General cyber-scams, phishing thread

Mods, please feel free to move this where you think is most appropriate.

Here is a general phishing/hacking thread where posters could sound out others regarding potentially dodgy emails/sites, or post info about cyber scams they know about. 

Cyber scams are ever present, and even though I know a little stuff in this area and continue to study it, I’m always just several steps short of being taken in myself if I don’t take my routine steps & maintain the highest degree of suspicion. 

Technically, I know how to operate phishing scams, fake calls (even once took myself in for a split second!!), how to clone/alter websites, redirect traffic etc, yet I potentially stand to be taken in, eg if I were under great pressure. Nobody should feel bad about falling for these scams, there is space to learn. 

Coming up to Christmas my junk mail is filling rapidly with phishing emails, adverts for sites which might provide shoddy goods or a ‘non-service’. 

My first alert here is regarding an email which has been doing the rounds:

no-reply @ microsoft.com

It purports to come from Microsoft and typically states a hacker (usually) from Russia has managed to sign into your Microsoft account & knows your password, had accessed your email, cloud storage, etc etc. it is entirely fake & phishing. Do not click on the link or that in any other email. Go separately to valid site unless you have determined fully that the email is entirely legitimate. 

Most people “fall”’for scams because their default thinking is that the rest of the world is generally as honest as they are. 

Part of my job used to be warning customers about these scams, yet I nearly got caught out myself. I made some substantial bank transfers and then got a text from "AIB" notifying me of suspicious activity on my bank account. Beautiful timing by the scammers. I thought it was legit. Clicked on a link, followed a bunch of steps via a fake AIB website that was extremely well put together. But thankfully before it was too late it dawned on me that it could be dodge - and just a coincidence that it happened to be the same time as significant activity on my account.

A legitimate bank warning will only recommend that the customer phone them - not click a link.

BOI now have a good text alert system. I got one such alert recently advising me there was a suspicious transaction on my account. Of course my initial reaction was to suspect the text which asked me to reply with simple YES or NO answers.

The customer fraud support guy I spoke to was very helpful. Transpired that some adware got installed on my computer from a US based company who were siphoning off small amounts for a useless add-on “service”. It is possible barely legal in its country of origin as it does nothing to harm your pc itself. BOI cancelled the card and reissued me with a new one.

moycullen14

https://www.boards.ie/discussion/comment/119981885#Comment_119981885

That's always the risk. They hit you when coincidentally there IS some unusual activity on your account. What are the odds? Well, pretty good considering they are sending millions of these messages, one is bound to press the right button.

Im studying infosec as an area of interest. Just before a time when I was distracted with various other things I initiated sending myself a scam text as a little educational exercise. But with other unrelated things happening I briefly forgot about that, and next morning I did my usual muffled yell at the phone “another bloody scam text” (from USA this time), before remembering it was myself, lol 😂

Next time you are at your PC, check to see if this adware has got installed on your computer. It will siphon off modest amounts of money for no usefulness to you. If you find it present, check your bank statements, typically a €10 per month “service” charge. I had to have card reissued, bank had flagged it and refunded me. Once you’ve made sure they are not using your bank details, uninstall. This adware typically manages to get installed stealthily piggy-backing on Microsoft.

Stealthily piggy-backing on Microsoft? What does that even mean?

If you installed this software and provided them with your card details then I’d suggest you might want to start with Infosec 101.

https://www.boards.ie/discussion/comment/120007980#Comment_120007980

My bank has been able to determine it’s been quite a widespread malware, that’s how it got flagged. Basically a lot of Microsoft accounts have become hacked, along with payment details. It happens.

Beware folks, especially this time of year when ye are all expecting parcels, of many phishings texts, emails etc purporting to be A Post, DHL etc. You’ve “missed a parcel”, or “need to pay import duty” etc. go direct to the valid sites, don’t fill in these forms or click on links.

Esel

I suppose some people never read the link or don't understand how to 'interpret' it.

customsanpost-fee.com (in this case) should be an instant red flag to anyone really.

https://www.boards.ie/discussion/comment/120011609#Comment_120011609

Yes it should, at least in theory. But there’s always somebody relatively new to stuff, there always people bombarded with various immediate concerns they try to address to get fine with quickly and get caught off guard. It’s never any harm encouraging folk to be on the alert to particular patterns of how nefarious people operate.

https://www.boards.ie/discussion/comment/120011609#Comment_120011609

There are folk I know who wouldn’t know how to even go about understanding a fake, and as you say “interpreting” it. Just not literate in this respect. One person I have a little demo on how faking can be done was stunned that “anyone” could do it. Just hadn’t a clue, eg, that html even exists and can be visualised easily and altered by just anyone, copied and pasted and put up again on a kind of similar sounding website.

Taxi scam, hackers operating as on in conjunction with bogus drivers have over one face recognition software. This is quite alarming. Cybersecurity is slow to catch up on the burgeoning AI hacking. This essentially means that overall your phone is a less secure a device than you might have imagined. Face recognition security is no longer fit for purpose.

https://m.independent.ie/irish-news/crime/bogus-taxi-scammers-who-empty-bank-accounts-also-hack-into-emails-of-victims-42231550.html?utm_source=newsletter&utm_medium=email&utm_campaign=IN:Daily&hConversionEventId=AQEAAZQF2gAmdjQwMDAwMDE4NS0yZTU0LTFhYjMtOTkwYy1lNGI0MjRiM2NiZjPaACQzY2JhMWEzYi0yOGU2LTQxMGEtMDAwMC0wMjFlZjNhMGJjYzXaACQ3NjZjM2QwMS1mM2FlLTRhNzAtOTQ2Mi05OWVmNTBkNjY1YjbBs-bw5IY4oK7M9RAii1rvvOzNQJqvhcvBQo74nbfFLw

Another one from no-reply@microsoft.com

Fake

Genghis

https://www.boards.ie/discussion/comment/120018387#Comment_120018387

I strongly doubt they are actually overcoming / faking facial recognition software using AI, or indeed using any actual technology.

I think they are "defeating" facial recognition because phones allow facial / biometric recognition to fail X times after which the phone then requests a PIN or pattern. This PIN or pattern is what the criminal gathers via shoulder surfing earlier in the evening. Unlocking this way affords them the ability to reset passwords, with 2FA via the stolen device.

This is no more than elaborate, orchestrated, slow twitch thievery. These are not cyber masterminds methinks.

https://www.boards.ie/discussion/comment/120020971#Comment_120020971

We don’t really know what happened. Yes, I often end up having to put in my 6 digit pin code after failure of facial recognition in certain light conditions etc, but if methods of authentication, be it facial rec have been breached it’s quite concerning. It would take a bit of orchestration to accurately gather the passcode in the nightclub (etc) setting, followed by the fake taxi scenario where victim and phone are parted. Hopefully the Gardaí will establish the facts. It would be worrisome if the authentication has been by-passed.

Genghis

https://www.boards.ie/discussion/comment/120021376#Comment_120021376

We don't really know what happened, I wonder does the journalist who wrote it. There is a big difference in cracking facial recognition, and shoulder surfing.

https://www.boards.ie/discussion/comment/120021401#Comment_120021401

I had assumed the guards would have informed the journalist, but with journalistic standards these times, that is somewhat doubtful.

Iseedeadpixels

https://www.boards.ie/discussion/comment/120019221#Comment_120019221

What email would Microsoft normally use for alerts like that?

https://www.boards.ie/discussion/comment/120021570#Comment_120021570

Here’s the answer to that, I should have included it in my post above.

https://it.brown.edu/phish-bowl-alerts/microsoft-account-security-alert-legitimate-email

Atlantic Dawn

https://www.boards.ie/discussion/comment/120021570#Comment_120021570

Probably the same address but it's spoofed in that example, an easy thing to do.

Hotblack Desiato

https://www.boards.ie/discussion/comment/120020971#Comment_120020971

They're not, according to the article

The gang carrying out the scam are using ‘shoulder surfing’ techniques in pubs and clubs.

This involves looking over someone’s shoulder to get information such as a passcode or PIN. As soon as they see the passcode, they set about stealing the phone.

That's no more "hacking" than stealing a bunch of keys is.

Iseedeadpixels

https://www.boards.ie/discussion/comment/120021586#Comment_120021586

Thanks for that :)

https://www.malwarebytes.com/blog/news/2022/03/unusual-sign-in-activity-mail-goes-phishing-for-microsoft-account-holders

Another phishing from no-reply@microsoft.com arrived to my inbox, indicating I’ve been hacked from Russia without love.

This is actually hosted on Microsoft azure, but it is a phishing scam and the report email address is dodgy as fook. You need eyes in the back of your head.

https://www.boards.ie/discussion/comment/120021613#Comment_120021613

The trouble is that face recognition doesn’t work well in many of those settings, forcing phone users to go to passcode. The old fingerprint authentication, in theory, is better, but I found it finicky and didn’t always work.

https://phish.report/

You can report phishing here.

AndrewJRenko

https://www.boards.ie/discussion/comment/120021376#Comment_120021376

I heard one report of the victim being drugged in the fake taxi, which may allow them to do facial recognition.

https://www.boards.ie/discussion/comment/120022735#Comment_120022735

I’d say there must be lots of variants of how it is achieved. I must do a little experiment or two on my own facial authentication.

Esel

Sometimes I don't recognise my own face in the mirror... 😀

https://www.boards.ie/discussion/comment/120023369#Comment_120023369

Neither do I when I’m looking particularly glum 😂

There’s a thread on the bogus taxi+phone scam, a lot suggesting it’s purely an urban myth. Hard to know with present standard of journalism.

cj maxx

https://www.boards.ie/discussion/comment/120009412#Comment_120009412

I’ve got a couple of them, but in text messages to my phone rather than emails .

I’ve also got phone calls from a french number saying they’re need me to fill in a link .

add in thar 2 companies have been taking £30 +every month for subscriptions i never took out. Again a french website trueplay-com.

i had to cut my card up 🤬

https://www.boards.ie/discussion/comment/120023887#Comment_120023887

Bank of Ireland (don’t know about the others) are pretty good at flagging potentially suspicious transactions and send a text advising you. Of course I get initially suspicious of those texts, but verify by checking on the app.

AndrewJRenko

https://www.boards.ie/discussion/comment/120023470#Comment_120023470

I heard of this scenario of the fake taxi and taking control of the mobile phone about a month ago from a work colleague, long before it appeared in the press.

Dramatik

New one today, better go get my MANDATORY test kit

cj maxx

After getting a call from a UK number 07888 416175 from supposedly Amazon saying I’ll be charged £80 a month for Prime my prime account. ‘Click on the link bla bla ‘ . The number is very similar to my mobile number. Fuckin being overwhelmed by scams and frauds lately.

cj maxx

https://www.boards.ie/discussion/comment/120024113#Comment_120024113

This is my Santander uk account.

cj maxx

Also from Curries uk . Claim my prize ( a kettle) . Just pay £2 postage. Enter your card details here ………

cj maxx

Texts from An Post to pay a €2.99 import charge. Strange as anything i buy online is delivered by Royal Mail. Sick of this sh1te 😡

https://news.kaduu.ch/2022/12/29/lastpass-hack-protect-your-passwords-now/

This popular password / key storage hacking didn’t exactly get much publicity. Apparently if you use non-default settings you are more at risk. I’d be changing my passwords.

https://www.boards.ie/discussion/comment/120028582#Comment_120028582

My spam box is a virtually container ship of phishing sh1te. Also my main inbox always has suspicious emails, but a few of them could be described as somewhat convincing or confusing and take a second look to check them out.

cj maxx

https://www.boards.ie/discussion/comment/120043556#Comment_120043556

But I got a phone call which my phone flagged as spam when it was actually my MS nurse.

anyway , watching a programme on the concorde . Several more contributory factors than I thought, including pilot error.

https://www.boards.ie/discussion/comment/120043603#Comment_120043603

Oh that wasn’t good, getting your medic flagged. Make sure they are added to your list of contacts, I’m sure they are. Some of these call protect services don’t work as well as you might hope.

Like with most accidents, especially aircraft ones, Concorde had several factors.

cj maxx

https://www.boards.ie/discussion/comment/120043650#Comment_120043650

Failure to adhere to emergency procedures by the engineer , a errant plane on the runway causing the pilot to rotate below takeoff speed. Overfilling the fuel tanks.If one of those didn’t happen there was a good chance of landing. So many things combined. This according to the people interviewed, but not exactly what the BEA found.

Iseedeadpixels

Getting Revolut scam texts the last few days, keep an eye out.

Haven't got them…. Yet.