/ Technology

Scam watch: Have you spotted a spoof email?

phishing email

A Which? member’s wife’s email account was hacked and her details were used to send a very convincing phishing email containing a link to a copycat website to her contacts. Had the link been clicked on by the recipients, it could have asked for financial details or contained malware.

Member Giles Youngs told us:

‘My sister recently got an email that appeared to be from me, but in fact came from my wife’s email – she hadn’t noticed the unusual email address.

‘It contained a link that appears to direct you to Ancestry.co.uk, the family history website, and was advertising the opportunity to view the life story of our late aunt, mentioning her name in full.

‘I subscribe to Ancestry.co.uk, and my family tree is available to other members, although the identities of living people, such as my wife and sister, are kept anonymous. My sister forwarded me the email, asking if I had sent the correct link (as it led to a free trial offer).

‘I called and warned her that neither I, nor Ancestry.co.uk had sent that email.

‘I’ve informed my bank of this possible scam, but haven’t contacted anyone else yet.’

Our say on spoof emails

It appears that someone has hacked into your wife’s email account, discovered her personal details and used them to send a very convincing phishing email.

These emails often lead to copycat websites that ask for financial details and/or contain malware.

We advise running a virus scan on all computers that the link was opened on. Make sure that your wife changes the password on her email account and all other online accounts.

Check the email settings for mail forwarding, signatures, and out-of-office replies to ensure they’ve not been altered.

Finally, report this case to Action Fraud.

Have you come across a similar spoof email? What did you do about it?

Comments

This comment was removed at the request of the user

A friend of mine has thought she has had a stalker for going on 8 years now because of spoof emails.

I can’t remember the exact words that were used but her daughter had received 2 emails from a friend that said something like ” Hey hun/darling/some-pet-name, check this out”. Her daughter clicked on the links and emails were sent to her mum and probably everyone else in her address book. The pet names and words in the email were exactly the same as a very unpleasant ex had said to her at one time. Her daughter denied sending her the emails as she didn’t realise what had happened and her stalker was born.

I did tell her what they were at the time, but it didn’t register, I didn’t realise how serious it would get and the emails are now long gone.

This comment was removed at the request of the user

Many People are too trusting ! They trust the Police ,banks etc. and people they know ! Oh the Internet you must trust nothing or nobody But some will never learn Sad but true ! Treat ALL Emails with suspicion

I had one (I think now well known) from HMRC informing me of a Tax Rebate which despite several letters I had not claimed–& of course the usual link.Reading through I picked up a couple of spelling mistakes & the style of writing was not what I would expect from an ‘official source’. However by that time many people might have clicked the link.

The banks are still far too reticent in disclosing the numbers of crooked employees they have. Scam emails can seem genuine when they mention things which only you and your bank know. But banks don’t want to admit that they have any reprobates on their side of the counter. And that’s worrying.

Googlemail seem to err on the side of caution, I very rarely get a spoof mail from them these days, but other email companies aren’t so good. I sometimes wonder if this is because of the amount of information that they must hold about me by now (Although their targetted advertising is still pretty rubbish).

When I do get a dodgy email nowadays I just click on the ‘report spam’ box. The more people that do that, the faster the companies can spot them and stop them.

I seem to receive scam and phishing emails in batches. I always send them to the company they claim to be from for them to check out – e.g spoof@paypal.com or phishing@(bank name).co.uk. If you are unsure of who to report it to try both ‘spoof@’ or ‘phishing@’ and NEVER click any link to a company in an email.

I got one a while back – one of the Nigerian send me some money to release millions type. I played along and asked him to ring me at work. I said to ask for mr P.C. Pigg and gave him the number for Oldham police. He even had the cheek to email me back telling me that he didn’t appreciate his time being wasted!!

This topic is becoming an ever increasing problem for many people we see more and more on a daily basis.

Some companies are easier to report scams and phishing than others. Virgin is not easy but NatWest is. There should be a ‘clearing’ house where these emails can be directed to the companies that the crooks are using.

Facebook friends who do not use this method of communication very often have said ‘Sorry I did not reply to your message’ when I haven’t sent one. Similarly, I find the names of people on my list whom I rarely contact appear as the sender of messages, usually inviting me to open some other site. I don’t know how phishers and scammers manage to get hold of rarely used contacts on our lists, but they do. So don’t open anything with an old name without checking with the person first, or report it as scam.

David Gordon says:
1 March 2017

I’ve recently received an email purporting to come from Paypal. I suspected it was a scam and tried to forward it to Paypal. Their system rejected it! I telephoned them and they said I had to forward it to the .co.uk site, not the .com one I’d used. I did this and again it was rejected! It seems Paypal don’t want to know about scams sent in their name!

This comment was removed at the request of the user

When checking my emails I hold the curser over the sender. when doing this the sender’s email address shows up, so it you don’t recognise it you can report it to spam and then delete it. I NEVER click on links on these types of emails

Also, at least in Firefox, if you hover the cursor over links, it will reveal the full link address, which can help reveal dodgy links.

I’ve just received an eBay email entitled “Updates to the eBay.co.uk User Agreement” which seems to be genuine, i.e. the same message also appeared in my “My eBay” inbox.

That said, in the email version there are links that expand to use roverebaycom addresses and those differ from the more direct links given in the My eBay version.

Clicking the email links (from a test PC) did ultimately open only legitimate eBay web pages – but I’d very much prefer to only receive emails without links in them. (I’m quite capable of logging into eBay if I want to, even when I’m not needing a retail therapy fix.)

If I do find any dodgy web links, I will usually report them to Google here:

safebrowsing.google.com/safebrowsing/report_phish/?hl=en

A very useful link Derek.đź‘Ť

Agreed. Exactly the sort of link that should be on a specially devised topic dedicated to such links.

Is anybody listening out there?

I have today received a message from Norfolk Trading Standards service about a scam attempt based on a
“verification” e-mail, which purports to be from Microsoft’s Office 365, advising that the recipient’s e-mail address needs to be updated to the 2020 version.

The message warns that your account will be blocked or suspended if you fail to update correctly. It instructs you to click a link to complete the verification and update. However, Microsoft did not send the email and it has no connection to Office 365.

[Clicking the update link opens a page hosted on Google Forms that asks for your username, email address, and password. If you complete and submit the form, the information you have entered can be collected by criminals and used to hijack your account. Once they have gained access, the criminals can use the account to distribute fraudulent material in your name, access documents you have stored online and commit further fraudulent activities.]

Trading Standards confirms that Microsoft would never use a login form supplied and hosted by rival Google. Nor will they ever send you an email demanding that you click a link to log in and update account details.

Ironically, the Google Form that the scammers have used to host their fraudulent login form has the following warning at the bottom: “Never submit passwords through Google Forms“. Sadly, some will fall for it.

There are other scam indicators in the language used in the fake e-mail message.

This comment was removed at the request of the user

If the American detection system is so effective, why are so many people being scammed in the USA?

You say “due to globalisation, people and companies are ‘masking’ their e-mail addresses to appear the genuine article”. That seems to be a contradiction. Why would a company that is “the genuine article” mask its e-mail address? Can you give an example of a company that does this? I am certainly not aware of any such practices. I can’t see the point anyway – there are plenty of ways of seeing the e-mail address of any company that trades publicly – their literature, their letterheads, their corporate livery, their advertisements, their statutory annual report, their Companies House file, their stock exchange listing, and so on. As a last resort you can Google it and see what comes up. I see this as a false statement used to support the ludicrous and desperate theory that the government will not crack down on number spoofing and e-mail scams because that would upset the business community.

This comment was removed at the request of the user

Well you think it does, Duncan . . . but, as you say, it’s a big country and the reach of the Federal agencies is neither universal nor consistent. We in the UK get the regulation and enforcement we deserve and can afford and, as in all public services, it’s a matter of priorities.

At least we have a system here that brings scams to the notice of the public and does take action against those who can be identified. If people disregard the advice given what are the authorities expected to do?

I am signed up to alerts from my county council’s Trading Standards service; most are local matters that will not be of interest outside the county but some are national problems. Which? and the media also highlight the risks of opening dodgy e-mails, clicking on links, buying from unknown traders, getting hooked on implausible telephone calls, signing up to offers that are too good to be true, and so on. At what point do we say “You have been warned”?

Which? is a non-government organisation [NGO]; it is not overwhelmed by complaints, except when it deliberately sets up a topic. It performs a valuable public service but unfortunately it has not yet found a solution to the problems of tracing and identifying scammers – possibly because there isn’t one.

I have neutralised the negative mark under your comment but that doesn’t mean I agree with you 100%!

This comment was removed at the request of the user

Only those companies and interests with deep pockets can influence the American government, Duncan.

With respect, I challenge your assertion that “this country and the EU are highly influenced by the White House”. I beg to differ; both the UK and the EU are trying to identify their own place in the world based on a more liberal interpretation and understanding of the needs of its people, not just the demands of big business.

Unlike you, I am not on first name terms with the US President and have yet to see much evidence that “he is no fool”. Is he also not a bully? It’s a long time since herds of bison roamed the plains of America but occasionally a stray beast appears.

This comment was removed at the request of the user

They haven’t had much success changing the gun laws. We’ll have to see what impeachment does to Donald (probably a waste of effort) but, like many politicians, I’ve little respect for his approach and ill-thought-through actions; let alone leading the current fashion of tweeting without reference to his team.

I agree with John on the position of the UK and EU. We have to tread a careful line when dealing with other nations but, so far, the EU does not seem to have given in to chlorinated chicken, growth promoters in meat, GM foods – well, not as far as I know. Let’s hope that continues.

Hi everyone – can we get back on topic? I know American politics can be interesting but this isn’t really the place for it! Thanks! 🙂