The above organisation is the UK’s national fraud reporting centre. They have recently warned of three new “phishing” scams – two by email and one by letter – which can put passwords, bank account details and other personal information at risk. Charities may already have received a warning about the email scams from the Charity Commission, but the risk applies to all organisations whether charities or not, as well as businesses and individuals.
If you think your organisation or workplace, or you as an individual, have been affected by any phishing scam or other type of fraud, it should be reported to Action Fraud on 0300 123 2040 or at www.actionfraud.police.uk. To be kept up to date with Action Fraud alerts, sign up here.
The two new email scams are below – but there are hundreds of others, so stay vigilant, and ensure everyone who deals with emails in your organisation, workplace or home knows the risks. A good rule is “Do not ever, ever, ever, under any circumstances whatsoever, click on any link in an email or open any attachment unless you are 1000% certain who it is from and what the link or attachment is! No matter how legitimate it looks!!”
The new crime prevention advice email scam purports to come from email@example.com and contains the text “TO THE GENERAL PUBLIC." The email includes an attachment titled ‘11212527.zip’. This attachment contains malicious content (malware) which downloads the iSPY key logger to the victim’s device. This key logger records keystrokes, steals passwords stored in web browsers and Skype conversation records, takes pictures via webcam and stores the licence keys of software, such as Microsoft Office and Adobe Photoshop.
The notice of intended prosecution email purports to come from the Greater Manchester Police, with subject heading “Notice of Intended Prosecution” and “NIP - Notice Number” followed by a combination of letters and numbers. The text says the police intend to take proceedings against the driver of a motor vehicle, and gives details of the date and time, location of the speed camera, and vehicle speed.
It is believed that a malicious link is hidden behind the “Check the photographic evidence” line in the email. This link delivers the GOZI/ISFP Banking Trojan malware, which steals online banking log-in details from victims.
These basic principles are adapted from the Charity Commission’s news release on 13 December about the email scams click here.
- Ensure software has up-to-date virus protection. This will not always prevent you from becoming infected, but it’s a whole lot safer than not having it.
- Do not click on links or open any attachments you receive in unsolicited emails or SMS messages - fraudsters can “spoof’ an email address to make it look like it’s from a trusted source.
- Always install software updates as soon as they become available, as the update will often include fixes for critical security vulnerabilities.
- If your current software does not offer an anti-spyware function, consider installing software which does, as this can detect key loggers.
- Undertake regular backups of your important files to an external hard drive, memory stick or online storage provider. However, it’s important that the device you back up to is not left connected to your computer, as a malware infection could spread to that device too.
- If you suspect your bank or debit/credit card details have been accessed, contact your bank or card provider immediately.
The Commission also recommends that if you are unsure about who an email is from, you should check the email header to identify the true source of communication, and says you can learn how to locate the headers here.
However, these instructions are intended for finding headers that you are then going to send on to Action Fraud or an internet service provider, so they can identify the account the email was sent from. The headers can be set up to make it look like the email is from the proper person, so the fact that the headers say it is from your mum does not necessarily mean it is. Unless you know exactly how to interpret the email headers it is not recommended that you trust the headers to show the email is legitimate.
The Action Fraud website includes masses of information about preventing, identifying and dealing with scams and more types of fraud than you could imagine.
The Information Commissioner’s Office has guidance on online safety (of all types, not only in relation to scams). There’s also a new blog on ransomware attacks, where a host computer is infected and files are encrypted, then a demand is made for payment to get a decryption key though here is no guarantee the attacker will release the key. This blog was posted yesterday (15 December) click here.
Lloyds customers have been warned to look out for fake bank letters (and no doubt the fraudsters will start sending them from other banks too). The letters are on what appears to be Lloyds headed paper, with the bank’s logo, address and signature from a customer service representative. The letter tells recipients that there have been “unusual transactions” on their personal account and asks them to call a number highlighted in bold to confirm they are genuine. When victims call the number, an automated welcome message is played and the caller is asked to enter their card number, account number and sort code followed by their date of birth. Victims are then instructed to enter the first and last digit of their security number.
This fraud was spotted by the Daily Telegraph who was alerted to it by a reader. On separate occasions the Daily Telegraph ran tests using fake details, and was passed to fraudsters who claimed to be from a Lloyds contact centre. The bank has confirmed that the phone number and letters are fake.
Action Fraud says the letters serve as a warning to question written correspondence from a bank or credit card company, and in case of any doubt to ring the customer service number on the back of their credit/debit card or most recent statement.
source sandy adirondack 16.09.16