'Spam Spotter Rules: It’s the bit before the .com that counts' blog discussion

steve_jonesuk

1. I've also noticed that scamsters have been quite cunning in their own choice of URL. They'll try to get a domain which is visually similar to the one they're spoofing (mimicking). E.g. I had a spoof email "from" www(dot)abbeynational.com but it was actually www(dot)abbeynationai.com - with an 'i' at the end, did you spot it? Not so easy in the small print you get at the bottom of the browser window when you hover. So not only should you hover over the link (or do right-click, Properties) and look at the bit before the dot com but look really carefully!
2. They might have registered www(dot)abbeynational.org or anything - always open a search engine in a separate window and find their genuine web address and compare it to that.
3. To be completely safe, if you get an email from ANY institution related to money - eBay, PayPal, insurance people, banks - anything - send it to their phishing email address. Obviously if there's a link in the email saying "report this as spam" or "unsubscribe" or anything, don't click on it! Find out the email address yourself using your favourite search engine. If it's genuine, they'll tell you, if not they'll keep the email and investigate it; not enough people do this and it would help these institutions if more people did.
Most banks will never (or hardly ever) email you. Don't trust emails from banks.

TonyAsh

I've just received an email from [EMAIL="customers@hmrc.gov.uk"]customers@hmrc.gov.uk[/EMAIL] stating I have a tax refund and to complete a form. Its a scam so be careful as they are asking for credit card details

tripled

steve_jonesuk wrote: »

1. I've also noticed that scamsters have been quite cunning in their own choice of URL. They'll try to get a domain which is visually similar to the one they're spoofing (mimicking). E.g. I had a spoof email "from" www(dot)abbeynational.com but it was actually www(dot)abbeynationai.com - with an 'i' at the end, did you spot it? Not so easy in the small print you get at the bottom of the browser window when you hover. So not only should you hover over the link (or do right-click, Properties) and look at the bit before the dot com but look really carefully!
2. They might have registered www(dot)abbeynational.org or anything - always open a search engine in a separate window and find their genuine web address and compare it to that.
3. To be completely safe, if you get an email from ANY institution related to money - eBay, PayPal, insurance people, banks - anything - send it to their phishing email address. Obviously if there's a link in the email saying "report this as spam" or "unsubscribe" or anything, don't click on it! Find out the email address yourself using your favourite search engine. If it's genuine, they'll tell you, if not they'll keep the email and investigate it; not enough people do this and it would help these institutions if more people did.
Most banks will never (or hardly ever) email you. Don't trust emails from banks.

Halifax email me every time I get a statement, letter or message. I'm not sure they would appreciate it if every customer forwarded these all to their spoof box as they would be overwhelmed. The simple advice is use up-to-date virus software, keep your operating system up to date, and don't click on random links to banks, etc., even if you think an email is genuine, always type in the address yourself.

mroakley

Just in the last couple of weeks I've been getting lots of these spoof emails - Halifax; Abbey; Tax Office; etc. I'm also getting loads from "pharmaceutcal suppliers", offering everything from Viagra to antidepressants, which look very dodgy. Should I be worried that I'm apparently, all of a sudden, being targetted? I haven't clicked on the links they send and so far, if my PC Tools anti-virus is correct, I haven't picked up any viruses. But I'm still worried - especially now I've read all this information here. I generally use the same password for everything - online banking; bingo; job sites; you name it. Should I change my password(s)? I can't even remember half the sites I'm signed up to. Jeez, I can feel a panic attack coming on!
Can anyone give some additional, very basic advice here (keeping in mind I'm relatively new and green to the internet) on what I should do to tighten up my security?
Many thanks
M

Eco_Miser

mroakley wrote: »

Just in the last couple of weeks I've been getting lots of these spoof emails - Halifax; Abbey; Tax Office; etc. I'm also getting loads from "pharmaceutcal suppliers", offering everything from Viagra to antidepressants, which look very dodgy. Should I be worried that I'm apparently, all of a sudden, being targetted?

Not particularly, your email address has been picked up from somewhere (or is easily generated) and the spammers and phishers are trying their luck. Spammers send out millions of emails in the hope of just a few suckers replying.

mroakley wrote: »

I haven't clicked on the links they send and so far, if my PC Tools anti-virus is correct, I haven't picked up any viruses. But I'm still worried - especially now I've read all this information here. I generally use the same password for everything - online banking; bingo; job sites; you name it. Should I change my password(s)?

YES Your password at each financial institution and utility should be different. That goes for any other site that can collect money from you.

mroakley wrote: »

I can't even remember half the sites I'm signed up to. Jeez, I can feel a panic attack coming on!
Can anyone give some additional, very basic advice here (keeping in mind I'm relatively new and green to the internet) on what I should do to tighten up my security?
Many thanks
M

• Use separate passwords for each site. Free password managers are available (I use Password Safe http://passwordsafe.sourceforge.net/) if you have problems remembering. Such use for a bank password may breach your bank's conditions.
• Use different email addresses - at the very least, use one for 'fun/social' sites, one for 'financial' sites and one for online purchases.
• Don't open email from companies you don't know; don't open mail from companies you do know, to addresses you didn't give them.
• Preferably don't even download spam/phish - zap it from the server with a program like mailWasher.
• As said already, don't click on links in emails. Be aware of where links on websites are really going. (On a phishing site, nearly all the links usually go to the genuine site, just the important ones go to the phisher.)
• It's ok to be paranoid - they really are out to get you - , but don't get so paranoid that using the internet isn't fun any more.
• Oh, Don't Panic

Eco_Miser

tripled wrote: »

Halifax email me every time I get a statement, letter or message. I'm not sure they would appreciate it if every customer forwarded these all to their spoof box as they would be overwhelmed.

Genuine emails from financial institutions will almost invariably be addressed to you personally, will contain other data identifying you eg postcode, and will not have clickable links taking you to a log-in screen, (They may have links to advertising or the institution's security policy. ) Also, you should be expecting them to email you, because they have said they will, perhaps for paper-free banking.

Eco_Miser

It's the bit before the .com that counts - but make sure you're looking at the right .com.
Where do you think this url would go to?
www.bbc.co.uk:moneysavingexpert.com@itv.com.ic.example.com?pi=31419&url="test.com"
Not to the bbc, nor moneysavingexpert, not ITV, but to a host called itv.com.ic in the example.com domain, passing a username of bbc.co.uk, and a password ofmoneysavingexpert.com and variables pi, with a value 314159 and url, with a value "test.com". These might just be ignored, having served their purpose in obfuscating the real destination, or might serve to identify the respondent.
To summarise: URLS with the form username:password@domain.com?var="value" are valid, potentially confusing, and useful for phishing.

themoneysavingapprentice

Last year my wife bought tickets to the V Festival from a sponsored link that came up on google. The website address was: vfestival.net. It was a very professional looking site with lots links to information except it was bogus. When our credit card bill appeared with a transaction that had taken place in Budapest suspicions were aroused. We didn't get our tickets but we did get our money back because we'd paid by credit card. Internet buyer beware.

mroakley

Eco Miser

Thanks so much for taking the time to answer my plea for help - and for the excellent, clear advice you've given here.
Much appreciated

Mroakley

flexrider

new one going round if you shop on ebay or amazon

if you are like me you shop round on ebay there was a email i got today claiming to be from ups parcel service, the email says they tried to deliver your goods and need you to click a link to re-deliver

do not click the link!!
it is a worm, a virus like program that sticks to your computer and spread to contacts

hope that helps
andy