Account Hack / Phishing Email Alert / #IR35

Be careful, if an email account has been compromised, you might receive a genuine looking email which will pass through your spam filter. As an example, I have just received an email from “FirstName.LastName@”Domain Name Remove”.co.uk”. This was confirmed with a quick phone call to the company where I was informed the account had been hacked and I should delete the spam email. This post is just to raise awareness. The companies name is covered intentionally, as is their website.

Some basic warning signs were there:

  • No branding
  • No reference or invoice number
  • Somewhere to click.

Some more interesting features are:

  • The link – Simply hover over the PDF link to reveal that well known domain “1drv.ms”. A OneDrive shared link, in theory a trusted source, but why not just attach a PDF if the mail is genuine?

  • The email domain was linked to a genuine company @”Domain Name Removed”.co.uk – this genuine victim being used as a cover.

    The target was obviously selected based on a hot topic in the media they deal with.

  • And the different no_reply@accountpayable.com domain you can purchase was a nice discovery.

Phishing TEXT Scam

Phishing TEXT Scams

Watch out for the latest Phishing TEXT Scams. This week they are getting a bit lazy and less convincing. This #Fake #Halifax text has just been received. SUSPICIOUS activity!! On an account I don’t have with Halifax, or in this case an account with “hlxdata.online”

> Sent from “+44 7597009141” #Dangerous Rating #O2

> Either not even masking the number or its masked with this bogus number

> HLXdata.online a very catchy web address

+ Check numbers out for SCAM details, start with for the number on Google +Don’t visit sites marked “HLXdata.online” for you large corporate bank +Don’t phone the number on the message. Call the number on the back of your bank card

+ Question everything.

#CyberSecurity #raisingawareness #phishingattack #phishingtext #phishing #Scam #txt #text #Alert