/ Technology

Scam watch: Have you spotted a spoof email?

18
phishing email
Profile photo of Joe Elvin Joe Elvin Online Writer
Comments 18

A Which? member’s wife’s email account was hacked and her details were used to send a very convincing phishing email containing a link to a copycat website to her contacts. Had the link been clicked on by the recipients, it could have asked for financial details or contained malware.

Member Giles Youngs told us:

‘My sister recently got an email that appeared to be from me, but in fact came from my wife’s email – she hadn’t noticed the unusual email address.

‘It contained a link that appears to direct you to Ancestry.co.uk, the family history website, and was advertising the opportunity to view the life story of our late aunt, mentioning her name in full.

‘I subscribe to Ancestry.co.uk, and my family tree is available to other members, although the identities of living people, such as my wife and sister, are kept anonymous. My sister forwarded me the email, asking if I had sent the correct link (as it led to a free trial offer).

‘I called and warned her that neither I, nor Ancestry.co.uk had sent that email.

‘I’ve informed my bank of this possible scam, but haven’t contacted anyone else yet.’

Our say on spoof emails

It appears that someone has hacked into your wife’s email account, discovered her personal details and used them to send a very convincing phishing email.

These emails often lead to copycat websites that ask for financial details and/or contain malware.

We advise running a virus scan on all computers that the link was opened on. Make sure that your wife changes the password on her email account and all other online accounts.

Check the email settings for mail forwarding, signatures, and out-of-office replies to ensure they’ve not been altered.

Finally, report this case to Action Fraud.

Have you come across a similar spoof email? What did you do about it?

Comments
18
duncan lucas says:
20 November 2016

I have just read the full T+C of Ancestry.com a whole web-page full . Where do I start ? All you data is shared worldwide , it is kept on US servers subject to direct intervention by US “agencies ” . Your data is given to third parties to provide advertising to you . A profile of you is built up using additional information collected from “social websites ” and that information could be displayed (in parts ) on their websites. Be aware under the “kept hidden by the media ” new Data Transfer Law all EU subjects personal data is transferred to the USA to be used by them , US law protecting US citizens isnt the same as foreigners who have their data held on US servers . It doesnt matter what this company says its data is not secure by any stretch of the imagination . They tried for a year to get me on it -sorry security services any data on me will be what I divulge on the web openly. Trust nobody on the web , its all down to money–for them.

13
 |     Reply    Report
Share   
alfa says:
20 November 2016

A friend of mine has thought she has had a stalker for going on 8 years now because of spoof emails.

I can’t remember the exact words that were used but her daughter had received 2 emails from a friend that said something like ” Hey hun/darling/some-pet-name, check this out”. Her daughter clicked on the links and emails were sent to her mum and probably everyone else in her address book. The pet names and words in the email were exactly the same as a very unpleasant ex had said to her at one time. Her daughter denied sending her the emails as she didn’t realise what had happened and her stalker was born.

I did tell her what they were at the time, but it didn’t register, I didn’t realise how serious it would get and the emails are now long gone.

3
 |     Reply    Report
Share   
Hide replies ∧
duncan lucas says:
20 November 2016

Thats the whole problem with this issue –human nature and emotions .Not all people are nice , as someone who spent his childhood in a tough area and spent 19 years going into peoples houses it was a real “eye opener ” . I met all types of criminals who for various reasons wanted/needed money , and dont think this applies to the poor only , many middle class and others were just as bad , only they were more sophisticated about it. Even “men of the cloth ” were not above reproach . As part of my job I had to keep my mouth shut otherwise my life would be a lot shorter but I know people who spend the rest of their life causing mental/physical harm to others if they think they have been “wronged ” in some way , some even enjoy it , just look at the Troll situation on the web its massive , obviously those people need help of some sort but by their actions they never get it . Some have real deep mental problems no friend/neighbour can help with and with the cut-backs in this country I know for a fact as do the mental help charities that this is not forthcoming only reduced to – “help in the community ” -aka- save money exercise , not yours of course , it will only get worse .

4
 |     Reply    Report
Share   
bishbut says:
21 November 2016

Many People are too trusting ! They trust the Police ,banks etc. and people they know ! Oh the Internet you must trust nothing or nobody But some will never learn Sad but true ! Treat ALL Emails with suspicion

6
 |     Reply    Report
Share   
Hide replies ∧
Muriel says:
19 May 2017

I had one (I think now well known) from HMRC informing me of a Tax Rebate which despite several letters I had not claimed–& of course the usual link.Reading through I picked up a couple of spelling mistakes & the style of writing was not what I would expect from an ‘official source’. However by that time many people might have clicked the link.

0
 |     Reply    Report
Share   
Ian says:
21 November 2016

The banks are still far too reticent in disclosing the numbers of crooked employees they have. Scam emails can seem genuine when they mention things which only you and your bank know. But banks don’t want to admit that they have any reprobates on their side of the counter. And that’s worrying.

4
 |     Reply    Report
Share   
JJMMWG Dupree says:
21 November 2016

Googlemail seem to err on the side of caution, I very rarely get a spoof mail from them these days, but other email companies aren’t so good. I sometimes wonder if this is because of the amount of information that they must hold about me by now (Although their targetted advertising is still pretty rubbish).

When I do get a dodgy email nowadays I just click on the ‘report spam’ box. The more people that do that, the faster the companies can spot them and stop them.

4
 |     Reply    Report
Share   
Jennie says:
21 November 2016

I seem to receive scam and phishing emails in batches. I always send them to the company they claim to be from for them to check out – e.g spoof@paypal.com or phishing@(bank name).co.uk. If you are unsure of who to report it to try both ‘spoof@’ or ‘phishing@’ and NEVER click any link to a company in an email.

1
 |     Reply    Report
Share   
Tony says:
22 November 2016

I got one a while back – one of the Nigerian send me some money to release millions type. I played along and asked him to ring me at work. I said to ask for mr P.C. Pigg and gave him the number for Oldham police. He even had the cheek to email me back telling me that he didn’t appreciate his time being wasted!!

6
 |     Reply    Report
Share   
itsolutionssiteltd says:
23 November 2016

This topic is becoming an ever increasing problem for many people we see more and more on a daily basis.

1
 |     Reply    Report
Share   
PatrickNewman says:
26 November 2016

Some companies are easier to report scams and phishing than others. Virgin is not easy but NatWest is. There should be a ‘clearing’ house where these emails can be directed to the companies that the crooks are using.

3
 |     Reply    Report
Share   
Pat Humphrey says:
29 November 2016

Facebook friends who do not use this method of communication very often have said ‘Sorry I did not reply to your message’ when I haven’t sent one. Similarly, I find the names of people on my list whom I rarely contact appear as the sender of messages, usually inviting me to open some other site. I don’t know how phishers and scammers manage to get hold of rarely used contacts on our lists, but they do. So don’t open anything with an old name without checking with the person first, or report it as scam.

0
 |     Reply    Report
Share   
David Gordon says:
1 March 2017

I’ve recently received an email purporting to come from Paypal. I suspected it was a scam and tried to forward it to Paypal. Their system rejected it! I telephoned them and they said I had to forward it to the .co.uk site, not the .com one I’d used. I did this and again it was rejected! It seems Paypal don’t want to know about scams sent in their name!

0
 |     Reply    Report
Share   
Hide replies ∧
duncan lucas says:
1 March 2017

Your lucky that is your only problem with Paypal David , in the States if they don’t want to communicate with you on a lot of matters –they don’t , even lawyers letters get ignored.

0
 |     Reply    Report
Share   
Litle Owl says:
11 March 2017

When checking my emails I hold the curser over the sender. when doing this the sender’s email address shows up, so it you don’t recognise it you can report it to spam and then delete it. I NEVER click on links on these types of emails

2
 |     Reply    Report
Share   
Hide replies ∧
DerekP says:
1 February 2019

Also, at least in Firefox, if you hover the cursor over links, it will reveal the full link address, which can help reveal dodgy links.

I’ve just received an eBay email entitled “Updates to the eBay.co.uk User Agreement” which seems to be genuine, i.e. the same message also appeared in my “My eBay” inbox.

That said, in the email version there are links that expand to use roverebaycom addresses and those differ from the more direct links given in the My eBay version.

Clicking the email links (from a test PC) did ultimately open only legitimate eBay web pages – but I’d very much prefer to only receive emails without links in them. (I’m quite capable of logging into eBay if I want to, even when I’m not needing a retail therapy fix.)

If I do find any dodgy web links, I will usually report them to Google here:

safebrowsing.google.com/safebrowsing/report_phish/?hl=en

0
 |     Reply    Report
Share   
alfa says:
1 February 2019

A very useful link Derek.👍

1
 |     Reply    Report
Share   
Ian says:
1 February 2019

Agreed. Exactly the sort of link that should be on a specially devised topic dedicated to such links.

Is anybody listening out there?

2
 |     Reply    Report
Share   
 

Related discussions