PDA

View Full Version : Sainsburys Entertainment scam?


The SSK
24th Apr 2013, 12:24
Just received an email from onlineservice-no-reply at sainsburys.co.uk, advising me of an order being processed. It all looks extremely professional and above board, except there has been no such order.

Had Mrs SSK ordered anything from them, it would have been done from a different email address.

The email contains a zipped attachment, as well as a hyperlink to sainsburysentertainment.co.uk.

I have googled ‘sainsburys entertainment scam’ but get nothing. Plenty of bona fide stuff about Sainsburys Entertainment (as a non UK resident, means nothing to me).

Anybody else heard of this one?

Gertrude the Wombat
24th Apr 2013, 12:37
I get hundreds of phishing scams or viruses or other spam per day. Most are caught and discarded for me by various levels of protection without me even seeing them. I certainly don't actually waste time reading the ones that get through FFS!

The SSK
24th Apr 2013, 12:47
I read this one because I was looking for the obvious clues and didn’t find any, other than I am not, and never likely to be, a client of Sainsbury’s Entertainment. Of course you wouldn’t fall for it, and neither would I, but the more plausible the effort, the greater the number who might (some of whom will presumably be S.E. clients). Hence my bringing it to JB’s attention.

papabravowhiskey
24th Apr 2013, 13:07
I received the same email - I would suspect that the "zip" file contains malware.
PBW

VP959
24th Apr 2013, 13:12
It is incredibly easy to make an email appear to come from somewhere genuine on the surface, but quite hard to hide the underlying source.

If you use Outlook and want to reveal where something has really come from, then right click the email (which won't open it) and select "Options". A window will pop up listing the route the email took and revealing where the true reply address is. There's often other useful stuff there, too.

Curiously, I had an email recently that looked to be a phishing spoof and I was going to just bin it, unopened. I did the above trick first and it showed that it was a quote I was expecting from a supplier, who'd somehow managed to make his reply look fishy.

Gertrude the Wombat
24th Apr 2013, 15:43
I was looking for the obvious clues and didn’t find any
A zip file attachment is an obvious clue.

mixture
24th Apr 2013, 16:00
The SSK

You seriously could not see anything amiss ?

Exhibit A :
Had Mrs SSK ordered anything from them, it would have been done from a different email address.

Exhibit B:
The email contains a zipped attachment,

Exhibit C:
hyperlink to sainsburysentertainment.co.uk.



Exhibit A should have probably been more than enough to ring alarm bells.

Exhibit B should have been like Mrs SSK bashing you with a rolling-pin.... blatantly obvious... you should be very weary of emails containing attachments you were not expecting (irrespective of the source of the email).

Exhibit C ... ok, I'll give you, more subtle, but typical phishing behaviour (they'll send you to a link that looks and sounds similar to the real one but has tiny differences in the wording)

Capetonian
24th Apr 2013, 16:14
I got a very authentic looking phishing email purportedly from the Student Loans Company yesterday.

As I have been dealing with them on behalf of my son, it could have fooled me, there were no spelling or grammatical errors, but it came to an email address that I only use for private matters.

BOAC
24th Apr 2013, 16:15
As a thread diversion (and why not?), who has a clever way of sending an exe file as an attachment without zipping it and causing mixture and GtW palpitations or changing the file extension (my preferred but can cause mayhem with non-computer users)?

angels
24th Apr 2013, 16:19
Fancy a spot of phishing yourself Mr BOAC?? :E

Flap 5
24th Apr 2013, 16:53
... except there has been no such order.



That 'except' is fundamental. The rest is just fluff.

mixture
24th Apr 2013, 16:57
As a thread diversion (and why not?), who has a clever way of sending an exe file as an attachment without zipping it and causing mixture and GtW palpitations or changing the file extension (my preferred but can cause mayhem with non-computer users)?

Got your own website ? Put it there.

Otherwise use one of the well known file hosting sites such as YouSendIt.

Simply changing the file extension won't cut it with my security mechanisms (and most half-decent anti-virus programs).

Gertrude the Wombat
24th Apr 2013, 17:25
As a thread diversion (and why not?), who has a clever way of sending an exe file as an attachment without zipping it and causing mixture and GtW palpitations or changing the file extension (my preferred but can cause mayhem with non-computer users)?
(1) Change extension

(2) Zip

Either involves out-of-band (eg text message) communication with the recipient so that they're expecting it and know what to do with it when it arrives. The zip approach has the additional feature that you can, if you like, password protect it (and communicate the password in the out-of-band message).

I don't get worried by zip, or executable, files that I'm expecting, from a known correspondent!

A A Gruntpuddock
24th Apr 2013, 17:55
I had one today from Microsoft apologising for an error in a previous email.

Aye, right!

cargosales
24th Apr 2013, 18:38
I had one today from Microsoft apologising for an error in a previous email.

Aye, right!

Indeedy

Any fule kno that Microshaft here wurds like 'apologise' and 'error' and reech for there dikshunary to see wot those wurds akshully meen.

Cargosales Minor

unclenelli
24th Apr 2013, 18:52
Someone once told me a way of stopping this:

Buy yourself an ISP who will host you an infinite number of emails addresses:

Everytime you go online and have to give you address, you use [email protected]
[email protected]
[email protected]
etc.

When spam arrives in Dodgy2 inbox, which is not from Dodgy2, you will see that Dodgy2 has sold your address on to spammers.

You then send an email to the webmaster at Dodgy2 demanding the deletion of your address from their system - and confirmation, threatening legal proceedings, demanding compensation etc. Don't use Dodgy2 ever again!

ukc_mike
25th Apr 2013, 11:44
When spam arrives in Dodgy2 inbox, which is not from Dodgy2, you will see that Dodgy2 has sold your address on to spammers.
Or,

Dodgy2 is a friend who's just been infected by a virus.


Dodgy2 is using an email company who have just been hacked.


Dodgy2 has just gone bankrupt and the customer list has been sold as an asset.

There are actually several more options as well.

Keef
25th Apr 2013, 11:55
That method works well.

As long as "CompanyX" uses the address at my domain for the purpose agreed, it goes through the filters and into my "Other mail" inbox.

If I get spam (which some surprisingly large companies will provide), then I set up a specific forwarder to send "[email protected]" e-mails to [email protected] and the problem is theirs.

A certain large utility company phoned me to ask me to stop sending them spam in that way. I pointed out that they had sold my address despite being told not to, and they now have the benefit. The plea that their server had been hacked didn't impress.

Capetonian
25th Apr 2013, 12:43
I like that Keef, will try.

SAA will be my first victim. I've been 'unsubscribing' from their list for a year.

When I have to fill in my address on a form, I usually put the correct information on two lines and then : DO NOT SEND ME MAIL (XYZ COMPANY).
XYZ company of course is a variable, and that allows me to track who they sell my details to.

You would be amazed how much mail I get with DO NOT SEND ME MAIL XYZ COMPANY on the envelope!