 |
 
|
|
|
| May Data Breach Warnings |
Researchers have found that a simple Skype exploit can reveal IP addresses — remote and local — of any user. A blog post skype-open-source runs through the process of obtaining a user's IP address. All a person has to do is start the process of adding a contact with a specific user name. Instead of sending a contact confirmation, the person can click on the information card to obtain the IP address of that particular user. Skype are investigating. | May Data Breach Warnings |
| May Data Breach Warnings |
Holiday villa rentals company, HolidayPorch.com, in Bristol had their servers hacked and 98 users' email addresses and plain-text passwords dumped on the Internet. | May Data Breach Warnings |
| May Data Breach Warnings |
Manchester Crown Court. Highly confidential data was stolen from the private office of Manchester’s top judge by a convicted criminal working as a labourer. The security blunder allowed the convicted thief to walk into the Manchester Crown Court chambers of Judge Andrew Gilbart QC and take his personal mobile phone and computer files. Stolen items included a computer hard drive - which was not password protected or encrypted - containing the details of up to 50 cases (including names of witnesses), a mobile phone containing other judges' phone numbers and some cash. | May Data Breach Warnings |
| May Data Breach Warnings |
Twitter is investigating the release of what appear to be thousands of user account passwords and email addresses. Twitter spokesman Robert Weeks said "We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected. For those who are concerned that their account may have been compromised, we suggest resetting your passwords and more in our Help Center." The user data was released on Monday and blogged about on Airdemon.net putting the number of accounts affected at 55,000 or more. It is unclear who posted the data, and why. | May Data Breach Warnings |
The "Payment Processor" type "jobs" that appear in some emails generally fall into three types:
- illegal money laundering - you could get into serious trouble for this even if you didn't know what was going on
- the "offer" is followed up by demands for cash to cover the "set-up administration costs"
- just to get access to your bank and/or paypal account.
A common scam just about every email user gets is the Bank scam. Check this page for more details and this months fakes. This is where you will get an email that looks like it comes from your bank and will require you to login to your account using the link provided in the email. The problem is, although the link will look real, if you look at the translation of the link you will see it actually points to a fake site and not the one belonging to the bank. Never click on a link in these emails, even if you think it may be real, instead go directly to the bank's website. It is not just banks that this scam targets. Any organisation where you have financial dealings could be a target such as Ebay, Paypal, Amazon, Inland Revenue, etc etc. or even social network sites such as Facebook and Twitter. In some cases, instead of a link the email will have an attachment in .HTML format which is actually the web page you would have gone to if there had been a link. DO NOT DOWNLOAD THIS ATTACHMENT.
It is also worth noting that NO ORGANISATION ANYWHERE EVER holds random email draws. They are ALL SCAMS. You CANNOT WIN a lottery or prize draw that you HAVE NOT ENTERED.
Although the sender's email address will be fake it can sometimes to used as an indication the email is a scam. A significant proportion of these scam (and spam) emails are sent using email servers used by universities and other educational establishments without their knowledge or permission. These types of places seem to have the lowest security when it comes to allowing outsiders to use their systems. Look at the sender's email address (not the contact email address). Does it end with .EDU ?
Remember, these email addresses/names/phone numbers were given as the contact/reply to addresses for the scams and not the addresses the email supposedly came from. This is because these types of emails are sent from false or non-existent email addresses, often from an unsuspecting innocent user who has had his/her PC taken over by a virus or trojan. The contact names will also usually be false (except where the scammer is really stupid) but may occasionally be a real name at the organisation the email is pretending to be sent from so do not assume the email is true based on the name of the sender.
Check this page for more details on spotting a scam email.
If you have a comment or suggestion (be sensible and clean please) send it to
Scam emails received during MAY 2012 (check this page as well)
| Contact address | Contact name/phone | Company/reason |
|---|---|---|
| albertmapellaurgentbiz@gmail.com mapellaalbert@live.co.uk |
Mr. Albert T. Mapella Tel : +27-78-043-8018 |
Claims to be from a "high placed official working with Department of Mineral and energy South Africa". Says he wants "a silent foreign partner whose identity can be using to transfer the sum of (Ten Million Five Hundred Thousand U.S. dollars) only. (US$10,500,000.00) this fund accrued legitimately to as an over invoice money from the soccer city stadium which hosted the opening and closing ceremony of 2010 world cup". My share would be 30%. |
| barrjoeokochaesq@yahoo.co.jp barrjoeesq@yahoo.co.jp |
Barrister O C. Joe Okocha | Claims to be "a legal practitioner and an attorney to late Mr. Richard Blanchard". Wants to criminally "present you as the next-of-kin and beneficiary to my late client fund" to get $25million the deceased left in an undisclosed bank. |
| dhl.couriery.company@gmail.com | Dr.William Jonathan DHL |
Says I need to "Contact DHLCourier Company for the release of your $2.850million us (Consignment box)". Apparently the consignment has been registered "as a BOX of church materials". |
| fredmalusi2@gmail.com fmalusi@blumail.org fmalusi0@gmail.com |
Mr. Fred Malusi | One line email with all the scam details in an attachment called "AN OVERSEAS TRANSFER..doc". Claims to be from "Mr. Fred Malusi, credit officer of ABSA bank Ltd South Africa". Wants me to fraudulently claim to be next-of-kin to a deceased client, "a German property magnate/contractor with South African Solid Mineral Corporation, Mr. Andreas Schranner", in order to get at $20million held at his bank. My share would be only 30%. |
| joteng35@gmail.com | John England | Claims to be from "John England of the Engineering Unit of US Military here in Baghdad". Says he has "$30 Million US dollars that we Want to move out of the country in three digital boxes" and wants my help for which I get to keep 30%. |
| m_r_t150@yahoo.co.jp | Miss Mary Clement | Says "i need you to stand as my guardian to retrieve my inheritance (US $7 Millions Dollars)" which she says was "inherited from my father here in Cote D'Ivoire before his assasination". |
| Steven.Robinson77@gmx.com | Steven Robinson | Suspect "Payment Processor" type job offer. Claims to be from an apparently legitimate Chinese company called "Beausimple Furnitures", the scam email even includes a link to what is supposed to be the company website. Says I could earn £2600 per month for only 1 to 3 hours a week! |
You may have noticed that the contact phone numbers most often begin with either +234 or +44 70. The +234 is the international code for Nigeria. The +44 code is the international code for United Kingdom BUT the '70' number that follows is a non-location specific personal number. Which means that the actual number is not in a fixed location and may not (actually probably not) be in the United Kingdom at all. These numbers are often used to disguise the actual country the scam originates from. If you do call the +44 70 number than you could well find you are actually calling Nigeria or some other foreign country. You should also note the high charge rate for calling a +44 70 type number.
Despite our best intentions, there's always the chance that we could fall victim to a scam. If you fear your account has been compromised, report the incident to the police and your bank/building society immediately.
Then check your bank and card statements thoroughly.
To help keep yourself safe going forward, make sure you keep your security software up to date, make sure your passwords are difficult to crack and keep changing them regularly.
If you think you have been the victim of a scam, or you suspect a scam, visit: adviceguide.org.uk/scams for help and advice.
