sircles.net Computer Support The sircles IT support & solutions blog | Phishing

Twitter Feed Popout byInfofru

The sircles IT support & solutions blog SEO, Copy Writing, Networking and Internet Safety & Security

Please Action: Barclays Cloud It

21. December 2017 13:43 by sirclesadmin in SPAM, Phishing
v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VM

 

Spam Warning - Please Action: Barclays Cloud It

This email has been circling...

 

From:                                         Barclays Bank <eservice@barclaycardus.com>

Sent:                                           13 December 2017 08:07

To:                                               Recipients

Subject:                                     Please Action: Barclays Cloud It

 

You have 2 new documents available in Barclays Cloud It to kindly view please follow step 1 of 2 .
View Now

Barclays PLC


The link goes to: http://puenteanil.com/bac/ which displays the following:
 
And so obviously has been shut down, either way this email should be reported as spam and then deleted...
 
 

Spam: Donation From Buffett Foundation

8. December 2017 07:21 by sirclesadmin in Internet Security, SPAM, Phishing
Spam: Donation From Buffett Foundation &amp;nbsp; This is definitely the lamest email we have seen for s

Spam: Donation From Buffett Foundation

 

This is definitely the lamest email we have seen for some time and, to be honest, the most confusing. Not only is the premise so preposterous that no one would surely ever reply. But also the manner in which it has been executed is so pathetic.

I don't know much about Warren Buffet or his foundations but I am pretty sure that none of these people or organisations would use wbuffett6@aol.com

It is so ridiculous, in fact, that I am going to reply to this email to see what happens,

The text reads:

 Am Warren Buffett the CEO to (Warren Buffett Foundation)Warren Buffett Foundation picked you for a $1,500,000 donation.For more details contact Warren Buffett Foundation email:wbuffett6@aol.com

From: Warren Buffett Foundation <warrenmick@supanet.com>

I will report back with any outcome...

Santander: Important Update about your account - spam!

4. December 2017 06:42 by sirclesadmin in Internet Security, SPAM, Phishing
Santander: Important Update about your account - spam! &amp;nbsp; We have seen this email over the weeke

Santander: Important Update about your account - spam!

 

We have seen this email over the weekend. The email us a standard looking Santander email but obviously it tries the age-old trick of pretending someone has tried to break into your account. Fear combined with shock intending to make you act before you think. As usual, the sender email address is completely irrelevant, in this case an EDU suffix.

From:                                                       Santander <dolwickk2@mymail.nku.edu>

Sent:                                                         Sunday, December 3, 2017 8:37 AM

To:                                                            Recipients

Subject:                                                   Important Update about your account

 

If you are having trouble viewing this message, please click here.
E-mail Security Information.

Santander

 

Your security is our priority

Dear Customer:


We recently reviewed your account, and we suspect an unauthorized transaction .

Therefore as a preventive measure we will temporary limit your access to sensitive Santander Online features.

To ensure that your account is not compromised, please log in to your Santander Online and verify your identity to prevent deactivation.

Please use the hyperlink below to login to our secure Santander account Online from Step 1 of 3 to verify your accounts.


Verify now »




Thank you for choosing Santander,
Christian Westcough
The Santander Online Banking Help Team.

envelope-icon

Keep your account information up-to-date. In the event of fraudulent or unusual activity, we'll need to know the best way to reach you. Log in to your account or click to Update now »

E-mail Security Information

 



If you have concerns about the authenticity of this message, please visit http://www.santander.co.uk/uk/index for options on how to contact us.

 

 

 

Anyway let's have a look at what this one does so as to be ready for future emails phishing:

The email looks reasonable enough...

It has all of the hallmarks of a legitimate email:

The 'Verify now' button links, also to:

http://retail.santander.co.uk.logsuk.ns.ens.btochanneldriver.ssobto.dse.operationname.logon.dse.processor.logon.dse.processor.logon.logon.notaioagenova.it/retail/Login.php?sslchannel=true&form=AccountVerification&sessionid=DyClc8RiwcVDTd2G66ahBxo5LOB2dDWRbycoH3GdgBQ9PTQWZ0dAxCGjqhlEViv6RHvyLbM2NCbDw1zv

And when visited we see the following:

 

 

Once again, very close to the real thing, and has no certificate errors, but this is because it is not a secure site. I am currently using Microsoft Edge in this case and so will report this site:

I click on the three dots in the top right-hand corner:

 

 

I now choose 'Send feedback'

 

 

Now I click 'report unsafe site" and choose 'phishing' as that is obviously what this site is.

Once reported we receive a confirmation that the site will be analysed, but please feel free to report this one your self as it will speed up the closing of the site.

Desperate Marketing - Order #16530 / Digital Marketing Skills (Out of Stock)

22. November 2017 12:17 by sirclesadmin in SPAM, Phishing
Desperate Marketing - Order #16530 / Digital Marketing Skills (Out of Stock)&amp;nbsp; This really is qu

Desperate Marketing - Order #16530 / Digital Marketing Skills (Out of Stock) 

This really is quite sad, you have not ordered anything, this is just desperation. Phishing emails trying to get you to download marketing.

This is an unsolicited email, no matter what these idiots claim, and deliberately tries to make you think you have placed an order.

Just take a look at this:

 

Order #16530 / Digital Marketing Skills (Out of Stock)

From:                                         Vanessa Cowpland <vanessa.cowpland@qa-newsletters.com>

Sent:                                           22 November 2017 12:07

To:                                               Simon R. Cooper

Subject:                                     Order #16530 / Digital Marketing Skills (Out of Stock)

 

 

Hello Simon,

 

We're sorry but the item: Digital Marketing Skills you require is currently out of stock. 

Attracting and building the right digital marketing skills becoming an issue for your organisation? 

You're not alone - 76% of UK businesses are experiencing problems recruiting digital marketing skills, despite 84% of these same businesses agreeing these skills are more important than ever before. 

We have crafted a digital marketing guide which will enable you to identify key trends and challenges, and find solutions for all your digital marketing skills needs in 2018. 

Find out more about out digital marketing enablement guide here
 

Kind regards, 

Vanessa Cowpland
QA Apprenticeships
 


Manage your communication preferences here.

 

 I would email them back explaining your disgust at these emails - they will certainly not be allowed to do this following new EU legislation.

Metro Bank Spam - Please Action: E-Payment REF: MTA22506651

22. November 2017 10:52 by sirclesadmin in SPAM, Phishing
Metro Bank Spam - Please Action: E-Payment REF: MTA22506651 &amp;nbsp; v\:* {behavior:url(#default#VM

Metro Bank Spam - Please Action: E-Payment REF: MTA22506651

 

 

 

From:                                         Metro Bank <epayment@metrobankonline.com>

Sent:                                           21 November 2017 14:28

To:                                               Recipients

Subject:                                     Please Action: E-Payment REF: MTA22506651

 

Valued Customer,

Please note that starting from November 21, 2017 we will be introducing new online banking authentication procedures in order to protect the private information of all online banking users.

There is a pending transfer payment into you account from our account department. For security reason invalid record or your 8 digits Security number. We require you to confirm your profile on file with us before this transfer can be completed.

This can be done using the reference provide below.

Complete incoming Payment

Please remember to check 'e-Documents' regularly as we may send you documents which you need to action. Your online documents are stored for 7 years and can be viewed, downloaded and printed at any time.

Regards
Customer Service
Metro Online Banking Team

 

 

The above email is a scam - this one isn't a particularly convincing email as the formatting is based on Microsoft Office formatting and is not supported on many up-to-date system.

If we go to the link in IE, we immediately receive a warning regarding the domain of aaryacreation.in

This means that the domain has been reported by other users with IE and should be avoided - close the browser and delete the email.

If we look at the fake website itself we can see that the formatting doesn't really work:

The links top right are dead and do not even show the arrow to click on when hovered above - close the site and delete the corresponding email and mark it as junk if you have the option.

Metro Bank are a big target at the moment so do be careful if you are a user - check every email before taking any action!