link takes you to a page, looks legit and asks for details. I stopped filling it in when it was asking for bank details, DOB etc. felt like a doofus for getting that far, but just wasn’t thinking.
I had one of those for Facebook years ago. Opened up FB on the laptop, page loaded then went blank and said someone had hacked my account and I needed to confirm some personal details. Got as far as the credit card info before I realised.
Actually turned out to be quite a clever little virus, took the IT guy at work days to get rid of it. I can only assume it came off a flash drive belonging to my mother which had a load of photos on (thousands, mostly in no particular order) which she must have shared around countless computers - "oh, look at my photos from...", she was a nightmare for doing that, copying them here there and everywhere, downloading them onto friend's computers, copying their photos. The flash drive must have been riddled with malware.
I don’t do those Facebook survey underpants/dog name/home town things because I think they are a crock of **** so never really thought about them in that way.
I muted a friend on FB who seems to spend her entire life filling out shit like that. There's some relatively harmless stuff in there about food or how often you fart in the bath or other random "funny" crap but that disguises the stuff that is actually useful to scammers or that propagate the scam - pet names, family names, where you were born, contacts lists (all those things about "you have to live here with your third @ for a month, could you do it...?" which immediately tags the @, they comment, copy, share etc and so on.)
franksinatre - That was exactly like my original post. It was only because I was about to chase up the Royal Mail about something and there was a message from the Royal Mail... Not really concentrating
BUT even as someone who gets regular cyber training that’s never come up and it hadn’t occured to me that stuff could be harvested like that.
The context of this, I did a whole piece around "trust" - who we trust implicitly and whether that trust is wise. Do we trust Apple to look after our data and login credentials securely? Google? Microsoft?
Yahoo?
However I will now be sharing that as much as I can with people I know who do.
Please do. It's worth it alone for the reaction it gets.
all ask you to press one to speak to someone (which will cost you,)
I highly doubt that. I don't believe it's possible (in the UK) to charge someone for receiving a call. It's a trick I've not seen before if it is.
I've had a couple of spam calls recently to my work mobile but the odd thing is they come from mobile numbers that are very close to my own number. First one was +61 and second one -276. Coincidence or not?
Mrs S and I both got the same last week, call from numbers that were one digit away from our own
Its called Neighbour Spoofing and is another confidence trick
https://www.ofcom.org.uk/phones-telecoms-and-internet/advice-for-consumers/problems/tackling-nuisance-calls-and-messages/phone-spoof-scam
Again,
CLI (caller ID) spoofing is nominally more difficult than email address spoofing, which is to say "not very". One of the reasons behind CLI is so you can offer a different callback number - say a freephone number or a call centre - from the one you're dialling out of. You need to consider inbound call numbers as largely cosmetic, it's a "reply to:" number rather than a "from:" number.
There is a second actual real CLI embedded in the call metadata which is visible to people such as the emergency services (so you can't prank the police) but not to the general public. Why this is the case I never really understood.
call from numbers that were one digit away from our own
Interesting - do you answer them?
I get calls with numbers I don't recognise, not in my contacts or phone tells me location - Manchester, Edinburgh etc. I don't know anyone in those places. Could be recruitment, but I'm not looking for a job, so I just press volume button and let it ring.
If I get an unknown number that I'm not expecting then (there's a theme here) I ignore it. Googling can often yield results.
I know a few have already said this but I think scammers land two types of victims
At least, yes. You don't catch different fish using the same bait.
On the one hand, phishing emails etc are getting harder to spot. I used to think "how daft do you have to be to fall for this stuff?" but some are really convincing these days. As demonstrated by this very thread, all it takes is a perfect storm of a well-crafted email from a company you're already in the middle of dealing with and boom, you've just sent your credit card details to Nigeria.
On the other, I have a suspicion that some of these things are intentionally bad. Because the sort of person who's gullible enough to fall for an email going "dear costumer, your account is in suspenders" is more likely to be subsequently reeled in. Sending emails is cheap, but landing the big fish requires individual human interaction and that takes time and therefore money. Their worst-case scenario is spending hours on a mark just for their target to go "wait a minute... this is a scam, isn't it?" at the 11th hour. By ensuring that only chumps click the links in the first place, they minimise this risk.
This is what makes this stuff difficult, and why "there's a scam claiming to be from [whoever] doing the rounds" warnings are usually ineffective. There isn't 'a' scam, there are thousands, it is a moving target and attempting to mentally blacklist the latest phish-of-the-day is doomed to fail. Instead, learn how to recognise these things and, as I said earlier, if you aren't expecting something then regard it with suspicion.
If I've written this once on STW now I've written it a hundred times: if you find yourself having to ask "is this a scam" then the overwhelming likelihood is yes, yes it is.
Nearly got suckered by this one the other day. Only my quick wits saved me!
Seems legit.
interesting...
https://www.bbc.co.uk/news/uk-england-57226704
I wonder if this is 'the' recent Royal Mail phishing scam or just 'a' recent Royal Mail phishing scam.
I think we need to get a bit better at playing our part in this. If were too clever to fall for these scams but ignore them instead of contributing to the efforts to defeat them (like reporting them promptly to the NCSC) then we're not as clever as the scammers.
had a close call a while back with this one
I won't do banking and very,very little shopping on my phone just to avoid scams and rash purchases I can't even access my bank account from phone and so don't have the details anyway.Got the DVLA email about my VED payments/ direct debit not going through which coincidentally I had only just set up on my relatively new (to me)car.Waited till the evening checked the email in more detail saw it was a scam but also confirmed it on Google.Thought I just better double check with DVLA online and found that my tax was up to date buy my MOT had run out a month ago.Thank you scammers I would have carried on driving around for another 6 months without an MOT otherwise as I thought it was due the same month as my old car,lockdown confusion and all that.
I won’t do banking ... on my phone just to avoid scams
Are you 86?
No, just sensibly cautious! (no need to be patronizing, not everyone wants to do things because they can).
Are you 86?
Not quite.The clue's in the username .
Use your phone it should have a calculator on it 🙂
Don't use my phone as nothing's that urgent for me. I'm on my laptop every evening so I do banking,household admin.shopping,pointless internet postings etc then.Bigger screen for my old fogey eyes.
Are you 86?
Another phishing scam, dont tell him, Pike
I just followed a link on a scam text! Came from Fedex, supposedly:
link opens to this
Fedex-delivery.co/ ? hmm, now my morning brain starts to function (not that well, but enough), .co? hmm, so I’ve been in all morning, I’ve missed a parcel? and they don’t leave a card. Go to actual fedex website, no help there, the tracking no doesn’t exist and their cust service phone no doesn’t work. Google web address, yeah, scam.
Guess they know my phone no. is real, but what else they would’ve got out of it, even if I’d booked a fake redelivery, not too sure.
If you try to book the redelivery they tell you there is a charge to pay - thats where they make their money
Mrs Pierre had an alarming one a couple of weeks back that we're still not sure is fluke timing or something more sinister.
She'd been waiting for a new bank debit card through the post and when it arrived she went through the usual steps of activating it (use bank app on phone, Face ID log in, activate card) - but then a couple of minutes later got two text messages. The first one looked like it had come from the bank and said something like "This is (bank) fraud prevention. You will shortly get a text from (given number) to authorise or deny potentially fraudulent card transactions."
She then got a text from the number previously provided that said "This is (bank) fraud prevention. Two transactions have been flagged as potentially fraudulent:" and details of £0.00 transactions with names like "UBER 7239-49" and "Delivero038922". Followed by "Please call this number as soon as possible to authorise or deny these transactions."
She did the sensible thing and called the bank on their given number, and they said the messages hadn't come from them and there were no flagged transactions on her account. But she was slightly alarmed how quickly the texts had arrived after she'd activated her new card - I think it's probably just coincidence but am wondering if there's something more suspicious at work.
Theres an investigation into this on bbc1 now. Presenter sounds like he thinks we’re a bit stupid.
