Dangerous fake email scams Page 24

FAKE:

Investigations and Enforcement Services

This message has been auto-generated in response to the company complaint submitted to our WebFiling service.

The submission number is ID20721CPH009192

Please find the attached document for your review.

Note: This email was sent from a notification-only email address which cannot accept incoming email. Please do not reply directly to this message.

Crown Logo
Companies House
Crown Way
Cardiff
CF14 3UZ
Email enquiries@companies-house.gov.uk
Enquiries (UK) 0303 1234 500
International +44 303 1234 500

The Cardiff office is open 24 hours a day for the receipt of documents Contact Centre lines are open between 8.30am to 6pm (Monday to Friday)

Bill

FAKE:

Apple Receipt
APPLE ID
billwill_linkedin Subscription Netflix 1S Plan TOTAL 35.99 GBP
DATE
Feb 6, 2017
ORDER ID
MQSS5F7K26
TOTAL 35.99 GBP
If you did not authorize this purchase, please: Click here for Refund

These fake emails are getting more tricky to spot. I was dubious as to whether or not someone had obtained credit card info from LinkedIn and used that to buy something, but I checked the headers of the email and it originated in Russia not from Apple, (see the BOLD address below)

Return-path: <ID-77519@tig.csail.mit.edu>
Received: from gaia.avantel.ru ([195.49.168.13])
by bastion01d.mail.zen.net.uk with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
(Exim 4.80)
(envelope-from <ID-77519@tig.csail.mit.edu>;)
id 1cal7o-0002fz-UR
for billwill_linkedin@datahighways.co.uk; Mon, 06 Feb 2017 15:22:42 +0000
Received: from localhost.localdomain (learningmasterclass.com [81.171.7.119])
by gaia.avantel.ru (Postfix) with ESMTPSA id 8008FBE0977
for <billwill_linkedin@datahighways.co.uk>; Mon, 6 Feb 2017 22:24:16 +0700 (+07)
Date: Mon, 6 Feb 2017 16:22:37 +0100
To: billwill_linkedin@datahighways.co.uk
From: Apple <ID-77519@tig.csail.mit.edu>

Changed my LinkedIn password to be sure, to be sure. In fact LinkedIn must know about a breach as they required a password change.

That looks very like an email I had the other day. However after a bit of thought I clicked for it to go into Phishing scam. What I'm sick of is all the emails I'm getting about my Pay Pal account. I've never, ever had one!

FAKE:

RBC Royal Bank

Secure Message Secure Icon

This is an automated message send by Royal Bank Secure Messaging Server. To ensure both you and the RBC Royal Bank comply with current legislation, this message has been encrypted. Please check attached documents for more information.

Note: You should not store confidential information unless it is encrypted.
CONFIDENTIALITY NOTICE:The contents of this email message and any attachments are intended solely for the addressee(s)and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited.

The supposed source of this email rbs-secure-message.com does not exist.

Bill

FAKE:

Traffic Management Act 2004 by Regulation 9 of the Civil Enforcement of Parking Contravention (England) General Regulation 2007
Service by Civil Enforcement Officer

(PCN) Parking Charge Notice

Date of Service of The Penalty: 13/02/2017
Was Seen On : Stapleton Crescent
By Civil Enforcement Officer: 23859 -
If you don't consent the bill, you can challenge the bill.

Find out Video/Photographic Evidence of Your PCN
Contest The Penalty

Who believed that neglection was being committed
Infringement: Vehicle parked exceeds maximum weight or height or length permitted
At 23:41 On: 13/02/2017
A penalty fine is now payable and must be paid not later than the last day of the time slot of 28 days beginning with the date on which this penalty bill notice was given, otherwise the penalty charge will reduce by 50%.
© Copyright The London Borough of Havering 2016
Powered by Jadu Continuum. Handcrafted by Spacecraft. Havering London Borough

This was all formatted like a FORM.
Bill

Ironic Spam Scam, thank you Ma'am just received.

I do know a Mark but know for a fact that he is on holiday at the moment and only has access to the school computer.....................heh, heh - bet "they" didn't know that!

Image

Not an Email but I got an unsolicited iMessage on my iPad tonight from lu.moo@icloud saying 'hi'. I hit the 'report as junk' button but 5 minutes later I got a FaceTime video call from the same person which I declined. They tried another FaceTime video call which I declined before blocking the caller. Anyone else had anything similar, I did google the caller but couldn't find anything.

Got a message from Experian

Check your alert

Your email address and password are being illegally published and sold online.

Experian CreditExpert's Web Monitoring has scanned the internet and found that your email address and password are being illegally published and sold online. This puts you at high risk of becoming a victim of fraud.

That panicked me! I have changed my email password as recommended but am now worried how someone might have got my password or even if the real password was ever out there. My issue now is before i go through all my accounts changing my passwords how can i be sure i have not got keylogging spyware on my computers? I have ran AVG, Windows defender and Malwarebytes and all are showing no infections.

Any advice?

At first I thought that must be fake, but Experian monitoring does seem to exist and has a valid encryption certificate: https://help.creditexpert.co.uk/help/sv635/Identity_fraud/whats_web_monitoring

You could do a clean install of a Linux into a new virtual Computer and then use its browser to do password changes, but that might be beyond your skills.

If you pop out and buy a Linux Format magazine, theres a DVD on the cover containing a bootable version of Ubuntu 17.04, It encourages you to boot it, and run it before deciding to install.

Now running it in this mode is called a Live CD/DVD mode, it uses only the DVD and your RAM, it won't touch your hard disk unless you specifically tell it to do so and since mass-produced DVDs are truly read-only, no malware can infect such a DVD. When you power off all changes (which were in RAM) vanish. So you can use a LIVE DVD mode to perform your password changes.

Some people use only a LIVE DVD to do their on-line banking activities.

PS: It does require a computer with a DVD drive, or an external plug-in USB DVD drive.

There are ways of putting a copy from a DVD boot disk onto a USB memory stick if your computer can boot one of those, but as it is not read only, it is less secure.

Thanks Bill - though that does sound like something i would struggle to do.

I use Experian (a paid service) to keep a check on activity on all my financial items, bank accounts, credit cards, loans etc. They let me know if something is changed/accessed and if anyone is searching my credit history. But i did not know they had this 'web monitoring' service. I have checked my two main emails addresses on haveibeenpwned dot com (recommended by moneysavingexpert) and one was clear - but the one Experian issued the warning about looks like it might have been part of a large third party data leak. So probably not an issue with my computers but -

What i really want is to check and be sure my computers are free of any spyware/key logging infection. before i change all my passwords.

Is Malwarebytes effective or is there a better removal tool?

Thanks

Surely Experian is just a load of bollocks anyway. What really is the point or benefit of joining up with them? I think their whole existence is a waste of time and space.

I also received a No-reply email supposedly from HMRC with a link to click on.

I thought better of it!

Quote: playfull @ 25th May 2017, 3:30 PM

Thanks Bill - though that does sound like something i would struggle to do.

I use Experian (a paid service) to keep a check on activity on all my financial items, bank accounts, credit cards, loans etc. They let me know if something is changed/accessed and if anyone is searching my credit history. But i did not know they had this 'web monitoring' service. I have checked my two main emails addresses on haveibeenpwned dot com (recommended by moneysavingexpert) and one was clear - but the one Experian issued the warning about looks like it might have been part of a large third party data leak. So probably not an issue with my computers but -

What i really want is to check and be sure my computers are free of any spyware/key logging infection. before i change all my passwords.

Is Malwarebytes effective or is there a better removal tool?

Thanks

If your computer has a DVD drive, booting a live DVD of Linux is not difficult at all. It's only awkward if you have to buy or borrow a USB connected DVD drive.

Quote: playfull @ 25th May 2017, 3:30 PM

I have checked my two main emails addresses on haveibeenpwned dot com (recommended by moneysavingexpert) and one was clear - but the one Experian issued the warning about looks like it might have been part of a large third party data leak. So probably not an issue with my computers but -

What i really want is to check and be sure my computers are free of any spyware/key logging infection. before i change all my passwords.

Is Malwarebytes effective or is there a better removal tool?

Thanks

If haveibeenpwned indicates your email was compromised due to a third party leak, you're almost certainly right to assume its not an issue with your computer. Keylogging normally requires the installation of software or firmware on your computer - so, a trojan or spyware. Malwarebytes is a good program and should flag up these sorts of infections, so you should be totally fine. Plus, you would normally have to have opened an attachment or clicked on a link to be infected with keylogging malware, which I assume you haven't done! 1&1 have some good information on this sort of thing on their blog - they mainly provide email services for businesses, so it's in their interests to know what they're talking about when it comes to security...! Have a look at the "What to do if your e-mail has been hacked" section in this post: https://www.1and1.co.uk/digitalguide/e-mail/e-mail-security/e-mail-account-hacked-what-now/ If you're still concerned that your malware scanning could have missed something, they recommend Kaspersky and Bitdefender, who apparently offer free scans - worth double checking to be on the safe side.

Do you use two-factor authentication for your accounts by the way? It's a really good way of protecting yourself from third party data leaks in the future. That way it's much harder for hackers to access your account even if they have your address and password.

Hope that helps!

just received this today. Do you think it's safe?

Hello,
I seek your partnership to transfer some funds abroad. Please email me privately for details: msconfirmation2010@outlook.com

Go for it, sounds good.

Will Cam, you are a naughty boy! Trying to get Chappers into truble.

:)