Jump to content
This site uses cookies! Learn More

This site uses cookies!

You can find a list of those cookies here: mysite.com/cookies

By continuing to use this site, you agree to allow us to store cookies on your computer. :)

Sign in to follow this  
JohnT

A New Ransomware Scam

Recommended Posts

I thought to share a work experience today where i think we weer lucky to avoid a ransomware scam and as it was a new one on me I thought to share with you chaps in case you get caught as its quite clever.

 

We are all used to getting unsolcitoed emails from a source that purport to send an invoice or a link that just invites a click only to find its a ransome ware attack.  They are pretty obvious and easy to detect along with African Princes wanting to use our bank accounts for Olympic Funding that is no longer required etc etc

 

This takes it to another level though

 

Its work related but I am sure that a variation for non work matters will be along in a minute

 

This morning my work emails inbox contained an email from a client. Except that it wasn't.  That email looked odd straight away in that it was almost exactly a duplicate of one the client had sent to me in 2017 specifically asking for advice on a possible purchase of a property in Glasgow for development to housing.  I recalled it well as that's not what I do and I referred him on to someone else who could help him.  

 

The start of this email was just a little different though.  It now started by saying he had seen this property and what did I think - then added a link to click on.   Er, no

 

The 2017 original did not contain any link.    I telephoned the client and ascertained that he had not sent that email.

 

On double checking the sender address it was of course different.  But not obviously so that you would have noticed if put of guard by knowing the sender etc.

 

So it has been deleted, colleagues duly warned as has my professional body who are adding this variation to their scam alert page.

 

Harder to spot the scam but still relatively easy if you are alert.

 

I have posed the thought though what if they had hacked into the clients emails and managed to create a more convincing email regarding a totally new subject rather than one from 2017 which stood out like a sore thumb?  Something that referred to the last bit of business and they wanted advice on something new? Would I have gaily clicked on the link?  Possibly

 

The moral must be never click on any link in an email unless you have verified the source of that email first.  If its something you can otherwise access on the web then do so - not through the link.

 

If I correspond with you on any matter generally from time to time and someone with evil intent hacks into my email account they can impersonate me in an email and say "Hey - see what I found on the Airfix site?  Have a look at the latest 1/48 scale Vulcan model from Airfix newly announced here - linky"  taking you straight to my ransom ware.

 

As was said in Hill Street Blues every episode - "Hey, lets be careful out there" - I'd do link to  a video but hey - you know !:D

Share this post


Link to post
Share on other sites

I had two similar emails at work. They were also easy to detect as they were from someone who hadn't set foot in our building for over two years and concerned a meeting that took place about three years ago. I can only assume that his personal email account has been compromised in the same way. 

Share this post


Link to post
Share on other sites

Exactly Paul

my worry is for when they wise up and cut into a current email conversation. How often do we check email origin when we recognise sender and text format?  Probably never and that will have to change. The trouble is this is destroying the utility and effectiveness of email

Share this post


Link to post
Share on other sites

FWIW, I got a similar one from my hosted Exchange provider  (asking me to check my payment methods -the old classic) that was absolutely perfect right down to a near identical domain and beautifully made log in page... after a bit of head scratching I think what these folk are doing is hacking into hosted exchange/mail servers and extracting enough to spoof an email. That means in many cases they are probably sifting through all our mails and picking likely targets.

 

I have asked my normal security consultants to investigate my providers security and he forwarded me my last 10 emails from their server in an about an hour. They have remained strangely silent when I queried them about this and are "referring it to the security team"

 

Sure beats getting a job I guess...So apart from " Shut it" emails from @Mike, I trust no one anymore including me, the pain has just begun...

Share this post


Link to post
Share on other sites
7 minutes ago, azureglo said:

 

I have asked my normal security consultants to investigate my providers security and he forwarded me my last 10 emails from their server in an about an hour. They have remained strangely silent when I queried them about this and are "referring it to the security team"

Now that does not give me a warm fuzzy feeling all over. Quite the opposite. 

I asked my provider a similar question today and await an answer witness more interest than I had before reading this

Share this post


Link to post
Share on other sites
2 minutes ago, JohnT said:

Now that does not give me a warm fuzzy feeling all over. Quite the opposite. 

I asked my provider a similar question today and await an answer witness more interest than I had before reading this

Sadly stealing is as old as humanity, it was a vain hope that IT would be any more secure than bank vaults, houses, cars or sheds. The problem is is the "scrote" element of humanity that says "I don't want to earn my daily bread, it's easier to steal yours". I'm fine for now as I know enough about everyone I deal with, to cope but give another ten years my faculties are so good...e.g.

 

https://www.dailymail.co.uk/news/article-6611301/Shocking-moment-thief-steals-cash-95-year-old-man-counts-money-Chinatown-market.html

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×