Results 1 to 12 of 12

Thread: Fraudulent Email scams... IMPORTANT!!

  1. #1

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718

    Fraudulent Email scams... IMPORTANT!!

    Some of you may have already had emails from companies like Barclays and LloydsTSB regarding your accounts, and there is a strong possibility these are fake.

    Look for bad grammar and spelling mistakes in the email, both are typical signs it's fake.

    Also, when you hover over a link, check the taskbar to make sure it doesn't have an @ symbol.

    IE...

    onlinebanking.lloydstsb.com@www.best-news.ru
    DO NOT VISIT THE ABOVE ADDRESS FOLLOWING THE @ SYMBOL. IT DIRECTS YOU TO THE OFFENDING URL

    or...

    [email protected]

    The IP above has been proven to be sending these emails.

    It is very doubtful any bank would request such details in this way, but contact your bank if you are unsure.

    The vast majority of banks are already aware of this "phishing" as it's called.

    Keep a look out!


  2. #2
    VBA Nutter visualAd's Avatar
    Join Date
    Apr 2002
    Location
    Ickenham, UK
    Posts
    4,906
    PHP || MySql || Apache || Get Firefox || OpenOffice.org || Click || Slap ILMV || 1337 c0d || GotoMyPc For FREE! Part 1, Part 2

    | PHP Session --> Database Handler * Custom Error Handler * Installing PHP * HTML Form Handler * PHP 5 OOP * Using XML * Ajax * Xslt | VB6 Winsock - HTTP POST / GET * Winsock - HTTP File Upload

    Latest quote: crptcblade - VB6 executables can't be decompiled, only disassembled. And the disassembled code is even less useful than I am.

    Random VisualAd: Blog - Latest Post: When the Internet becomes Electricity!!


    Spread happiness and joy. Rate good posts.

  3. #3

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    Yeah... there's a classic one.

    If you use the newest edition of IE, you won't experience these problems. Likewise wih Mozilla Firefox....

    The proper term is URL cloaking... if anyone needs more info about it.

    Thanx for that link VisualAd... I couldn't find it earlier

  4. #4

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    *bump*

    Whilst there's nothing else to add to this thread, i thought it best to keep it where people can see it

    Not that it really matters, but i've passed the details of the IP, URL and registrant over to Lloyds and Barclays, along with home addresses of the idiots that thought they'de get away with it. If anyone fancies a joint DDOS'ing session, please PM me.

  5. #5
    KING BODWAD XXI BodwadUK's Avatar
    Join Date
    Aug 2002
    Location
    Nottingham
    Posts
    2,176
    How did you get their home address??
    If you dribble then you are as mad as me

    Lost World Creations Website (XBOX Indie games)
    Lene Marlin

  6. #6

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    Originally posted by BodwadUK
    How did you get their home address??
    Did some research on the details provided by my ISP. If it wasn't in Hong Kong, i'de go round and raid 'em!
    Last edited by VisionIT; Mar 8th, 2004 at 06:21 AM.

  7. #7

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    *bump*

    Can this be put as a sticky for a while?

  8. #8
    Frenzied Member TomGibbons's Avatar
    Join Date
    Feb 2002
    Location
    San Diego, CA Previous Location: UK
    Posts
    1,345
    One thing though; It may have been sent without their knowledge. (S)he could have a virus which sends itself out to other people.


  9. #9
    l33t! MrPolite's Avatar
    Join Date
    Sep 2001
    Posts
    4,428
    can they even take any actions against them if they do their spamming from somewhere like hong kong?
    rate my posts if they help ya!
    Extract thumbnail without reading the whole image file: (C# - VB)
    Apply texture to bitmaps: (C# - VB)
    Extended console library: (VB)
    Save JPEG with a certain quality (image compression): (C# - VB )
    VB.NET to C# conversion tips!!

  10. #10

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    Originally posted by TomGibbons
    One thing though; It may have been sent without their knowledge. (S)he could have a virus which sends itself out to other people.

    yeah... that's a good point, but this email came from the same IP as the domain in question so it doesn't apply this time

    MrPolite:

    If it was just a case of spam, they probably wouldn't pursue it... but it's gone further than that now.

    They can't just ignore plain fraudulent activity, regardless of location. Hundreds of people have already had money taken from their accounts as a result of this scam, and no-doubt many more until they arrest him. I had my account screwed over by someone a few months ago, and know how frustrating it can be trying to run a business with your accounts barred whilst they investigate. This is why i've done this...

    I doubt every forum member will see this thread, but it could save you a lot of time and stress. If it didn't look so official, people just wouldn't fall for it!

    This guy, and i'm not allowed to print his name is obviously v.clever and has done lots of research before starting this little scheme, but he left too many loopholes for noobs like me to exploit! Typical sign really when the "saved from" tags are still in his HTML!

    I'll bump this one more time in a few days, then it can go.

  11. #11

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    Last bump...

    Both sites have now been closed down! Woot

  12. #12

    Thread Starter
    Fanatic Member VisionIT's Avatar
    Join Date
    Nov 2002
    Location
    Workin'...
    Posts
    718
    OK, sorry to have to bring this post back from the archives but i've just found something which I thought it best to add!

    Not only were those pages fake, but they also contained a VBS virus called VBS.Dropper.Inor.Z which AVG, Norton, Mcafee, CA nor Trendmicro could detect!!! The only one that found it was bitdefender of all things! It also added

    Code:
    ibank.barclays.co.uk www.best-news.ru
    to my hosts file, basically meaning that even if you go to the correct address, it'll still point you to the fake url!

    I'm beginning to wish I hadn't posted the URL now, but please scan your system if you clicked the above link! I didn't think I had a virus until earlier on! 5 Antivirus packages, and the free one found it Why bother?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width