempts', all with a .zip to open. Forwarded to Santander phishing address and not had any kind of response, even bot-generated.
    Originally posted by Lomcevak
    I've had loads of those too, but to randomly generated addresses as well as my Santander address. Be VERY careful with them, it's highly likely that the attachment is Cryptolocker.
    Stompa
    • Lomcevak
    • By Lomcevak 28th Nov 13, 10:26 AM
    • 604 Posts
    • 3,720 Thanks
    Lomcevak
    Mostly i'm upset that a bank where I hold a lot of money has leaked at least some information about me

    Less worried about the payload as I'm pretty careful with these things; the email runs as a limited user on a Linux box and although that's not impregnable it is likely pretty good against most generic trojans.
    MFiT-T4#126, £135k to 60k: £23,965/£75,000(31.96%), 2016 MFW#12 £12,000/£12,000 (100.00%)
    £30k-in-’15#56 £31,845.60/£30,000 (106.15%)
    • quaybab
    • By quaybab 5th Dec 13, 5:43 PM
    • 85 Posts
    • 16 Thanks
    quaybab
    Santander deny leaking (unique) email addresses and will not be investigating any further. However with information security, you deny everything and admit nothing.
  • Uxb
    I'd contact the information commissioner.
    • bubieyehyeh
    • By bubieyehyeh 5th Dec 13, 11:03 PM
    • 312 Posts
    • 89 Thanks
    bubieyehyeh
    They have yet to reply to my query to their phishing email address about how the email address that I only gave to santander leaked.
    • robin58
    • By robin58 6th Dec 13, 8:04 PM
    • 1,286 Posts
    • 1,139 Thanks
    robin58
    Also look out for Emails from Barclay's saying they are confirming payment to an another account..

    Has a zipped file attached which says it's a printed receipt( yeah! right ).

    Had 4 emails exactly the same, except for different amounts land into my email address.

    I am surprised by the amounts 'taken' , I have not already had a visit by the Barclay SWAT team.
    The more I live, the more I learn.
    The more I learn, the more I grow.
    The more I grow, the more I see.
    The more I see, the more I know.
    The more I know, the more I see,
    How little I know.!!
    • anamenottaken
    • By anamenottaken 6th Dec 13, 8:11 PM
    • 3,851 Posts
    • 3,347 Thanks
    anamenottaken
    Only just seen this thread. I was concerned last month when I received a number of emails (with zip file attachments) sent to an address I would have used when a customer of Abbey National. So the address acquisition could be from old records not properly disposed of.
    • bubieyehyeh
    • By bubieyehyeh 6th Dec 13, 10:38 PM
    • 312 Posts
    • 89 Thanks
    bubieyehyeh
    Its not old santander email addresses, mine was my current santander email address that I've used for only 2-3 years.

    I've not had anymore emails since but I think my webmail provider discards email which its is sure that are dodgy and doesn't even put them in the spam folder.
    Last edited by bubieyehyeh; 06-12-2013 at 10:41 PM.
  • Wood Dragon
    Leak of email address supplied only to Santander
    Just adding weight to this thread to state that I too have received spam on an email that has only been shared with Santander.

    I feel that in all probability it is Santander's actions that have caused this. I have 692 of these separate emails, and only 'santander' has the problem today, it rarely happens, but when it does it coincides with a flurry of similar reports. The last one was adobe.

    My comment to Santander is, if I can't trust you to keep my email address private, how can I trust you with anything else, let alone my money.

    BR/ wd
    • MrA2012
    • By MrA2012 11th Dec 13, 8:56 PM
    • 37 Posts
    • 10 Thanks
    MrA2012
    Add me to the list of people suspecting Santander of leaking emails. Like others in this thread, I have a catch-all domain and use unique email addresses for every company I deal with. I set up an address specifically for Santander, have only ever given it to Santander and have never used it to send an email. Today it received the fake FedEx shipping confirmation/verify your identity scam.
  • autolycus
    Following up my previous contributions to this thread, I've had a phone call from Santander - yes, I did "put him through security". He said it was being investigated, and admitted I wasn't the only "victim". He then offered £50, which he confirmed in a letter. They just don't get it though, as they advised me to "change (your) email address as soon as possible".

    Should I have asked for more? There are three other family members in the same position...

    I'm surprised this hasn't had more press coverage, as it's far more serious than the usual scattergun phishing emails.

    Kevin
    • Pound
    • By Pound 16th Dec 13, 12:22 AM
    • 2,540 Posts
    • 1,220 Thanks
    Pound
    I've had this spam as well although surprised they havent pretended to be Santander, so far I think just Skype and Royal Mail. The only time I ever used this email was in an office at Alliance & Leicester (now Santander) when opening an account.

    • Lomcevak
    • By Lomcevak 16th Dec 13, 6:43 AM
    • 604 Posts
    • 3,720 Thanks
    Lomcevak
    Following up my previous contributions to this thread, I've had a phone call from Santander - yes, I did "put him through security". He said it was being investigated, and admitted I wasn't the only "victim". He then offered £50, which he confirmed in a letter. They just don't get it though, as they advised me to "change (your) email address as soon as possible".
    Originally posted by autolycus
    I'm still waiting for my complaint to get a response, but will update if/when I get it - already said that i'll escalate if they don't reply within their 8 week period so it is a date in the diary

    Fundamentally it's more than the spam and the hassle of changing email address - which, by they way, doesn't work perfectly, I still get 3Dsecure messages to the old one not the new one. I'm annoyed that (a) I don't know what they've leaked, is it just the email address or other personal information too, and (b) they clearly know that it has happened but they've made no effort to tell customers
    MFiT-T4#126, £135k to 60k: £23,965/£75,000(31.96%), 2016 MFW#12 £12,000/£12,000 (100.00%)
    £30k-in-’15#56 £31,845.60/£30,000 (106.15%)
    • block10
    • By block10 19th Dec 13, 9:12 PM
    • 133 Posts
    • 53 Thanks
    block10
    Data breach is now suspected at Santander

    http://www.theregister.co.uk/2013/12/19/trojans_spam_unique_email_address/
    Last edited by block10; 19-12-2013 at 9:14 PM. Reason: Typ
  • Money-Saving-King
    Originally posted by block10
    Yes but that articles only source of information is this thread it even refers to this thread.
    • block10
    • By block10 20th Dec 13, 12:35 PM
    • 133 Posts
    • 53 Thanks
    block10
    Yes but that articles only source of information is this thread it even refers to this thread.
    Originally posted by Money-Saving-King
    NO it also refers to several Reg readers - Paul & Andrew. And it does link to this thread to offer further proof.

    A statement from Santander confirms that they are investigating a potential breach.
    • quaybab
    • By quaybab 20th Dec 13, 3:54 PM
    • 85 Posts
    • 16 Thanks
    quaybab
    It appears £150 is the maximum you can squeeze out of Santander for (not) losing an email address. They admit no liability but coughed for taking too long to deal with the complaint (less than 2 weeks, they have 8 weeks), inconvenience and for the stock response blaming the customer.
    I suspect they have lost mail server log files and not banking data but we'll see.
    It is not random attack based on variants of an email address as The Register article say as I've not had multiple attempts at similar aliases.
    This one won't be going to the ICO but they’'ve lost 5 others out of about a dozen given to them so I'll see how I get on with them.
    Santander patently know there is a problems but can't be bothered contacting the affected customers (due to the obvious cost!). Santander aren’t investigating anything.
    There is a remote change the FOS have leaked it as half of the 'infected' ones have been disclosed to them but I doubt it - although with their underhand banker club tactics, you never know.
    BOFH
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

884Posts Today

5,802Users online

Martin's Twitter