/ Technology

Scam watch: Have you spotted a spoof email?

15
phishing email
Profile photo of Joe Elvin Joe Elvin Online Writer
Comments 15

A Which? member’s wife’s email account was hacked and her details were used to send a very convincing phishing email containing a link to a copycat website to her contacts. Had the link been clicked on by the recipients, it could have asked for financial details or contained malware.

Member Giles Youngs told us:

‘My sister recently got an email that appeared to be from me, but in fact came from my wife’s email – she hadn’t noticed the unusual email address.

‘It contained a link that appears to direct you to Ancestry.co.uk, the family history website, and was advertising the opportunity to view the life story of our late aunt, mentioning her name in full.

‘I subscribe to Ancestry.co.uk, and my family tree is available to other members, although the identities of living people, such as my wife and sister, are kept anonymous. My sister forwarded me the email, asking if I had sent the correct link (as it led to a free trial offer).

‘I called and warned her that neither I, nor Ancestry.co.uk had sent that email.

‘I’ve informed my bank of this possible scam, but haven’t contacted anyone else yet.’

Our say on spoof emails

It appears that someone has hacked into your wife’s email account, discovered her personal details and used them to send a very convincing phishing email.

These emails often lead to copycat websites that ask for financial details and/or contain malware.

We advise running a virus scan on all computers that the link was opened on. Make sure that your wife changes the password on her email account and all other online accounts.

Check the email settings for mail forwarding, signatures, and out-of-office replies to ensure they’ve not been altered.

Finally, report this case to Action Fraud.

Have you come across a similar spoof email? What did you do about it?

Comments
15
Member
duncan lucas says:
20 November 2016

I have just read the full T+C of Ancestry.com a whole web-page full . Where do I start ? All you data is shared worldwide , it is kept on US servers subject to direct intervention by US “agencies ” . Your data is given to third parties to provide advertising to you . A profile of you is built up using additional information collected from “social websites ” and that information could be displayed (in parts ) on their websites. Be aware under the “kept hidden by the media ” new Data Transfer Law all EU subjects personal data is transferred to the USA to be used by them , US law protecting US citizens isnt the same as foreigners who have their data held on US servers . It doesnt matter what this company says its data is not secure by any stretch of the imagination . They tried for a year to get me on it -sorry security services any data on me will be what I divulge on the web openly. Trust nobody on the web , its all down to money–for them.

13
 |     Reply    Report
Share   
Member
alfa says:
20 November 2016

A friend of mine has thought she has had a stalker for going on 8 years now because of spoof emails.

I can’t remember the exact words that were used but her daughter had received 2 emails from a friend that said something like ” Hey hun/darling/some-pet-name, check this out”. Her daughter clicked on the links and emails were sent to her mum and probably everyone else in her address book. The pet names and words in the email were exactly the same as a very unpleasant ex had said to her at one time. Her daughter denied sending her the emails as she didn’t realise what had happened and her stalker was born.

I did tell her what they were at the time, but it didn’t register, I didn’t realise how serious it would get and the emails are now long gone.

3
 |     Reply    Report
Share   
Hide replies ∧
Member
duncan lucas says:
20 November 2016

Thats the whole problem with this issue –human nature and emotions .Not all people are nice , as someone who spent his childhood in a tough area and spent 19 years going into peoples houses it was a real “eye opener ” . I met all types of criminals who for various reasons wanted/needed money , and dont think this applies to the poor only , many middle class and others were just as bad , only they were more sophisticated about it. Even “men of the cloth ” were not above reproach . As part of my job I had to keep my mouth shut otherwise my life would be a lot shorter but I know people who spend the rest of their life causing mental/physical harm to others if they think they have been “wronged ” in some way , some even enjoy it , just look at the Troll situation on the web its massive , obviously those people need help of some sort but by their actions they never get it . Some have real deep mental problems no friend/neighbour can help with and with the cut-backs in this country I know for a fact as do the mental help charities that this is not forthcoming only reduced to – “help in the community ” -aka- save money exercise , not yours of course , it will only get worse .

4
 |     Reply    Report
Share   
Member
bishbut says:
21 November 2016

Many People are too trusting ! They trust the Police ,banks etc. and people they know ! Oh the Internet you must trust nothing or nobody But some will never learn Sad but true ! Treat ALL Emails with suspicion

6
 |     Reply    Report
Share   
Hide replies ∧
Member
Muriel says:
19 May 2017

I had one (I think now well known) from HMRC informing me of a Tax Rebate which despite several letters I had not claimed–& of course the usual link.Reading through I picked up a couple of spelling mistakes & the style of writing was not what I would expect from an ‘official source’. However by that time many people might have clicked the link.

0
 |     Reply    Report
Share   
Member
Ian says:
21 November 2016

The banks are still far too reticent in disclosing the numbers of crooked employees they have. Scam emails can seem genuine when they mention things which only you and your bank know. But banks don’t want to admit that they have any reprobates on their side of the counter. And that’s worrying.

4
 |     Reply    Report
Share   
Member
JJMMWG Dupree says:
21 November 2016

Googlemail seem to err on the side of caution, I very rarely get a spoof mail from them these days, but other email companies aren’t so good. I sometimes wonder if this is because of the amount of information that they must hold about me by now (Although their targetted advertising is still pretty rubbish).

When I do get a dodgy email nowadays I just click on the ‘report spam’ box. The more people that do that, the faster the companies can spot them and stop them.

4
 |     Reply    Report
Share   
Member
Jennie says:
21 November 2016

I seem to receive scam and phishing emails in batches. I always send them to the company they claim to be from for them to check out – e.g spoof@paypal.com or phishing@(bank name).co.uk. If you are unsure of who to report it to try both ‘spoof@’ or ‘phishing@’ and NEVER click any link to a company in an email.

1
 |     Reply    Report
Share