Attempted scam?
Thread Starter
Attempted scam?
For the second time in a week I have received a suspicious email, basically they want me to click on a link, needless to say I haven't, and I have tried to trace the source but I'm not skilled enough
The message is reproduced below, anyone else had it or something similar and how can one hit back?
The from address is-- [email protected]
Regards, Den.
We have received an invoice from : boots.com to enable the charge of £4.55 to your account.
The transaction is pending.
Order Reference:
BO40000012301195
25 March 2015
If this transaction was made by accident and want to cancel please click here.
-H.S.B.C.
This email and any files transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed.
The message is reproduced below, anyone else had it or something similar and how can one hit back?
The from address is-- [email protected]
Regards, Den.
We have received an invoice from : boots.com to enable the charge of £4.55 to your account.
The transaction is pending.
Order Reference:
BO40000012301195
25 March 2015
If this transaction was made by accident and want to cancel please click here.
-H.S.B.C.
This email and any files transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed.
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
I have tried to trace the source but I'm not skilled enough
how can one hit back?
However, what you can/should do is copy/paste the raw source text of the email into Spamcop. The spamcop system will automagically parse the email and send report emails to the right places.
If you want to go one step further, you can track down an email address for the security department at HSBC and send a copy to them. Not all organisations make such details readily available publicly, but those with half a brain do (e.g. Apple, Microsoft, Paypal etc.) because they know its not in their interests to allow scams to operate in the name of their company.
The police also operate an ActionFraud service you can report it to.... you used to be able to forward the email, but now its a simple online form. Despite the name, they are also interested in scams, phishing and malware ... not just fraud.
Send it to [email protected]. They'll do the rest. Don't open it. You might also like to report it to www.scamwarners.com.
Join Date: Mar 2015
Location: Scotland
Posts: 1
Likes: 0
Received 0 Likes
on
0 Posts
Hello,
I received this exact same e-mail this afternoon and I did not click the link as immediately suspicious of it. On trying to find out how to report it I found this information and it all proved very useful. Thank you.
I received this exact same e-mail this afternoon and I did not click the link as immediately suspicious of it. On trying to find out how to report it I found this information and it all proved very useful. Thank you.
Join Date: Jul 2001
Location: U.K.
Posts: 805
Likes: 0
Received 0 Likes
on
0 Posts
Attempted scam
There is a query over the security with my account with RBOS, HSBC, Lloyds, Barclays, The Co Op Bank, etc etc despite only having an account with one of these organisations. Worringly, I have failed to pay several traffic violation fines in the USA - I have never been there, and I have several outstanding county court judgements so the bailiffs will be calling.
All these e-mail notificatications require me to click on some suspicious link. I never do .... And I am still awaiting the bailiffs!
P.P.
All these e-mail notificatications require me to click on some suspicious link. I never do .... And I am still awaiting the bailiffs!
P.P.
Join Date: Aug 2006
Location: firmly on dry land
Age: 81
Posts: 1,541
Likes: 0
Received 0 Likes
on
0 Posts
I use a program called Mailwasher.
Normally it will show the email address of the originator. I received an authentic email purporting to be from my ISP; it looked very authentic. It failed as the sender's address was [email protected]. The Mailwasher has a button that shows the source of the message. Hidden in there you may find a dot RU or Russia. Or you may find a web address.
Strip out the suffix and look at the basic web address. I have found a gym in the US, lawyers in South America etc. Their servers have been penetrated.
Without doing anything send a phishing report. If you want to delete first try Mailwasher, it is freeware.
Normally it will show the email address of the originator. I received an authentic email purporting to be from my ISP; it looked very authentic. It failed as the sender's address was [email protected]. The Mailwasher has a button that shows the source of the message. Hidden in there you may find a dot RU or Russia. Or you may find a web address.
Strip out the suffix and look at the basic web address. I have found a gym in the US, lawyers in South America etc. Their servers have been penetrated.
Without doing anything send a phishing report. If you want to delete first try Mailwasher, it is freeware.
Join Date: May 2009
Location: Confoederatio Helvetica
Age: 68
Posts: 2,847
Likes: 0
Received 0 Likes
on
0 Posts
I will often forward the message, with full headers to [email protected]. xxx being the domain of the alleged sender. Or to the email provider when the idiot includes a reply to address. Doesn't work 100% of the time but it often does.
I'm a great fan of Mailwasher for just this reason. Within a few seconds you can see everything you need to know to see if there's anything suspicious in the mail header. I screen every single email through Mailwasher, and have yet to have a nasty get through, it's a great tool in my view, even though you now have to pay for it (it was free for a time).
Resident insomniac
Join Date: Aug 2005
Location: N54 58 34 W02 01 21
Age: 79
Posts: 1,873
Likes: 0
Received 1 Like
on
1 Post
I received one yesterday telling me that my Outlook account was suspended (which it clearly wasn't as I continued to receive emails and could happily send them).
The 'sender' was listed as:- [email protected] but the real address was:- comfori-bdc.co/wmicrosoft/index.html
They must think we are stoopid!
The 'sender' was listed as:- [email protected] but the real address was:- comfori-bdc.co/wmicrosoft/index.html
They must think we are stoopid!
On the Mac side of the fence, SpamSieve is pretty good.