We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
'Spam Spotter Rules: It’s the bit before the .com that counts' blog discussion
Options
Comments
-
1. I've also noticed that scamsters have been quite cunning in their own choice of URL. They'll try to get a domain which is visually similar to the one they're spoofing (mimicking). E.g. I had a spoof email "from" www(dot)abbeynational.com but it was actually www(dot)abbeynationai.com - with an 'i' at the end, did you spot it? Not so easy in the small print you get at the bottom of the browser window when you hover. So not only should you hover over the link (or do right-click, Properties) and look at the bit before the dot com but look really carefully!
2. They might have registered www(dot)abbeynational.org or anything - always open a search engine in a separate window and find their genuine web address and compare it to that.
3. To be completely safe, if you get an email from ANY institution related to money - eBay, PayPal, insurance people, banks - anything - send it to their phishing email address. Obviously if there's a link in the email saying "report this as spam" or "unsubscribe" or anything, don't click on it! Find out the email address yourself using your favourite search engine. If it's genuine, they'll tell you, if not they'll keep the email and investigate it; not enough people do this and it would help these institutions if more people did.
Most banks will never (or hardly ever) email you. Don't trust emails from banks.0 -
I've just received an email from [EMAIL="customers@hmrc.gov.uk"]customers@hmrc.gov.uk[/EMAIL] stating I have a tax refund and to complete a form. Its a scam so be careful as they are asking for credit card details0
-
steve_jonesuk wrote: »1. I've also noticed that scamsters have been quite cunning in their own choice of URL. They'll try to get a domain which is visually similar to the one they're spoofing (mimicking). E.g. I had a spoof email "from" www(dot)abbeynational.com but it was actually www(dot)abbeynationai.com - with an 'i' at the end, did you spot it? Not so easy in the small print you get at the bottom of the browser window when you hover. So not only should you hover over the link (or do right-click, Properties) and look at the bit before the dot com but look really carefully!
2. They might have registered www(dot)abbeynational.org or anything - always open a search engine in a separate window and find their genuine web address and compare it to that.
3. To be completely safe, if you get an email from ANY institution related to money - eBay, PayPal, insurance people, banks - anything - send it to their phishing email address. Obviously if there's a link in the email saying "report this as spam" or "unsubscribe" or anything, don't click on it! Find out the email address yourself using your favourite search engine. If it's genuine, they'll tell you, if not they'll keep the email and investigate it; not enough people do this and it would help these institutions if more people did.
Most banks will never (or hardly ever) email you. Don't trust emails from banks.
Halifax email me every time I get a statement, letter or message. I'm not sure they would appreciate it if every customer forwarded these all to their spoof box as they would be overwhelmed. The simple advice is use up-to-date virus software, keep your operating system up to date, and don't click on random links to banks, etc., even if you think an email is genuine, always type in the address yourself.0 -
Just in the last couple of weeks I've been getting lots of these spoof emails - Halifax; Abbey; Tax Office; etc. I'm also getting loads from "pharmaceutcal suppliers", offering everything from Viagra to antidepressants, which look very dodgy. Should I be worried that I'm apparently, all of a sudden, being targetted? I haven't clicked on the links they send and so far, if my PC Tools anti-virus is correct, I haven't picked up any viruses. But I'm still worried - especially now I've read all this information here. I generally use the same password for everything - online banking; bingo; job sites; you name it. Should I change my password(s)? I can't even remember half the sites I'm signed up to. Jeez, I can feel a panic attack coming on!
Can anyone give some additional, very basic advice here (keeping in mind I'm relatively new and green to the internet) on what I should do to tighten up my security?
Many thanks
M0 -
Just in the last couple of weeks I've been getting lots of these spoof emails - Halifax; Abbey; Tax Office; etc. I'm also getting loads from "pharmaceutcal suppliers", offering everything from Viagra to antidepressants, which look very dodgy. Should I be worried that I'm apparently, all of a sudden, being targetted?I haven't clicked on the links they send and so far, if my PC Tools anti-virus is correct, I haven't picked up any viruses. But I'm still worried - especially now I've read all this information here. I generally use the same password for everything - online banking; bingo; job sites; you name it. Should I change my password(s)?I can't even remember half the sites I'm signed up to. Jeez, I can feel a panic attack coming on!
Can anyone give some additional, very basic advice here (keeping in mind I'm relatively new and green to the internet) on what I should do to tighten up my security?
Many thanks
M- Use separate passwords for each site. Free password managers are available (I use Password Safe http://passwordsafe.sourceforge.net/) if you have problems remembering. Such use for a bank password may breach your bank's conditions.
- Use different email addresses - at the very least, use one for 'fun/social' sites, one for 'financial' sites and one for online purchases.
- Don't open email from companies you don't know; don't open mail from companies you do know, to addresses you didn't give them.
- Preferably don't even download spam/phish - zap it from the server with a program like mailWasher.
- As said already, don't click on links in emails. Be aware of where links on websites are really going. (On a phishing site, nearly all the links usually go to the genuine site, just the important ones go to the phisher.)
- It's ok to be paranoid - they really are out to get you - , but don't get so paranoid that using the internet isn't fun any more.
- Oh, Don't Panic
Eco Miser
Saving money for well over half a century0 -
Halifax email me every time I get a statement, letter or message. I'm not sure they would appreciate it if every customer forwarded these all to their spoof box as they would be overwhelmed.
) Also, you should be expecting them to email you, because they have said they will, perhaps for paper-free banking.
Eco Miser
Saving money for well over half a century0 -
It's the bit before the .com that counts - but make sure you're looking at the right .com.
Where do you think this url would go to?
www.bbc.co.uk:moneysavingexpert.com@itv.com.ic.example.com?pi=31419&url="test.com"
Not to the bbc, nor moneysavingexpert, not ITV, but to a host called itv.com.ic in the example.com domain, passing a username of bbc.co.uk, and a password ofmoneysavingexpert.com and variables pi, with a value 314159 and url, with a value "test.com". These might just be ignored, having served their purpose in obfuscating the real destination, or might serve to identify the respondent.
To summarise: URLS with the form username:password@domain.com?var="value" are valid, potentially confusing, and useful for phishing.Eco Miser
Saving money for well over half a century0 -
Last year my wife bought tickets to the V Festival from a sponsored link that came up on google. The website address was: vfestival.net. It was a very professional looking site with lots links to information except it was bogus. When our credit card bill appeared with a transaction that had taken place in Budapest suspicions were aroused. We didn't get our tickets but we did get our money back because we'd paid by credit card. Internet buyer beware.0
-
Eco Miser
Thanks so much for taking the time to answer my plea for help - and for the excellent, clear advice you've given here.
Much appreciated
Mroakley0 -
new one going round if you shop on ebay or amazon
if you are like me you shop round on ebay there was a email i got today claiming to be from ups parcel service, the email says they tried to deliver your goods and need you to click a link to re-deliver
do not click the link!!
it is a worm, a virus like program that sticks to your computer and spread to contacts
hope that helps
andy"MSE Money saving challenges..8/12/13 3,500 saved so far :j" p.s if i been helpfully please leave me a thank you but seek official advice at all times from a pro0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 599K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards