The phishers are getting cannier
The phishers are getting cannier
Take care, out there! Got these two almost-identical E-mails today - both purporting to come from BT:
Spot the difference? Yes, the fake is on the left and the genuine one on the right. The genuine one addresses me by name - also it had the correct account number in the corner (before blurring). The account number in the fake was incorrect, so the spammers haven't yet intercepted that bit of data about me - but it can only be a matter of time.
The fact that both these E-mails arrived on the same day is also a bit disturbing. Some clever footwork out there, I reckon.
Spot the difference? Yes, the fake is on the left and the genuine one on the right. The genuine one addresses me by name - also it had the correct account number in the corner (before blurring). The account number in the fake was incorrect, so the spammers haven't yet intercepted that bit of data about me - but it can only be a matter of time.
The fact that both these E-mails arrived on the same day is also a bit disturbing. Some clever footwork out there, I reckon.
Suppose that this room is a lift. The support breaks and down we go with ever-increasing velocity.
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
Re: The phishers are getting cannier
simple soln dont opt for paperless billing where possible?
I get lots of paypal ones saying I have bought an apple this or that and if not me to SIGN INTO MY ACCOUNT by clicking the link ( heh I am not that stupid or senile yet ) hehe trying to be helpful in protecting me from (other) thieves.
I dont know if you clicked a link to open say a pdf of the bill then thats also a nono as that could load some thing else
I get lots of paypal ones saying I have bought an apple this or that and if not me to SIGN INTO MY ACCOUNT by clicking the link ( heh I am not that stupid or senile yet ) hehe trying to be helpful in protecting me from (other) thieves.
I dont know if you clicked a link to open say a pdf of the bill then thats also a nono as that could load some thing else
Re: The phishers are getting cannier
I've had numerous phishing emails from banks I don't bank with but managed to log into my online account I don't have with fake details, as long as the account number and sort code are in the right format, 6 digits for sort code and 7 for account number anything will work, add a bogus password and pin number and you'll be OK.
Re: The phishers are getting cannier
Slightly different problem, but I was impressed by the bank
My MiL is 92 partially sighted, hard of hearing and fiercely independent. She was overpaid some of her allowances and they backdated it several years so wanted a couple of thousand back
Easy enough ... go into bank and pay
First thing the bank did was ask to speak to her alone to ensure she wasn't being coerced, as taking elderly people into the bank to make a payment is a con trick
Then they phoned up and checked the payment was correct and the account details
Only then would they make the payment from her account
Inconvenient, and time consuming, but good on the bank for ensuring that she was not being scammed
My MiL is 92 partially sighted, hard of hearing and fiercely independent. She was overpaid some of her allowances and they backdated it several years so wanted a couple of thousand back
Easy enough ... go into bank and pay
First thing the bank did was ask to speak to her alone to ensure she wasn't being coerced, as taking elderly people into the bank to make a payment is a con trick
Then they phoned up and checked the payment was correct and the account details
Only then would they make the payment from her account
Inconvenient, and time consuming, but good on the bank for ensuring that she was not being scammed
Re: The phishers are getting cannier
I get “ BT” things nearly every week. Just click on the sender and you find it is Joeblogs@bt.com or something similar. PayPal ones are less common but it is easy enough to check if you have a separated link to anybody you deal with regularly.
-
- Posts: 9509
- Joined: 13 Feb 2015, 8:32pm
Re: The phishers are getting cannier
PayPal is one I get a lot. First time I actually went into a browser and logged onto the PayPal account I set up once when I needed to pay a friend who lived a long way from me for a trip she organized. I could not remember the password so had to go through the rigmarole of getting a temp one.
I got into my account and double checked I had removed the link to my bank account/debit card. Originally I set up PayPal, put the exact amount into my PayPal account then removed the link to my money or cards. Then paid the friend. Then never used PayPal again.
I did however send a screenshot of the phishing email to PayPal security when reporting the email. Actually I think I forwarded it or copied it to them. Something about them getting the email header etc to try and track the source IIRC. They "take all phishing seriously" apparently. Yeah right.
BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
I got into my account and double checked I had removed the link to my bank account/debit card. Originally I set up PayPal, put the exact amount into my PayPal account then removed the link to my money or cards. Then paid the friend. Then never used PayPal again.
I did however send a screenshot of the phishing email to PayPal security when reporting the email. Actually I think I forwarded it or copied it to them. Something about them getting the email header etc to try and track the source IIRC. They "take all phishing seriously" apparently. Yeah right.
BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
Re: The phishers are getting cannier
I've just had a look through my archive of past E-mails, and lo and behold! I now realise that these spams have been coming in for years. Point is, seeing as I'm paying this particular account by direct debit, I don't take any action when the E-mail comes in - just file it away, check my bank balance, then forget about it. And I never noticed that I was getting more E-mails from "BT" than necessary! So there were about half-a-dozen phishing messages lurking in my archive. All flagged and deleted now!
All the advice about checking sender, etc: well if an E-mail is asking me to actually do something, I always check that - and it's then easy to spot the phishers. And I never access a service provider by clicking on a link in an E-mail - unless I have no option than to do that. The latter only really arises when I've just registered a new account on a web site, and it's asking me to confirm my E-mail address. In all other cases I go to one of my bookmarks.
I think I'm reasonably careful, but there's no harm in warning others. And if anyone thinks I should be even more careful, please tell me!
All the advice about checking sender, etc: well if an E-mail is asking me to actually do something, I always check that - and it's then easy to spot the phishers. And I never access a service provider by clicking on a link in an E-mail - unless I have no option than to do that. The latter only really arises when I've just registered a new account on a web site, and it's asking me to confirm my E-mail address. In all other cases I go to one of my bookmarks.
I think I'm reasonably careful, but there's no harm in warning others. And if anyone thinks I should be even more careful, please tell me!
Suppose that this room is a lift. The support breaks and down we go with ever-increasing velocity.
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
Re: The phishers are getting cannier
I've sometimes wondered about this. I use PayPal quite a lot - it puts an extra 'barrier' between my bank account and an as-yet-untried vendor - hence another layer of protection just in case the vendor turns out to be rogue, at least they haven't got my card details.Tangled Metal wrote:BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
If PayPal themselves get hacked and my card details leak out - well an event of that magnitude would probably hit the news headlines, so hopefully I'd get warning in time. As would millions of others!
Suppose that this room is a lift. The support breaks and down we go with ever-increasing velocity.
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
Let us pass the time by performing physical experiments...
--- Arthur Eddington (creator of the Eddington Number).
-
- Posts: 9509
- Joined: 13 Feb 2015, 8:32pm
Re: The phishers are getting cannier
If PayPal are doing anything that your bank isn't doing then I'd agree but the security checks your bank should be doing should be enough surely?
If you're worried about this then set up a shadow account where you put the exact money in for your payment and have no overdraft facility. Then pay from that account. Don't use it other than for online purchases. It's very easy to transfer money to another account before paying for something. You could use your main bank or another. Using a separate bank might give you different security protocols. HSBC is one bank that's got strict security protocols. My partner gets her account shut down a lot by their Internet security team even though she doesn't use it much.
If you're worried about this then set up a shadow account where you put the exact money in for your payment and have no overdraft facility. Then pay from that account. Don't use it other than for online purchases. It's very easy to transfer money to another account before paying for something. You could use your main bank or another. Using a separate bank might give you different security protocols. HSBC is one bank that's got strict security protocols. My partner gets her account shut down a lot by their Internet security team even though she doesn't use it much.
Re: The phishers are getting cannier
661-Pete wrote:I've sometimes wondered about this. I use PayPal quite a lot - it puts an extra 'barrier' between my bank account and an as-yet-untried vendor - hence another layer of protection just in case the vendor turns out to be rogue, at least they haven't got my card details.Tangled Metal wrote:BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
If PayPal themselves get hacked and my card details leak out - well an event of that magnitude would probably hit the news headlines, so hopefully I'd get warning in time. As would millions of others!
I use Paypal all the time, why? Mainly because it's so much easier than filling out card details and also because I approve of Musk's enterprises.
As for phishing. Never use the links, if in doubt going to the site manually is the first and most important protection.
They're usually pretty easy to spot - mainly because they have to put links in otherwise there's no point. Check the URL of the link - it's always something daft.
Re: The phishers are getting cannier
Tangled Metal wrote:.
BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
Wrong, doesn’t cost me anything to pay through Paypal. I’ve a verified account
Selling on EBay is a different matter of course.
Whatever I am, wherever I am, this is me. This is my life
https://stcleve.wordpress.com/category/lejog/
E2E info
https://stcleve.wordpress.com/category/lejog/
E2E info
Re: The phishers are getting cannier
Paulatic wrote:Wrong, doesn’t cost me anything to pay through Paypal. I’ve a verified account
Selling on EBay is a different matter of course.
Oh yeah, I forgot about selling.
I have a website I sell bits and pieces from. I just added some little paypal gizmos and that was it. Easy peasy, no need to do all the nonsense you need to accept credit cards etc.
(And eBay too of course).
-
- Posts: 9509
- Joined: 13 Feb 2015, 8:32pm
Re: The phishers are getting cannier
Paulatic wrote:Tangled Metal wrote:.
BTW what benefit is PayPal? You can pay direct from bank account, credit or debit card so why use PayPal? It's a middle man you're paying for right?
Wrong, doesn’t cost me anything to pay through Paypal. I’ve a verified account
Selling on EBay is a different matter of course.
It's a service and a business, someone is paying for it at one end or another. If not you then the business you're buying from our some other entity.
As for entering card details each time. You can scan cards in seconds, the few bits you have to enter after that takes seconds to do. I've been buying online a lot recently (birthdays and Xmas makes December a costly month). The biggest delay in the checkout stages I've encountered are the long winded step by step process some online retailers use. There's good online retailers that you can go from clicking on checkout to order confirmation in less than a minute. Others your there for the minutes going through their long winded process. The actual card entry stage on those are a small part of the process in terms of time IME.
Of course it's easier to buy online from a phone or tablet with a camera to scan your cards. Making sure you don't let it record them of course.
Perhaps I'm a distrusting type but giving PayPal my card details to store is a worse option than having to enter the details each time. As far as the security of the actual money transfer process it's probably not that different.
Personal choice I guess and whatever works for you.
Re: The phishers are getting cannier
kwackers wrote:They're usually pretty easy to spot - mainly because they have to put links in otherwise there's no point. Check the URL of the link - it's always something daft.
It's not always daft. Sometimes it's quite close to the real thing. They leave out a letter, or have a different country extension, or add something onto the end, but it otherwise looks close enough that you'd have to think about it or read it carefully.
I've received bank phishing mails that were like that.
“In some ways, it is easier to be a dissident, for then one is without responsibility.”
― Nelson Mandela, Long Walk to Freedom
― Nelson Mandela, Long Walk to Freedom
Re: The phishers are getting cannier
Tangled Metal wrote:Perhaps I'm a distrusting type but giving PayPal my card details to store is a worse option than having to enter the details each time.
How can that be true?
Paypal have a business built on trust. Web stores on the other hand - how do you know they destroy that data? Sure the bigger ones have an incentive to garner your trust but is that true for every one of the millions of stores on the web?
When people have dodgy transactions on their cards it's a given their card was skimmed either by a website or physically in a location. IMO Paypal is very much less of a gamble than pretty much anywhere else.