A New Scam Format?

Advert

New Replies

Report Bug

Help/FAQs

A New Scam Format?

This topic has 12 replies, 7 voices, and was last updated 1 March 2025 at 11:41 by Michael Gilligan.

Viewing 13 posts - 1 through 13 (of 13 total)

Author

Posts
2 February 2025 at 10:22 #781600
Nigel Graham 2
Participant
@nigelgraham2
Or one new to me?

Usually the sending address is clear but this one was hidden; and I have not encountered that previously.

Not from the e-post service’s “View Source” tool though. This revealed it as, or through, a web-site called “www-dot-denum-dot-de.” German?

Although this prevented blocking the sender and domain, as presumably intended, I could still forward it to “report@ phishing.gov.uk”, and delete it.

The attack itself was fairly convention: a “last chance” of none previously, to claim something unexpected; with the attack itself hidden behind two image-notifier symbols.
Advert

2 February 2025 at 12:14 #781624
Chris Gunn
Participant
@chrisgunn36534
Nigel, I had a similar one the other day as well, no sender, but also I was able to send it to report phishing.

Chris Gunn
2 February 2025 at 12:59 #781643
Nigel Graham 2
Participant
@nigelgraham2
We have so much to be on our guard all the time, but the sublety of omitting to show its address was thrown away by the obvious nonsense of the message.

I use BT Internet, and it has a tool called “View Source”. I don’t know if other providers offer similar. Most of the result is pure computer-ese – including long blocks of (hexadecimal?) language and the message’s formatting code – but it does show the originator as far as it can trace it.
2 February 2025 at 13:19 #781650
Vic
Participant
@vic
I’ve only just thought of it, but I used to get loads of scam emails when I had a virginmedia email address. So much so I had to use a tool on their system to block them. Since I switched to an iCloud account a couple of years ago I’ve not had a single dodgy email.
2 February 2025 at 17:54 #781686
Mark Rand
Participant
@markrand96270
Just use a decent email client. Thunderbird is quite simple for those who don’t want something closer to the nuts and bolts. Never use a browser for email…
2 February 2025 at 21:54 #781711
Vic
Participant
@vic
On 2 February 2025 at 17:54 Mark Rand Said:

Just use a decent email client.

That won’t stop you getting scam emails. At least it didn’t for me. I’ve only ever used a browser for changing virginmedia email settings to block scammers. More important it seems is the host. Getting rid of virginmedia has worked for me so far.
6 February 2025 at 16:31 #782090
Nigel Graham 2
Participant
@nigelgraham2
Just reported and blocked four messages telling me of the end of my subscription to anti-virus software I have never used. A previous attempt at the same trick used a domain ending in “.de (German?) but unusually these four were all from a domain ending “org.uk”. Parasiting on a genuine website?
6 February 2025 at 18:20 #782103
Michael Gilligan
Participant
@michaelgilligan61133
On 6 February 2025 at 16:31 Nigel Graham 2 Said:

[…] Parasiting on a genuine website?

Not quite what I would call “Parasiting” Nigel

All they do is copy the content of some genuine page, and then edit the HTML to suit their own nefarious purposes.

The ‘template’ can be shared throughout the community of ne’er do wells at the click of a mouse. … Same spoof can arrive at your inbox from anyone, anywhere, who has the requisite modicum of ability.

MichaelG.
6 February 2025 at 22:46 #782104
Nigel Graham 2
Participant
@nigelgraham2
I see.I have encountered similar with e-posts, using a friend’s or relative’s real name to beg for money (“… stuck in Paris…” ); but not previously with web addresses.
7 February 2025 at 07:05 #782120
Diogenes
Participant
@diogenes
The way to reduce all Junk email to the barest trickle is to Empty the Junk folder daily – without ever opening any of it.

I get one or two ‘Junk’ items a fortnight, usually from some innocent ‘local govt. initiative’ paid to mailshot everyone in a catchment about solar panels or loft insulation..

It’s worked with every email client I’ve ever used.
8 February 2025 at 20:17 #782367
Nigel Graham 2
Participant
@nigelgraham2
If what your system calls “junk” is what mine calls “Spam”, I do have some legitimate messages go there.

Fortunately BTInternet does tell you there are messges in “Spam”, so I can act promptly.

(There is a “safe senders” list but you don’t need use it, which is as well because I’m blowed if I can find it. I did once, but not since.)

I don’t seem to receive what may be genuine but cold-call sales e-posts. Those usually arrive as land-line ‘phone calls. Asking the caller firmly things like, “Which survey and how did my home enter it?” (for loft insulation in that case) frightens them off. The seller might be real but his survey claim bogus, made in hope.
17 February 2025 at 11:09 #783641
Dave Halford
Participant
@davehalford22513
This one on the BBC sounds nasty – bailiff bull.
1 March 2025 at 11:41 #786642
Michael Gilligan
Participant
@michaelgilligan61133
On 6 February 2025 at 18:20 Michael Gilligan Said:

On 6 February 2025 at 16:31 Nigel Graham 2 Said:

[…] Parasiting on a genuine website?

Not quite what I would call “Parasiting” Nigel

All they do is copy the content of some genuine page, and then edit the HTML to suit their own nefarious purposes.

The ‘template’ can be shared throughout the community of ne’er do wells at the click of a mouse. … Same spoof can arrive at your inbox from anyone, anywhere, who has the requisite modicum of ability.

MichaelG.

Just briefly reviving this topic to share this interesting post, by people who know about such things:

https://www.netcraft.com/blog/darcula-v3-phishing-kits-targeting-any-brand/

MichaelG.
Author

Posts