Yet another phishing scam

[pmrid (Peter)]

If you get a message purporting to come from Apple telling you that your account billing information is out of date and threatening to terminate your account unless you click on a provided link and update immediately - don't click that link - whatever you do. It's a phishing scam.

Peter

[Tinderboxsky (Steve)]

Yes, one needs to be very alert as they are trying every angle.

I recieved an email yesterday purporting to be from Paypal stating that I had been incorrectly debited for some goods and clicking on the provided link would ensure that they would be able to reverse the debit. Needless to say, checking my account through the Paypal website confirmed no such debit existed.

Steve.

[mithrandir (Andrew)]

I can never understand how people use an email client that renders HTML links without prompting the user if it is OK do do so first.

In my experience of about 20 years using email every single link which purports to come from paypal, ebay, a bank, CC provider and so on, when you mouse over comes up pointing somewhere else.

I have SWMBO trained that when she gets a web page or popup she does not understand she asks before clicking anything. Yesterday was an "iLivid update required" and a "your web browser has been locked until you pay the fine" day.
Task manager to kill IE; AVG full scan; Firefox (not that she uses it) updated to use it to fetch patches; Malwarebytes update and full scan; Java and Adobe updated.

[rally]

It seems fairly rare not to get one every few days.

Today's scam on the business account was :

Title - "Westpac Alert !"

"The primary email for your Westpac account was changed on 24/09/2013.

If you did not authorize this change, please confirm your identity by visiting Westpac now.

(Link removed - Al)
Thank you for using Westpac."



So all the usual stuff makes it obvious

Didnt pass the smell test - the exclamation mark
Not addressed to me personally
"Authorize" not "Authorise" for an Aussie business
URL address that is not the bank's URL or domain

The email client didnt recognise it as spam (but will from now on !)

I did look twice at this one - I got it on the phone first so just read the first few lines, but once in front of a PC it was obvious.
Of course I didnt click the link, it astounds me that people do, to then go on through whatever process the scammer has in store for you to get your details, download files etc - is totally beyond me

[tlgerdes (Trevor)]

Can you please remove the malicious link embedded in your message. It is likely to cause the site to flagged as malicious when the robot indexing spiders trawl the site.

[LewisM]

It's just SO easy not to get these problems.

Preview pane disabled in the email client (stops instant loading of virii and pop ups)

Don't click any links from people/companies you do not know, and hover over any embedded links to see what the address is - 100% of scams will say something like "Paypal", but the address will be something odd.

99.9% of banks do not email you account related info. EVER. I know my bank does NOT email any account stuff. Nor will Paypal.

To check on something you MAY be a bit unsure of, just go to the webpage of the company yourself, NOT through a provided link.

And create specific filters - I do not get a SINGLE scam or advertising email, yet the wife, who does not set up properly, receives at least 40 scam and advertising emails daily.

As to my scammer in Spain, the worm is squirming. I told him that Interpol and the Spanish Policia Judicial were asking me questions... he's gone VERY silent (he scam emailed me though this very website)

[brian nordstrom (As avatar)]

Westpac are on to this , I tried to access my account via e/mail tonight and I was asked to change all my PW's and stuff , they sent a conformation code to my phone , I disregarded that because I smelled a rat .
I went directly to Westpac's security and asked 'What happening ? ' they said yes there has been a few instances today , so I have changed everything .
Yes get rid of that link , please .
Brian.

Quote:

Originally Posted by rally

It seems fairly rare not to get one every few days.

Today's scam on the business account was :

Title - "Westpac Alert !"

"The primary email for your Westpac account was changed on 24/09/2013.

If you did not authorize this change, please confirm your identity by visiting Westpac now.

(Link removed - Al)
Thank you for using Westpac."



So all the usual stuff makes it obvious

Didnt pass the smell test - the exclamation mark
Not addressed to me personally
"Authorize" not "Authorise" for an Aussie business
URL address that is not the bank's URL or domain

The email client didnt recognise it as spam (but will from now on !)

I did look twice at this one - I got it on the phone first so just read the first few lines, but once in front of a PC it was obvious.
Of course I didnt click the link, it astounds me that people do, to then go on through whatever process the scammer has in store for you to get your details, download files etc - is totally beyond me

[AdrianF (Adrian)]

Got 2 Westpac emails today asking to update account details. Don't have Westpac acct

Adrian

[mithrandir (Andrew)]

When I worked with Westpac I had direct access to all the IT security teams. Being able to report phishers to them day and night and getting immediate action was satisfying.

[rally]

Oops - Sorry for posting the link !
I thought about it and concluded that maybe some of you might want to look further into where it was originating. Hadn't considered the issue with it being on the site.

Again - apologies

[brian nordstrom (As avatar)]

Sweet and Nigerian scammers not welcome here .they have tried , and a few have got right into our forums B4 today , it means a lot !
Remember the 'coat seller"?, he was fun , from Russia he was . .
Brian.
Brian.

Quote:

Originally Posted by rally

Oops - Sorry for posting the link !
I thought about it and concluded that maybe some of you might want to look further into where it was originating. Hadn't considered the issue with it being on the site.

Again - apologies

[mithrandir (Andrew)]

Today's contribution:

Subject: Require: Update Porfile infomation {as spelled in the email}

Paypal {a valid PP Au link}
...
Update your information now {a URL pointing to *ceogniezno.home.pl}
...
{a few more valid PP Au links}

[ReaPerMan (Paul)]

I had the same one from Apple the other day telling me to update my account. Looks really genuine except for one thing.... It was in French and I don't have a French Apple account. Bit of a whoopsy there.

[AndrewJ]

Got a good new original one today ( purportedly from Ploptus )

Quote:

- This mail is in HTML. Some elements may be ommited in plain text.

- Dear user, Your incoming messages were placed on pending due to
our recent upgrade. Verify your account immediately

Only problem is i cant read the omitted text

You do have to wonder at times.

Andrew