Phishing attempts

  • Thread starter Deleted member 6183
  • Start date
Page may contain affiliate links. Please see terms for details.
DrFeelgood said:
3 more today, 2 claiming to be from my bank saying that my account has been accessed and I should click the link if it wasn't me and another claiming to be from Office365 and telling me to log in and renew my subscription.

I report these every time but suspect that MS cannot keep up.
Click to expand...
Are you using webmail? If not, do you have a good mail filter?
 
DrFeelgood said:
Yes to both.

My business email is the target, it's a funny old game. I do my best to be more visible online but some days it seems that it's only the wrong 'uns who find me
Click to expand...
I'm surprised your webfilter or mail provider isn't blocking these in most cases.

Do you have your email address included on any webpages, or do you use a webform? If your email address is "visible" then it could be collected by nasties crawling around the Internet looking for them.

An alternative is that a website you have legitimately registered to use has been compromised, and your email address is one of many which has been sold on.
 
Bobby Dazzler said:
I'm surprised your webfilter or mail provider isn't blocking these in most cases.

Do you have your email address included on any webpages, or do you use a webform? If your email address is "visible" then it could be collected by nasties crawling around the Internet looking for them.

An alternative is that a website you have legitimately registered to use has been compromised, and your email address is one of many which has been sold on.
Click to expand...

My email address and form are both on my website. My business involves registering with very many websites although, in the main, their security is more robust than the average.

I suppose that I'll have to accept that it's a consequence of my circumstances, I do worry that I'll be caught unawares if I was to take my eye off the ball.
 
DrFeelgood said:
My email address and form are both on my website. My business involves registering with very many websites although, in the main, their security is more robust than the average.

I suppose that I'll have to accept that it's a consequence of my circumstances, I do worry that I'll be caught unawares if I was to take my eye off the ball.
Click to expand...
Best to assume every email is dodgy, and never click a link. Sad but safe.
 
DrFeelgood said:
My email address and form are both on my website. My business involves registering with very many websites although, in the main, their security is more robust than the average.

I suppose that I'll have to accept that it's a consequence of my circumstances, I do worry that I'll be caught unawares if I was to take my eye off the ball.
Click to expand...

Get rid of your email address from your website and just use a contact us form. A lot of spam and phishing systems search websites for email addresses.
 
DrFeelgood said:
My email address and form are both on my website. My business involves registering with very many websites although, in the main, their security is more robust than the average.

I suppose that I'll have to accept that it's a consequence of my circumstances, I do worry that I'll be caught unawares if I was to take my eye off the ball.
Click to expand...

I just did a quick check and your enquiries address is on open display on a number of sites related to your business. So even if you use an enquiry form you will still be leaking out elsewhere.

When you get chance forward me through a couple of typical spam emails and I will take a look. There might be some additional steps you can take to filter out the most frequent offenders.
 
Top tip - if you use Gmail (it's free for a single account. and you can have it pick up email from other accounts for you, and reply "from" those accounts), it's spam trap is *awesome*.

I've been on t'web since 1995 and in the last 3-4 months I've had 2 "actual spam" mails get through, and <5 get flagged incorrectly (and they were mailing list mails)

Also, everyone forgets that a + sign is a valid char in an email address, as is a . (period)
If you register something like "robert.smith", you can use the following:
[email protected]
[email protected]
[email protected]
etc etc - they ALL get back to you. So you can use hybrids to sign up to stuff, and track who sells your crap on.
Since I started doing that it's REALLY cut down on things.... (not to say they can't strip off anything after the +, but so far...)

EDIT : the above has turned the email addresses to links. So please don't email the lead singer of the Cure...
 
Patagonian said:
I just did a quick check and your enquiries address is on open display on a number of sites related to your business. So even if you use an enquiry form you will still be leaking out elsewhere.

When you get chance forward me through a couple of typical spam emails and I will take a look. There might be some additional steps you can take to filter out the most frequent offenders.
Click to expand...
Will do.
 
triple h said:
i've had a few from hmrc saying i'm owed for over paying income tax, surprised by those as i'm a full time carer for a family member so not working

had a pay pal one at the weekend too and asian/russian women looking for a date
Click to expand...

Did you get a snog ?
 
DrFeelgood said:
Will do.
Click to expand...

The 0365 email you forwarded to me alerted Google too:

upload_2018-3-22_7-12-56.png


Here's one of the offending sections from the original email:

(don't worry, it's a screen grab, not a live link)


upload_2018-3-22_7-16-49.png

Which, if clicked, takes you to a phishing site with an address not too dissimilar to the original. Simple, but effective, even if it ends up in the spam folder.

.
 
I have one come nealy every other day - meet young russian woman lots to choose from .
And also i then had emails to saying i had sent them .And to stop or the police will be inbolved .
 
Latest attempt.

Working in the garden when my phone beeped for approval of access to my Outlook email account (I have dual authentication set up).

Naturally denied access so now I have returned to the office I can see that someone using Firefox and in Greater London has had a go at logging in.

This is after about a dozen messages telling me to log in to Outlook as my (paid monthly) subscription is going to expire immediately and I will lose access.

It beginning to feel like a battle.
 
optimusprime said:
I have one come nealy every other day - meet young russian woman lots to choose from .
And also i then had emails to saying i had sent them .And to stop or the police will be inbolved .
Click to expand...

I had the same, I believe that the chap threatening to contact the Police was just another potential victim who must have clicked 'reply to all'.
 
optimusprime said:
I have one come nealy every other day - meet young russian woman lots to choose from .
And also i then had emails to saying i had sent them .And to stop or the police will be inbolved .
Click to expand...
I’m clearly missing out because I never get emails about meeting young Russian women (or those of any other nationality). I just get inundated with offers to do my accounts, improve Google ranking or handle my data. Hang on, is that last one what you guys are talking about?
 
knighterrant said:
I’m clearly missing out because I never get emails about meeting young Russian women (or those of any other nationality). I just get inundated with offers to do my accounts, improve Google ranking or handle my data. Hang on, is that last one what you guys are talking about?
Click to expand...
No.

It was handling my dongle that I was offered.
 
Ho I have had those about the pill that puts lead in the pencil .But I sent an email back, and I told them ,its not the lead in the pencil I need, but a place to put it in to. And next day I had this reply to say they did those also .,
 
moonloops said:
Get rid of your email address from your website and just use a contact us form. A lot of spam and phishing systems search websites for email addresses.
Click to expand...

I'm now even getting spam through my "contact me" form.

At least it's easy to click "delete" - far easier than opening envelopes and putting the contents in the recycling pile...
 
I don't use the contact forms and prefer to send an email from my email account as I like to have a copy of the original email. This is especially good for work as it gives me the ability to track what and when I emailed a company and can chase them after a week if I haven't heard back. If I can't find an email I generally go else where as nearly everyone has it available. Just my 2p
 
Against phishing I recommend friends to use Gmail to process your email. (they know I worked at Google). A disadvantage is that your email goes through another server/company/process, but if you are ok with trusting Google with it as much as you already do with your email provider...

An example. A non-practising doctor friend of mine was getting unmanageable amounts of spam on his one email account Z, such that less than 5% was real mail he cared about. I advised him (and helped him set up) a Gmail account that auto-imported all his Z email offering very good spam detection and auto-sorting.

To compare results I set Gmail to not delete his email on Z's servers, so, in effect he had two independent copies of all his mail, enabling him to also switch back seamlessly if needed. He can also send email from his Z account using the Gmail interface (browser and app).

He noticed a dramatic positive difference from the first day with Gmail and has not gone back (but could instantly, at any time).

An advantage is that he also has a Gmail email address he can use if needed.

Sent from my G3112 using Tapatalk
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top Bottom