Phishing Scam using TESCO Logo

Bicycle · 22-05-2013 11:32am #1

Mods - if this is in the wrong place please move.

I've just received a very clever phishing e-mail.

It pretends to be from Tesco asking my opinion on my local store and promising a €100 voucher. The first few questions are all about my shopping habits and then at the end they ask for my credit card number, date of birth etc.

Its very plausible until you get to the end. And you need to think twice.

I thought I was internet savvy but less so after this!! Please be careful.

(I have spoken with Tesco Head Office and they are aware of the scam but my local store wasn't)

superb choice of username · 22-05-2013 11:39am

what email address is it coming from? and what site does it send you to?

Bicycle · 22-05-2013 11:44am

Its coming from "restore@fiat.com"

It directs you to "http://emass.com.cn/solo/gea.html"

Magenta · 22-05-2013 1:15pm

If you're the type of person who's stupid enough to enter your credit card details when you're not actually paying for something then tbh you shouldn't be allowed have one!

RangeR · 22-05-2013 1:46pm

Magenta wrote: »

If you're the type of person who's stupid enough to enter your credit card details when you're not actually paying for something then tbh you shouldn't be allowed have one!

That's a bit harsh. Not everyone is internet savvy.

aaakev · 22-05-2013 3:02pm

RangeR wrote: »

That's a bit harsh. Not everyone is internet savvy.

A bit of common sense is needed in fairness, i wonder if the same people who fall for these would give their credit card number to a stranger on the street who was offering them money

RangeR · 22-05-2013 3:23pm

aaakev wrote: »

A bit of common sense is needed in fairness, i wonder if the same people who fall for these would give their credit card number to a stranger on the street who was offering them money

Magenta wrote: »

If you're the type of person who's stupid enough to enter your credit card details when you're not actually paying for something then tbh you shouldn't be allowed have one!

A bit of common sense, maybe. Not everyone is as intelligent. As I said, a bit over the top reaction.

</OT>

Diziet · 22-05-2013 4:11pm

I got that too, and was about to post here. It looks plausible to start with, so it will fool some people.

coylemj · 22-05-2013 4:28pm

Bicycle wrote: »

I've just received a very clever phishing e-mail.

Bicycle wrote: »

Its coming from "restore@fiat.com"

It directs you to "http://emass.com.cn/solo/gea.html"

Sorry but it's not a 'very clever phishing e-mail'. You're asked to participate in a survey, it then redirects you to a Chinese website which asks you for your credit card number, how dumb do you need to be?

I know people have said that this an OTT reaction but there are millions of these e-mails sent out every day.

All you need to do is hover the mouse pointer over any web addresses you're asked to click on and that link with a '.CN' suffix clearly should be avoided. A healthy level of scepticism is the best defence against e-mail scams.

ZENER · 22-05-2013 8:08pm

So you're a 65+ year old who shops online at Tesco (after being taught how by your kids) and those "nice people" at Tesco take the time to email you to ask your opinion about their services . . . what do you do ?!

Hovering over links and knowing what country .cn is - let alone .ie or .co.uk etc - gibberish to you, you can just about use this new computer thing. Back in the day you left their doors wide open for neighbours to wander in for tea and a chat, you trusted people! These are the people those emails are aimed at !

A little bit of understanding needed here, not everyone is tech savvy ! Warn relatives and feel good !!

Ken

ytpe2r5bxkn0c1 · 22-05-2013 8:15pm

ZENER wrote: »

So you're a 65+ year old who shops online at Tesco (after being taught how by your kids) and those "nice people" at Tesco take the time to email you to ask your opinion about their services . . . what do you do ?!

Hovering over links and knowing what country .cn is - let alone .ie or .co.uk etc - gibberish to you, you can just about use this new computer thing. Back in the day you left their doors wide open for neighbours to wander in for tea and a chat, you trusted people! These are the people those emails are aimed at !

A little bit of understanding needed here, not everyone is tech savvy ! Warn relatives and feel good !!

Ken

Oh,come off it. Anybody using Boards.ie should be computer savy enough. Would you give this information if a stranger phoned you and asked? Not a clever phish at all. Yes it's a fraud but hardly a clever one.

ZENER · 22-05-2013 8:31pm

For someone who is savvy in the ways of the internet or technology then no ! But for someone not clued in it's like shooting phish in a barrel !

Ken

wmpdd3 · 22-05-2013 11:06pm

Just rang my mum, she would atleast open the email and the link....

RangeR · 22-05-2013 11:28pm

Ayleen Salty Statute wrote: »

Oh,come off it. Anybody using Boards.ie should be computer savy enough. Would you give this information if a stranger phoned you and asked? Not a clever phish at all. Yes it's a fraud but hardly a clever one.

I'dd reckon boards.ie users are not their sole targets

Bicycle · 23-05-2013 9:49am

I posted this here, not to initiate an argument about intellect, but to warn people.

So, yes, the people who post here are fairly computer savvy. But we all have Mums or whatever who may not be as computer savvy as us. And if posting about the scam makes people more aware then I'm happy.

I regularly get surveys from a number of different organisations and I also got a bona fide e-mail from Tesco yesterday. Maybe some of you have the time to analyse in detail, each e-mail you get before you open it. Others may be just ploughing through their e-mails, without much thought, as I was yesterday.

It is more sophisticated than any of the other phishing scam e-mails I've received.

Michael D Not Higgins · 23-05-2013 10:30am

aaakev wrote: »

A bit of common sense is needed in fairness, i wonder if the same people who fall for these would give their credit card number to a stranger on the street who was offering them money

Wallet inspector!

Magenta · 23-05-2013 11:16am

Bicycle wrote: »

It is more sophisticated than any of the other phishing scam e-mails I've received.

I would LOVE to see the other ones you get.

daheff · 23-05-2013 2:27pm

the first question I always ask myself is where would they have gotten my information from?

If they are reputable I would have had to sign up and given my details. I generally dont give my details to people who will try to send me marketing info (i always tick the box to say no marketing) and if I have to give an email address, I use one that I've set up specifically for this kind of nonsense.

Mostly people who get done are caught up because of a mixture of greed and stupidity

RangeR · 23-05-2013 3:00pm

daheff wrote: »

the first question I always ask myself is where would they have gotten my information from?

If they are reputable I would have had to sign up and given my details. I generally dont give my details to people who will try to send me marketing info (i always tick the box to say no marketing) and if I have to give an email address, I use one that I've set up specifically for this kind of nonsense.

Mostly people who get done are caught up because of a mixture of greed and stupidity

Don't forget that there is a huge element of "trust/naivety" out there. When I speak to the ....older generation.... about this, the first thing they ask me is "Why would people do that.". It's not their fault, it's just the way they are. They see good in the world.

Berating them and calling them stupid and that they shouldn't be allowed to have a CC is just ... I don't know... polite words fail me at the, overly high moral ground.

</unfollow>

dudara · 23-05-2013 3:04pm

Posters - I'm in agreement with RangerR here. There are a lot of people out there who just wouldn't cotton onto this phishing email. We shouldn't be knocking them for that, we should instead be sharing and educating. Enough of the smart-alec posts please.

dudara

clarni · 27-06-2013 8:30am

This scam is out again - it directs you to http://gmzc.cnezhou.cn/ar/haus.html

sandin · 27-06-2013 9:00am

If a poster who puts up a warning like the OP has and they get lambasted for doing so a by a couple of bullies, then it will make others think twice about posting warnings.

There are many many people who will read a warning like this on boards and then pass it on to those who are less tech savvy or new to the internet - yes, many thousands of people around Ireland are only starting to get online and it will be the same every year as about 70,000 people are born every year here.

Up to now its nearly always been bank and other mails which are easy to spot, but as another poster said, you may trust your local tesco store, and possibly some kid will open the mail and enter the parents card details or a myriad of other options.

That why these emails are sent - they just need a few to respond to make it work for them.

Warning people about a new style of phishing mail is both warranted and needed.

Thanks OP.

matt-dublin · 27-06-2013 9:36am

i hope you're emailing Tesco customer services about this. customer.services@tesco.ie. afaik i think they can get it taken down.

coylemj · 27-06-2013 11:43am

matt-dublin wrote: »

i hope you're emailing Tesco customer services about this. customer.services@tesco.ie. afaik i think they can get it taken down.

A UK company can get a Chinese website taken down? Dream on.

Ever heard of Pirate Bay?

matt-dublin · 27-06-2013 11:46am

coylemj wrote: »

A UK company can get a Chinese website taken down? Dream on.

Ever heard of Pirate Bay?

They will be able to get the DNS blocked in the UK and ireland so that it redirects to a site saying that it's a phishing site.

Check the link in a few days

Magenta · 27-06-2013 3:52pm

sandin wrote: »

If a poster who puts up a warning like the OP has and they get lambasted for doing so a by a couple of bullies

Questioning how "clever" or "sophisticated" a phishing email is is bullying now?
Bit dramatic.

sandin · 28-06-2013 2:08pm

Magenta wrote: »

If you're the type of person who's stupid enough to enter your credit card details when you're not actually paying for something then tbh you shouldn't be allowed have one!

Magenta wrote: »

Questioning how "clever" or "sophisticated" a phishing email is is bullying now?
Bit dramatic.

you didn't question the phishing mail - you suggested that someone who responds to one is "stupid" and shouldn't be allowed to have a credit card.

That is bullying.

And I despise bullies.

The OP made a valid and informative post that hopefully is of value to some people.

Magenta · 29-06-2013 7:47pm

sandin wrote: »

you didn't question the phishing mail - you suggested that someone who responds to one is "stupid" and shouldn't be allowed to have a credit card.

That is bullying.

And I despise bullies.

The OP made a valid and informative post that hopefully is of value to some people.

There's a difference between bullying and pointing out when something isn't the brightest idea.
There's plenty of people who drink drive, I suppose I'm bullying them if I say they are stupid for doing so?
Stop victimising yourself and others. Join a theatre group.

ZENER · 29-06-2013 9:49pm

Magenta wrote: »

. . . There's plenty of people who drink drive, I suppose I'm bullying them if I say they are stupid for doing so? . . .

What a simply stupid analogy ! Everyone knows driving under the influence is wrong. However if someone posts an email to an elderly person telling them so and asking for their credit card details as proof of age and further sends it from Guinness.com . . . what would someone not so tech savvy do ?

Your attitude towards the less well informed is astoundingly poor. Perhaps the position of CSA isn't for you ?!

Ken

dudara · 30-06-2013 11:07am

Posters - that is more than enough. I have already given my viewpoint on the validity of this thread. Any continuation of this on your part will result in infractions/bans

dudara

ZENER · 30-06-2013 11:52pm

Apologies Dudora, no infraction intended.

Ken

Phishing Scam using TESCO Logo

Comments