The Anonymous Widower

A Classic Phish

I received this today, purportedly from Vodafone.

Dear Customer,

You have a pending security update on your Vodafone account to protect you against online theft.

Kindly visit http://www.vodafone.co.uk/new_security/update/account.html

Regards

The Vodafone Team

It’s been well setup, but it does exactly what you think.  It points to a fake site and probably steals all of your details.

It actually points to a site called eadecom.net which is registered by Jose Canyellas Vila, who gave details of.

josep@senyal.com

LLuis Companys, 1 8-2
   Lleida 25003

It wouldn’t make any difference to me, as I’ve never had any account with Vodafone.

Nice one, Jose. All it meant that was your details are now with the guys with heavy boots and even heavier truncheons. You better get the toilet paper ready.  You’re going to need lots of it.

I’m not the first person to find Jose.  He’s mentioned on PhishTank.

October 12, 2012 Posted by | Computing | , , , | 1 Comment

Job Scam – Hyde Park Hotel Revisited

In February 2010, I put up a post called Job Scam – Hyde Park Hotel.  I’ve checked the hotel on Trip Advisor and there entry is here. it looks very little different to many hotels of this type in london.

My original post has since had a life of its own, if you look at the over a hundred comments on the site. And it is still regularly visited with page counts of

2010 – 1032

2011 – 541

2012 – 275

in the last three years.

It looks like the e-mails are starting to find mugs again, as I’ve had a couple of extra comments on the original post in the last couple of days.

This time though a figure of £210 is mentioned. So it’s obviously a worthwhile scam for those perpetrating it.

October 11, 2012 Posted by | Computing | , , , | Leave a comment

Do These Scams Still Work?

I got this e-mail today with a title of Heir Information.

Greetings, I am Norman Wong, Chief Auditor Hong Leong Bank. I got your contact email from an online directory; I would need your assistance in re-profiling funds belonging to my late client who shares similar surnames with you. Contact me on my private email for more detailed information.

Regards,

Norman Wong

I still get the occasional one, so sadly they must still bring in the odd mug. The e-mail actually came from Iran, although it may have been routed by South Africa. Could the Iranian connection, indicate it was sent more in hope than expectation? The spelling and grammar are good, which shows a certain level of education.

August 20, 2012 Posted by | Computing | , , , | Leave a comment

A Verified-By-Visa Scam

Moneywise is reporting a scam on that stupid so-called security system, Verified-by-Visa. I’ve never liked it.

I also only ever use my Visa card on the Internet, when I have no choice. But as the Olympics will be over soon, I shall probably be sticking my Visa card somewhere, where I’m not tempted to use it on-line.

August 7, 2012 Posted by | Computing, News | , , , | 3 Comments

It Must Be The Silly Season!

I’m getting masses of spam, trying to get me to join casinos. I haven’t seen it at this level for a couple of years.

They say there’s one born every minute, but it would appear that most of them are promoting on-line casinos. I suppose it could be due to a large number of unemployed kids, who’ve just left university and this is the only job they can get.

It’s so sad really.

August 2, 2012 Posted by | Computing, World | , , , | 1 Comment

Mobile Phone Insurance

I like this post from Moneywise, saying that mobile phone insurance is the next scam.

I don’t have it, as it would just cost too much to insure a Nokia 6310i

July 10, 2012 Posted by | News | , , , | Leave a comment

My Junkberry Has Now Packed Up Completely

This morning the Junkberry has now given up completely.

When I went to go shopping, I thought I’d give it a go, but it was as dead as the proverbial dodo.

To make things worse, I just got a nuisance timewasting call from a scammer on my land-line. I gave them an alternative number, who will be really pleased to get the timewasters.

I

June 5, 2012 Posted by | World | , , | Leave a comment

Are Fake Job Adverts Returning?

I haven’t seen any for some time, but this one turned up this morning.

Hot Jobs from Reliable and Successful Company Running its business since 2005, Company has several openings for goal-oriented and independent individuals looking for excellent career opportunities.

Requirements
– 25+ years old
– UK citizenship
– No criminal record
– Good credit history
– Basic computer skills
– A proven level of secondary education

What we offer
– high and stable income
– exciting career opportunities
– two weeks’ paid holiday a year
– great team to work with
– bonuses and our private employee loyalty programme benefits
– and many other things

What you do is just work from home and get advantage of all these opportunities, as the job we offer requires only a few hours of your time spent on your computer.

You are full of energy, learn fast and seek for best career opportunities? Do contact us at xxx@xxx.com and we will get back to you as soon as possible.
 
We look forward to welcoming you as a new employee.
Sincerely,
irvine thierry

It was a bit better than most of the previous scams, which are designed to get your bank account details, so you can donate large sums of money to the criminals.  It was even sent from what looked like a valid UK e-mail address, although mine was addressed to a man called Fidole Shem, who is definitely not me.

It was also marked by my anti-spam system as spam.

But what was a real giveaway was the low level of paid holidays.  I wouldn’t get out of bed for a job like that!

So it went the way of the others and I dispatched it humanely with the delete key.

July 12, 2011 Posted by | Computing, World | , , | 7 Comments

Phishing Scams From Someone Claiming to be HMRC

We all get these and some look like they come from sensible addresses like alert@hmrc.gov.uk.

Here’s a typical content.

Date 21/05/2011
A tax refund of 1560.10 GBP .(Still Pending) Due to invalid account record we were unable to credit your account Please submit a verified tax refund request.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.
Click the “Refund Me Now” link below and follow the on screen step in order to have us process your request.

Refund Me Now Note: For security reasons, we will record your ip-address, the date and time,Deliberate wrong inputs are criminally pursued and indicated.

 
Best Regards,
HM Revenue & Customs

They are all a scam designed to get your login asnd password to the HMRC web site.

They show all of the typical mistakes of scammers.

  1. Why would they say 2510 GBP, when the £2510.00 would probably be used?
  2. The English is a bit clunky.  But then so is a lot of Civil Servant-speak!
  3. I especially like the last bit saying “Deliberate wrong inputs are criminally pursued and indicated.” What do they mean about indicated? Does a nice young lady all dressed like Lady Gaga in leather come round and give you a ticking off?  Now that will be fun!
  4. And then there’s the Best Regards bit! Very HMRC! I don’t think!

So what should you do with these e-mails, other than comply with what they say?

The real HMRC have a page which says what to do.

Note this clear statement on the page.

HMRC will never send notifications of a tax rebate by email, or ask you to disclose personal or payment information by email.

You should never disclose your personal and/or payment information in reply to an email that may look like it’s from HMRC, you may well be revealing your details to a fraudulent website.

 

It also says you should forward them to phishing@hmrc.gsi.gov.uk

I shall be sending a few today, so let’s see what happens.

May 26, 2011 Posted by | Computing, World | , , , | Leave a comment

Beware of Order.zip

I’ve got another of this nasty things this morning. This one was actually addressed to one of my main e-mails, so perhaps the spammers have modified them to make them more likely to get through. The structure of the e-mail always seems to be similar.

The title of those I have received is usually something like ORDER and a number.

All of the bodies are similar to this.

Dear customer.

Your order has been accepted. Your order reference is 94636.

Terms of delivery and the date can be found with the auto-generated msword file located at:

http://www.xxxxxxx.xxx/order2/Order.zip?to_client: zzz@zzzzzz.zzz

==
Best regards, Tel./Fax.: (168) 000 52 337.

Obviously the xxx’s and zzz’s obscure the danger. The zzz’s in one case were my e-mail address.

Note the phone number at the bottom, which doesn’t mean anything to me.

This form of the e-mail is the first I’ve seen.  It will change in the future, once the anti-virus companies get their systems updated to stop these e-mails.

The last e-mail I got used a domain registered in Germany.  The e-mail came from Russia.

May 11, 2011 Posted by | Computing, World | , , | Leave a comment

« Previous Entries     Next Entries »