Current Scams
Posted: Wed 25 July, 2018 Filed under: 1BEM, Cynicism, Geeky, People, Security, Thoughts 1 Comment »At the moment, there are a couple of interesting (and fairly well-crafted) scams going around. I’ve seen/received all of these in the last week or so.
First – the ‘we know what you’ve been up to‘ scam email.
It says something along the lines of “I know what you’ve been up to – when you were on that porn site (it’s noticeably non-specific on details) I loaded a screen-grabber to your machine, so we could record your ‘activities’“. Some of them also have something like “We know your password for the site was [whatever]” – the password is usually an old one that they’ve taken from a record including your email address, and gambles on people using the same password across multiple sites. (In fairness, most people do exactly this) And then it asks for a ransom “or your shame will be available for all to see” It’s pretty basic, but is apparently enough to scare a certain sub-set of people (AKA gullible idiots) who so far have forked out around $250,000 to the scammers.
Second – and there are two types of this currently bonging around – are the HMRC scams.
These basically draw on the whole paranoia about HMRC losing payments, or trying to take the business owner to court.
I’ve had umpteen emails about “Your payment hasn’t gone through” along with attached links or forms to fill in – always a pretty damn good clue that it’s a scam. And again, they’re all ridiculously non-specific, don’t mention a company name/details, or what the payment is supposedly for – another warning sign
The second type, which is a bit nastier, is the phone message – I’ve had a couple now, with a message saying “We’re issuing a warrant in order to discuss this matter with you“, and sounding a lot more official. Still no details though, or anything about what they’re wanting to discuss. (I know, in theory GDPR would also stop them from discussing, but that’s a side point for now) However, they show the phone number – in my experience, calls from HMRC and the like come through a switchboard, and usually show as “Unknown Number” – and a quick search on that number provides more than enough evidence that it’s a scam.
Of course, there are plenty of other scam emails out there – it’s just that these are the ones I’ve noticed specifically this week, and particularly after having received a couple of the “HMRC” calls yesterday and today, so I thought I’d write a bit about them.
The level of sophistication of the current email/phone scams is worrying.
How can anyone be sure someone calling on behalf of a big company is who they say they are, particularly when they refuse to prove their identity ‘because of GDPR’? A complete misrepresentation of GDPR, but it’s a great excuse to cover any situation (genuine or scam).
I fear for older people. A 79 year old friend of mine has just been duped by a car insurance scam – she got a letter saying her insurance company had gone bust and that she needed to ring a given number urgently, and arrange new insurance before she could drive her car again. Her 85 year old husband is undergoing daily radiotherapy, and she lives in a very rural area with no public transport, and has been refused hospital transport. Unsurprisingly, in the circumstances, she was taken in and lost £1400 (and despite it being a Visa debit card, her bank are currently refusing to do a Visa chargeback, as they should in this circumstance). She used to work in a senior position for a building society, and, until recnetly, volunteered as a financial advisor for the CAB. If she can be duped, anyone can.
The future holds more of the same… because there seems to be no way of stopping it.