The Village Websmith Selected Blog Item

Search my 'blog
Find word or phrase...
Find posts dated...
06/06/2018: More variations on the phishing theme to help you keep safe online

Another variation on the phishing theme came in today, there were two, one purporting to be from Santander and the other from Bank of Scotland. In the Bank of Scotland version, the sender has got a long name and job title that push the obviously spurious originating domain out of the field of view in most email clients.

The safest way to check such an email address is to highlight it by right clicking, then copy and paste it into a text editor. Then you can check the domain via the appropriate whois links (see the recent blog item on this subject).

Again, there is a Word document attached that you are exhorted to open. Of course, under no circumstances should you do this until you have verified the authenticity of the message. In this case, the originating domain was, which, unsurprisingly was registered through GoDaddy by a person whose identity could not be verified. Luckily, GoDaddy has spotted this one and it has been suspended for abuse. However, this is no cause for complacency as the malware will be in the document attached, rather than through a link to the domain.

The second variation, shown below in the image, was supposedly sent by However, rolling over the links that the message asks you to follow to reset your unspecified password, show that the domain is This is clearly an attempt to harvest addresses for unsolicited mail, probably including malware distribution.

As always, vigilance and a healthy degree of scepticism are the best allies in keeping safe on line, so the advice is to take nothing at face value and never be in too much of a hurry to give suspect messages a thorough investigation.

A third variation is purporting to come from HMRC, stating that you owe a large sum of money in tax arrears. The tactic I believe is to make recipients follow the link in a moment of anger with the response " I most certainly do not!", which is an understandable gut reaction. Unfortunately, as soon as you do, it is a lifetime too late to go back and take a more cautious approach. In fairness to HMRC, they are publishing guidelines as to how you can recognise genuine communications from them. Worthwhile advice from HMRC can be seen here, and the page makes interesting reading.

Stay safe out there and as always, if you have any concerns, questions or problems please don't hesitate to call or email.

See more news items in our blog.

Post a comment on this page.Click here to request Information on blog item 182
email this story to a friend
Email this article to a friend
Share this story
Link to this story (copy/paste):
Use of cookies. Mouse over here for details.

Use of cookies on this web site: Neil Hesman T/A The Village Websmith collects no personally identifiable data in cookies. However, a number of social media and search engine companies place tracking cookies without our consent or co-operation. If you wish to avoid tracking, please read our cookies policy, where you will find links to resources that will help you set your browser accordingly.
Show Cookies Policy
Accept & Continue
Join Mailing List
share us on facebook
share us on twitter
share us on pinterest
share us on linkedin
image link to send our link to a friend
get us to call you back