The Bookkeepers.Network (BKN)

Post Info TOPIC: Phishing email
Jay


Senior Member

Status: Offline
Posts: 195
Date:
Phishing email


Good morning all,

 

Having received a phishing email over the weekend informing us of a £340.83 refund being due to us  I duly forwarded it to HMRC.

 

However it immediately bounced back with the following message :

 

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

 

 phishing@hmrc.gsi.gov.uk

 

    host smtp.securespamfilter.com [89.187.86.14]

    SMTP error from remote mail server after end of data:

 

    550 A URL in this email (thesailcorp . com) is listed on https://spamrl.com/. Please resolve and retry.

 

Anyone else with the same issue ?

I'm more disappointing by the paltry sum of the refund, they could have at least made it a few £1000

 

BW

 

Jay.

 

 

 

 

 



__________________


Master Book-keeper

Status: Offline
Posts: 7091
Date:

Oh thats so funny!

Yet, also not so funny!

HMRC = amazing .......again.

So wish we could fine THEM every time they make an error - what is the percentage for careless error? biggrin

 



__________________

Joanne  

 

Winner - Bookkeeper of the Year 2015, 2016 and 2017

Thoughts are my own/not to be regarded as official advice,which should be sought from a suitably qualified Accountant.

 



Master Book-keeper

Status: Offline
Posts: 2611
Date:

Hi Joanne and Jay

I'm waiting to see if they implement GDPR!

 



__________________

John 

 

 

 Any advice given is for general guidance and professional advice should be sought applicable to your circumstances.

Jay


Senior Member

Status: Offline
Posts: 195
Date:

The scamming has now escalated with over 100 locals ( Isle of Wight) receiving  phone calls demanding money with threats of arrest.

 

The calls are from a "Bot" which recognises replies and responds accordingly.

 

They are also asking for payment by I-Tune vouchers, being untraceable.

 

They do not have any taxpayer details but the message is very convincing to supply your details to them to "verify" who they are talking to.

 

One client asked them to refer to us and the "automatic" rely was " Your Accountant knows nothing"     ( mmmm bit harsh )

 

We have contacted all our clients and asked them to refer any calls from HMRC to us and cease the call.

 

BW

 

Jay

 



__________________


Expert

Status: Offline
Posts: 1620
Date:

There are examples on YouTube of where people have set up bots the other way around - to receive scam calls (or simply cold callers in some cases) and record the often entertaining calls that result.

I think it would be interesting (and informative for less clued up people who might otherwise fall for it) if someone could do the same for this scammy bot caller.



__________________

Vince M Hudd - Soft Rock Software

(I only came here looking for fellow apiarists...)



Expert

Status: Offline
Posts: 1620
Date:

On the subject of phishing emails, I had an interesting one today.

The email itself is fairly bog standard. It claims to have an invoice attached - a PDF file.

Now, normally I wouldn't recommend people do this - but it's very much a case of "do as I say, not as I do" because my set up is probably "a bit more safe and secure" than most, so...

Upon opening the "invoice" there's a company logo (as you might expect) then three elements containing a link:

  1. The text "UNABLE TO VIEW ONLINE DOWNLOAD TO OPEN THE ATTACHED"
  2. A graphic saying "DOWNLOAD PDF"
  3. The text "This file is securely attached open with your professional email Credentials"

The link is badly set up - it lacks a protocol at the start, so clicking it attempts to load it locally (i.e. from the computer, instead of the web).

Copying and pasting the link into a browser now, nothing happens (I have to enable JS to see that my A/V software is blocking it - unfortunately, I'm coming back to this as an afterthought. Earlier, it threw up log-in request with logos for various mainstream email providers such as Microsoft's Outlook365, Gmail, and so on. The aim, obviously, to get the victim to input their log-in details.

As I said, nothing particularly special - fairly bog standard stuff.

However, what intrigues me is that it purports to come from one of my client's customers. (The from line is their accounts address, though the reply-to is entirely different.) The logo in the PDF is indeed that customer's - and looking at their website, the name used is indeed someone at the company.

It might be a coincidence, but the client in question does get scammy email attempts notably often, which fit a particular pattern: They tend to be "from" a director, asking the recipient either if they can set up a payment (with no details - expecting a reply and to follow-up with the details) or to set up a  payment, with the necessary details. I've sometimes received these emails, sometimes it's others at the company.

This tends to happen when whichever director it claims to be from is away on holiday. Sometimes the scammers get it wrong - but the timing is right often enough I think it's someone who has some (incomplete) knowledge of the company, and the comings and goings, etc.

So this email claiming to come not just from a random company, but from a customer of the client is a bit too coincidental to me. I can't help but think it might be the same dodgy actor trying a new tactic.



__________________

Vince M Hudd - Soft Rock Software

(I only came here looking for fellow apiarists...)

Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.

Tweet this page Post to Digg Post to Del.icio.us
Members Login
Username 
 
Password 
    Remember Me  

©2018 The Bookkeepers Network (BKN). All Rights Reserved. The Bookkeepers Network (BKN) is a trading division of Bookcert Ltd. Registered in England Company Number 05782923. 2 Laurel House, 1 Station Rd, Worle, Weston-super-Mare, North Somerset, BS22 6AR, United Kingdom. The Bookkeepers Network and BKN are trademarks of Bookcert Ltd. This forum is a discussion forum only. There will usually be more than one opinion to any question and any posting should not be viewed as a definitive solution. No responsibility for loss occasioned to any person acting or refraining from action as a result of any posting on this site is accepted by the contributors or The Bookkeepers Network. In all cases, appropriate professional advice should be sought before making a decision. We reserve the right to remove any postings which are offensive, libellous, self-promoting or engaged in covert marketing. We will not notify users of removals. The views expressed in the forum posts are those of the individual and do not necessary reflect or agree with those of The Bookkeepers Network. Any offensive or unsuitable posts will be removed by the moderators. Any reader of this forum can request for a post to be looked into by sending an email to: info@bookkeepers.network or info@bookcert.co.uk.

Privacy & Cookie Policy