Jump to content

Internet Scam - Music Downoads.

i*Rate

By i*Rate
in The Lounge

 Share

Recommended Posts

i*Rate

i*Rate

Posted
Posted

Hi Pop Pickers,


Just had an email stating that I had been billed ?31.29 for a Led Zeppelin album, from iTunes.

I am a Led Zeppelin fan but do not order downloads - so a bit odd.

Then I noticed the link 'If you did not authorize this purchase' Click here for Refund.

Sure enough, I rang my bank and there has been no debit of this amount, so it was just someone trying to get me to put my bank details on line as seems to be the latest scam.


Watch out! Go and buy some vinyl albums from Sainsbury's instead

Link to comment
https://www.eastdulwichforum.co.uk/topic/140660-internet-scam-music-downoads/
Share on other sites
Loz

Loz

Posted
Posted

The are many 'phishing' emails going around. These are designed to make you think they are from some legitimate corporation. They are generally designed to do one of a couple of things:


1) either get you to hand over your login and password to a site they can get your money (through bank details or credit card details) or buy stuff on your account. So, generally banks, ebay, iTunes, Amazon, etc.


2) get you to either open an attachment or go to a website that will cause you to download something. This will install something bad onto you computer that will either hang around waiting for you to type in passwords, help in attacks on other sites or, as is common of late, encrypt everything on your computer and ask you for ransom money to restore it.


So, be very, very careful and look carefully at any email that asks you to click on a link or open an attachment. If you are worried, contact the business/government department or whatever, or log in the way you normally do, WITHOUT using anything from the email itself in term of links.


In general...


1) if the email does not refer to you directly by name, be suspicious. If it refers to you by your email address be very suspicious.


2) if the email says 'we need you to log in/change your password' because of some upgrade/security issue/something scary/money coming your way, be very suspicious.


3) if the email has an attachment, be really, really suspicious. NEVER open email attachments unless you are 150% sure the email sender is legitimate


4) if you are suspicious, hover your mouse (DO NOT CLICK) on the link that the email is asking you to click. The real address of the internet site will show up in at the bottom of your browser. If this does not look exactly as you would think, be extremely suspicious.


If you have clicked through and filled out a form with your login details, change your password NOW and contact the company to tell them something has happened. If you have opened an attachment, do not use your computer for anything financial and seek professional assistance.


There are bad people out there. They pose as business, banks, HMRC, parking tickets... just about everything you can think of. Be careful - and be suspicious.

Alan Medic

Alan Medic

Posted
Posted

Can anyone throw light on what happened here?


In December I emailed a client in Poland our work bank details. Some weeks later I found out from my contact in that company that several hours after my email arrived she received another one, which appeared to come from me but with different bank details. This is where she made a payment to.


She sent me the 2nd email she had received and on opening it and choosing 'reply' I saw the actual address for me was '[email protected]'. Not my address. My work PC was taken out of operation. However we have still no idea what has happened apart from something fraudulent.


I don't know how my work PC was compromised so it is all a bit of a mystery. Any ideas?

Alan Medic

Alan Medic

Posted
Posted

That's plausible apart from the bit I didn't mention. On the same day she received another email from 'me' which I would have had no reason to send.It had an attachment which related to an entirely different company. When she sent this fake email to me I saw it was from the same source as the previous one.


From this I deduced the problem was at our end. However the purpose of this 2nd fake email doesn't make any sense as it had nothing to do with a request for payment or contained anything particularly confidential.

rendelharris

rendelharris

Posted
Posted
Very odd...a test to see if emails from "your" address got through her spam filter, maybe? Or more sinister, could the irrelevant one have carried the virus, bot or whatever which opened up her inbox so they could read your mail and so send her the money demand? Which one did she get first?
KalamityKel

KalamityKel

Posted
Posted

It is easy to "copy" an email address - I'm not good with describing things... someone else can make it appear to a recipient that the email sent has come from someone else and there nothing anyone can do about it. It's not even considered "illegal" in itself although obviously the content is then questionable and such.


If you are sending someone personal details via email you really should break it up in different emails, with a different subject so it does not create a thread.


For the annoying purchase ones such as Itunes, Paypal, Amazon etc. After initially setting up your account you should assign your contact details to a different email address. That way you can easily identify, easily if it's hotmail/outlook that you get the suspicious emails from, whether they are genuine or not.


If you receive contact from any of the companies that you regularly deal with saying they've had trouble taking payment for something with a link to click always ignore it and sign in to your actual account to see if there is anything outstanding as a payment issue.

ianr

ianr

Posted
Posted

> If you are sending someone personal details via email you really should break it up in

> different emails, with a different subject so it does not create a thread.


A mail reader can thread messages in a mail folder using just the chain of references in the header, regardless of subject or even addressee. Your strategy, if it's to be reliable, should avoid sending the successive posts using the Reply button. Even then there's still more than enough information in the headers to enable them to be linked. Encryption, or splitting the content between different communication channels, is more advisable for high risk content.

Loz

Loz

Posted
Posted

Alan Medic Wrote:

-------------------------------------------------------

> Can anyone throw light on what happened here?

>

> In December I emailed a client in Poland our work

> bank details. Some weeks later I found out from my

> contact in that company that several hours after

> my email arrived she received another one, which

> appeared to come from me but with different bank

> details. This is where she made a payment to.

>

> She sent me the 2nd email she had received and on

> opening it and choosing 'reply' I saw the actual

> address for me was '[email protected]'. Not my

> address. My work PC was taken out of operation.

> However we have still no idea what has happened

> apart from something fraudulent.

>

> I don't know how my work PC was compromised so it

> is all a bit of a mystery. Any ideas?


Could have been your PC or email system, could have been hers. Doubtful is was anything in the middle.


As KK said, sending an email with spoofed (that's the word, Kel!) headers is trivially easy. Some services rely on this (e.g. Yahoo groups, mailchimp) Even Hotmail can do it, though they have controls in place to stop you doing it when you shouldn't.


So, all the bad people needed do was see the original email. From that they had all they needed - your name, her name and email address, plus the email text so they could create a plausible copy. So, they almost certainly saw it either in your sent mail or the recipient's inbox. Considering they didn't bother to delete the first email, I'd guess it was yours.


Are either your email or hers accessible from the internet? Most are these days, in one form or another.


Sounds like, for the second email, they messed up and meant to send it to a different victim.

KalamityKel

KalamityKel

Posted
Posted

ianr Wrote:

-------------------------------------------------------

> > If you are sending someone personal details via

> email you really should break it up in

> > different emails, with a different subject so it

> does not create a thread.

>

> A mail reader can thread messages in a mail folder

> using just the chain of references in the header,

> regardless of subject or even addressee. Your

> strategy, if it's to be reliable, should avoid

> sending the successive posts using the Reply

> button. Even then there's still more than enough

> information in the headers to enable them to be

> linked. Encryption, or splitting the content

> between different communication channels, is more

> advisable for high risk content.



I was in no was suggesting this is a "reliable" way at all.


Personally, one should not be sending details like bank numbers and such via email, but of course I understand for many people it is the only option.

What I was suggesting was simply a "IF". As mentioned by separate, not related emails - meaning not using the reply button (separate emails wouldn't require this). It is far from perfect but if you do not have the powers or knowledge to go through the encryption route, and this is your only option it can work still with risk.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
  • Advertise Here

  • Latest Discussions

    • David Peckham
      Xmas lunch at local pubs/restaurants?

      By David Peckham · Posted

      I've never got Christmas pudding. The only times I've managed to make it vaguely acceptable to people is thus: Buy a really tiny one when it's remaindered in Tesco's. They confound carbon dating, so the yellow labelled stuff at 75% off on Boxing Day will keep you going for years. Chop it up and soak it in Stones Ginger Wine and left over Scotch. Mix it in with a decent vanilla ice cream. It's like a festive Rum 'n' Raisin. Or: Stick a couple in a demijohn of Aldi vodka and serve it to guests, accompanied by 'The Party's Over' by Johnny Mathis when people simply won't leave your flat.
    • SophieA
      Fireworks

      By SophieA · Posted

      Not miserable at all! I feel the same and also want to complain to the council but not sure who or where best to aim it at? I have flagged it with our local MP and one Southwark councillor previously but only verbally when discussing other things and didn’t get anywhere other than them agreeing it was very frustrating etc. but would love to do something on paper. I think they’ve been pretty much every night for the last couple of weeks and my cat is hating it! As am I !
    • Sue
      Xmas lunch at local pubs/restaurants?

      By Sue · Posted

      That is also a Young's pub, like The Cherry Tree. However fantastic the menu looks, you might want to ask exactly who will cook the food on the day, and how. Also, if  there is Christmas pudding on the menu, you might want to ask how that will be cooked, and whether it will look and/or taste anything like the Christmas puddings you have had in the past.
    • David Peckham
      Xmas lunch at local pubs/restaurants?

      By David Peckham · Posted

      This reminds me of a situation a few years ago when a mate's Dad was coming down and fancied Franklin's for Christmas Day. He'd been there once, in September, and loved it. Obviously, they're far too tuned in to do it, so having looked around, £100 per head was pretty standard for fairly average pubs around here. That is ridiculous. I'd go with Penguin's idea; one of the best Christmas Day lunches I've ever had was at the Lahore Kebab House in Whitechapel. And it was BYO. After a couple of Guinness outside Franklin's, we decided £100 for four people was the absolute maximum, but it had to be done in the style of Franklin's and sourced within walking distance of The Gowlett. All the supermarkets knock themselves out on veg as a loss leader - particularly anything festive - and the Afghani lads on Rye Lane are brilliant for more esoteric stuff and spices, so it really doesn't need to be pricey. Here's what we came up with. It was considerably less than £100 for four. Bread & Butter (Lidl & Lurpak on offer at Iceland) Mersea Oysters (Sopers) Parsnip & Potato Soup ( I think they were both less than 20 pence a kilo at Morrisons) Smoked mackerel, Jerseys, watercress & radish (Sopers) Rolled turkey breast joint (£7.95 from Iceland) Roast Duck (two for £12 at Lidl) Mash  Carrots, star anise, butter emulsion. Stir-fried Brussels, bacon, chestnuts and Worcestershire sauce.(Lidl) Clementine and limoncello granita (all from Lidl) Stollen (Lidl) Stichelton, Cornish Cruncher, Stinking Bishop. (Marks & Sparks) There was a couple of lessons to learn: Don't freeze mash. It breaks down the cellular structure and ends up more like a French pomme purée. I renamed it 'Pomme Mikael Silvestre' after my favourite French centre-half cum left back and got away with it, but if you're not amongst football fans you may not be so lucky. Tasted great, looked like shit. Don't take the clementine granita out of the freezer too early, particularly if you've overdone it on the limoncello. It melts quickly and someone will suggest snorting it. The sugar really sticks your nostrils together on Boxing Day. Speaking of 'lost' Christmases past, John Lewis have hijacked Alison Limerick's 'Where Love Lives' for their new advert. Bastards. But not a bad ad.   Beansprout, I have a massive steel pot I bought from a Nigerian place on Choumert Road many years ago. It could do with a work out. I'm quite prepared to make a huge, spicy parsnip soup for anyone who fancies it and a few carols.  

East Dulwich Forum

Established in 2006, we are an online community discussion forum for people who live, work in and visit SE22.

Home
Events
Sign In

Sign In



Or sign in with one of these services

Search
×
    Search In
×
×
  • Create New...