It would be fair to say pretty much everyone has a pain in their backside with the scams that are going around now and there is plenty of them and it was only a matter of time before I got one of the latest banking scams and that landed this morning. Having a quick look into it there is several versions of the sms scam which comes up as BOI SUPPORT as the send which will be on top of your screen, if I get an sms from BOI it comes up as BOI and you should be aware of the identifier up on the top of your device and remove old messages if you have any as they can and do come up in the same thread and you might not stop and think about it, this happened me last year so it is something to take down and note.
Above is a sample of what I got and what you can expect to see land on your device so beware and delete and do not click on any links but for those that do (i do to check these things out). Anyway this is what to watch out for and just delete these from your device straight away.,. Check out more – bank of ireland security zone
A new scam doing the rounds to watch out for claiming to be PTSB and beneficiary called SAMSON. The text has a PTSB identifier on top which most do to make it look real and here is when people panic and get caught out . As per usual you will be instructed to login to your account via the link given in the sms which brings you to a site near identical to the PTSB website and if you follow this you have just handed over your information and you know what happens after that.. Below is what to look out for and as usual report this and delete straight away and do not click on the link.
PTSB have had similar messages just recently but with a different approach you can find out more on that HERE
As per the PTSB WEBSITE
What should you do if you receive suspicious SMS?
Do not click on the link that is in the SMS.
Do not divulge any credit/debit card/account log-on information.
Do not respond to the message.
Regarding genuine authorisation codes received from permanent tsb via SMS please ensure that you read and fully understand the text message before proceeding
If you have already clicked the link and/or sent your details, contact us as soon as possible on +353 (1) 669 5851. We will cancel your Open24 number and arrange a new one for you.
Back in February this year there was a DHL scam doing the rounds via SMS which by no means is nothing new, However since then we have increased our online shopping due to the pandemic and this gives scammers a target to work on in some shape or form and it is not the last we will see of this either.
This time around the scam is via email and if you are a DHL customer or familiar with their emails you will see their email does not look like a typical email from DHL. On clicking the link seen in image 2 then image three all you need to do is look at the URL on top to see that this is a scam and just looking to get money from you by entering your credit card details, in short a phishing attempt for an apparent small fee., So as usual if you get an email like this just delete it and move along and let them keep trying..
We have contacted DHL and they have said “Hi Jim, thanks for your message and many thanks for sharing this with us. Our IT security team are aware of this matter. Many thanks.”
Phishing campaigns related to COVID-19 are becoming more targeted and difficult to identify as the pandemic progresses, a new report from privacy advocacy group ProPrivacy suggests.
The project, conducted in partnership with VirusTotal (Alphabet) and WHOIS XML, analyzed more than 600,000 domains to accurately track malicious activity throughout the pandemic. It found that the number of phishing domains being registered peaked in late March, but activity remains high with as many as 1,200 domains still being registered each day. To date, the project has identified more than 125,000 domains labeled as malicious, the vast majority of which are used for phishing activity.
The researchers noticed that as the pandemic progresses, phishing campaigns are becoming more targeted and potent, taking advantage of specific fears and concerns held by the public. For example, while there has been a marked decrease in the number of domains related to terms like ‘covid’ and ‘mask’, there has been a sharp increase in domain registrations related to unemployment, welfare benefits, and the US stimulus package.
Domain registrars have been proactive and effective in identifying generic domains related to the virus, but ProPrivacy’s research suggests that bad actors are now adopting a more nuanced approach. These focused campaigns are not only more likely to succeed, but they are becoming increasingly difficult for the threat intelligence community to identify using conventional broad stroke methods.
ProPrivacy tracked all domains registrations from January 1st, and each domain was checked against VirusTotal’s aggregated database of more than 60 threat intelligence partners. The team documented every domain labeled malicious and used a range of techniques to identify new themes that emerged throughout the pandemic.
“It would be easy to look at the overall trend and conclude that phishing activity related to the pandemic has simply fizzled out, but that’s not an accurate assessment,”
“These malicious campaigns have moved underground and are now addressing our most intimate concerns. When will my children return to school? Will I lose my job? It is these – truly human – questions that will fuel the ‘second peak’ of malicious activity. This is the next battlefront in the digital pandemic.” said Sean McGrath, lead researcher on the project.
According to a WhoisXML API researcher:
“We see a lot of niche registrations in our typosquatting data feed files. Registrants seem to target vulnerable groups. We suspect that these domains could serve as social engineering baits and trigger emotional responses.”
The study also found that GoDaddy was the most abused web host, hosting a disproportionately high number of domains used for phishing activity. The Scottsdale-based company is the largest hosting provider in the world, hosting an estimated 15 percent of all websites. However, 37 percent of the 80,470 IP addresses analyzed belonged to GoDaddy, with 3,285 resolving to the same IP address.
Last November I was the tatget of an elaborate paypal scam which Paypal had to investigate due to the numerous emails I got within the space of a few days which was dealth with eventually by the company, Now there is another one to keep an eye out for only this time comes in Dutch via email claiming there is unpaid fees to be paid and will limit my account Dutch would be a language not used often in phishing scams.
Once again this is a replica page that is trying to get your details and should be avoided and reported to Paypal straight away at spoof@paypal.com. Again these scams are not new but they change tack and can still catch people out so beware. On the opening text you see
Account Service heeft u een betaalverzoek gestuurd
translates to – Account Service has sent you a payment request.
After a review your account has been limited due to unpaid fees, please pay this invoice to cover your unpaid fees and remove this restriction permanently.
It claims I owe them 6.75 USD and then gives you a link to pay it and as mentioned looks genuine as seen above, Of course it is just out to get easy money in small doses but if you fall for it you have just handed over all your login information which is what they aim to do.. Remember to report the mail by forwarding it to spoof@paypal.com. We will see what they have to say about this one..
Recently there has been a spell of scams doing the rounds via sms with various chain stores attached to the text message but all untrue as we all know . Now we have a new one on the list to watch out for this time claiming to be from Amazon telling you that you have one a new phone and to click a link to claim your prize, All this is familiar territory and style we come to expect from scammers and sadly some will fall for it.. You will be brought to a site that looks exactly like amazon and asked to take a survey which in turn leads you to another site and here is where they get you.
Pass it on and tell your friends. The fact the Amazon comes up in the senders box does make it a little tempting and people will get caught out but the more people get wind of it the better and leave these clowns empty handed and then the site looking legit to the untrained eye is a good way to hook people in. This is not a callback or email scam but one to watch in your sms folder. This site is just out to get information from you such as credit card details etc. Amazon give a guide to help you should you need it. Amazon are aware of the issue.
A few months there was a scam going around purporting to come from Revenue offering you a refund of income tax and it was a good attempt to scam people but of course seeking personal information. This time of year is always busy with the scam front and I have been subject to an ongoing issue with PayPal myself which they are still trying to sort out.
Again this email is similar and here is what you need to look out for and it will ask you to open a link and fill in information but by all means DO NOT open any link in the email and just discard it straight away you can see the information provided in the link as what you need to watch out for so you have been warned and it is another phishing attempt.
Revenue do have an advice section on their website if you need or feel you have got a suspicious link HERE
Another day another scam this time it is AIB via email with what would be a convincing look for some folk, AIB will not email you about your bank account like any other bank would asking for details so if you get it,block the sender and report, the more we act on the likes the more we can prevent it happening and see less people being caught out.
We of course contacted AIB about this and they also confirm its a scam see the details below and pass it on. Most importantly to note here too is not to download any attachments..
— Jim O Brien Tech 👨💻techbuzzireland.com (@techbuzzinfo) June 20, 2019
What to look out for..
If you have received an email from ‘AIB Business Banking <info@email.comms.aib.ie>’ entitled ‘iBB is about to get an update!’ this email is a genuine email from AIB. There are no links to any pages asking for your banking details in this email.
If you have received an email from ‘First Trust Bank’ (info@email.comms.aib.ie) entitled “Changes to how you access and use Online Services” this email is a genuine email from First Trust Bank. There are no links to any pages asking for your banking details in this email.
If you have received an email from ‘AIB Personal Banking’ (info@email.comms.aib.ie) entitled “Changes to how you login and use Online Banking Services” this email is a genuine email from AIB. There are no links to any pages asking for your banking details in this email.
If you have received an email from ‘AIB Business Banking’ (info@email.comms.aib.ie) entitled “Changes to how you login and use Online Banking Services” this email is a genuine email from AIB. There are no links to any pages asking for your banking details in this email.
If you have received an email from ‘AIB Personal Banking’ (info@email.comms.aib.ie) entitled “Deposit rate change to your account” this email is a genuine email from AIB. There are no links to any pages asking for your banking details in this email.
If you have received a SMS from ‘AIB’ regarding the inability of processing payments on your account this is a genuine SMS from AIB. There are no links to any pages asking for your banking details in this SMS’.
If you are a Netflix user there is a phishing scam alert on the cards for the estimated 175,000 users in Ireland.
According to the ITsecurity firm Smarttech.ie, the fake message will ask users to click on a link to update their credit card details, or face termination of their Netflix account.
The email will look like this.
Common sense should pre-vale here and just ignore it,these scams are not new but becoming more commonplace especially of late,so just delete the mail and move along folks.
