the village websmith selected blog item

Search my 'blog
Find word or phrase...
Keyword
Find posts dated...
Date
06/06/2018: more variations on the phishing theme to help you keep safe online

Another variation on the phishing theme came in today, there were two, one purporting to be from Santander and the other from Bank of Scotland. In the Bank of Scotland version, the sender has got a long name and job title that push the obviously spurious originating domain out of the field of view in most email clients.

The safest way to check such an email address is to highlight it by right clicking, then copy and paste it into a text editor. Then you can check the domain via the appropriate whois links (see the recent blog item on this subject).

Again, there is a Word document attached that you are exhorted to open. Of course, under no circumstances should you do this until you have verified the authenticity of the message. In this case, the originating domain was secure-bankofscotland.co.uk, which, unsurprisingly was registered through GoDaddy by a person whose identity could not be verified. Luckily, GoDaddy has spotted this one and it has been suspended for abuse. However, this is no cause for complacency as the malware will be in the document attached, rather than through a link to the domain.

The second variation, shown below in the image, was supposedly sent by security@alert.info. However, rolling over the links that the message asks you to follow to reset your unspecified password, show that the domain is mosakmail.com. This is clearly an attempt to harvest addresses for unsolicited mail, probably including malware distribution.

As always, vigilance and a healthy degree of scepticism are the best allies in keeping safe on line, so the advice is to take nothing at face value and never be in too much of a hurry to give suspect messages a thorough investigation.

A third variation is purporting to come from HMRC, stating that you owe a large sum of money in tax arrears. The tactic I believe is to make recipients follow the link in a moment of anger with the response " I most certainly do not!", which is an understandable gut reaction. Unfortunately, as soon as you do, it is a lifetime too late to go back and take a more cautious approach. In fairness to HMRC, they are publishing guidelines as to how you can recognise genuine communications from them. Worthwhile advice from HMRC can be seen here, and the page makes interesting reading.

Stay safe out there and as always, if you have any concerns, questions or problems please don't hesitate to call or email.

See more news items in our blog.

Post a comment on this page.Click here to request Information on blog item 182
email this story to a friend
Email this article to a friend
Share this story
Link to this story (copy/paste): https://www.villagewebsmith.biz/page_32.php?pgenme=wiblog_solus&blogsel=182
 
share us on facebook
share us on twitter
share us on pinterest
share us with a friend
get us to call you back
add your comments to facebook
the village websmith's 'blog

2016-09-06
Gain up to 40 times as many enquiries with regular, professional content updates

Enquiry & Traffic analysis for businesses with high, med and low average order value
...More information...

coming soon

2018-08-24
Motorcycle Road Races, Snetterton 200 Circuit

Snetterton 200 Circuit, Norwich, Norfolk, NR16 2JU
3 days
The 200 layout of the recently reconfigured Snetterton Circuit is the nearest in spirit to the original circuit
...More information...