Clever NatWest Scam Email could allow hackers access to your account

Posted on 14th February 201714th February 2017 by Michelle Harris

Today I received an email I thought I should warn you about. It’s a pretty clever NatWest Scam Email that could allow hackers access to your account.

This scam like a number of others lately comes through to your email and it looks real and harmless just says

Dear Members You have 2 important secure message from NatWest Admin System.

Sign in
Thank you

It has a sign in link which takes you to a page called Sultan support – SultanHost Members Area.

https://sultansupport.com/sales/index.htm I’ve no idea what Sultan Support is but it doesn’t look much like a log in from Natwest.

What is a Phishing Scam

Phishing scams are attempts by scammers to trick you into giving out personal information such as your log in details, bank account numbers, passwords and credit card numbers. They catch you out when you are in a rush using the phone and not reading everything correctly.

There has also been a few emails being sent out that have been trying to hack your Gmail accounts – watch out for that it’s a fake email which has an attachment that looks like a PDF file when you click it, it looks like it logs you out of Gmail so you log back in, and they have your details, as it is a fake login page.

NatWest Scam Email

The Natwest scam email wasn’t as clever as the Gmail Scam as warning signs did stand out.

1 – I don’t have a NatWest account

2 – The email is from NatWest Online <u5402096@uds.anu.edu.au> This address looks like a university account – although the Austrailian University is http://www.anu.edu.au/ whatever is it anyway its not Natwest. I believe that emails would come from @natwest.com.

3 – Banks do not ever ask you to log in from an email.

4 – Spelling mistakes

5 – It was addressed to Dear Members? …. Banks would always address you by name.

Natwest say

At NatWest we will never ask our customers for any personal information by email. You should not respond to any email asking you to divulge your full pin or password, we would only ever ask for random characters.

If you have received a fraudulent or suspicious email, and not responded to it, please forward the email to phishing@natwest.com.

However, if you have responded to the email, and/or you suspect that any of your accounts with us have been accessed online by someone other than yourself, please contact us immediately on 0800 161 5154. When calling from abroad please dial +44 1252 308 047.

For more information, please visit our Security Centre.

I have forwarded my email on to the phishing dept at Natwest, just maybe they can track it down.

This was in their reply

Remember, we will never ask for full PIN, full password, or security codes from card readers or security devices at logon or over the phone.

Please do not click on any links or open any attachments in the suspicious email you have reported to us. We advise you to delete it from your mailbox.

Contact us immediately if you think have provided any personal information as a result of responding to a suspicious NatWest email, or suspect your NatWest accounts have been accessed by someone other than yourself. You will find our contact details by clicking ‘Support’ then ‘Get In Touch’ at natwest .com, where you will also find contact information for other customer service or account related queries. For your own security, we are unable to discuss your query or account query through this mailbox.

Hope this helps

Beware – Facebook Video Scam using Google Chrome

Posted on 2nd October 20168th February 2017 by Michelle Harris

There another Facebook video scam doing the rounds. This Facebook Scam uses Google Chrome to attack your account and send spam to your friends.

How do I know this, because I got caught (I am ashamed to say) yes, after warning you all of this very same thing, over and over. I clicked the link not thinking it could be unsafe, just not thinking on a Sunday morning. This just shows you how easy it is to get caught out, because I think everything is a scam !

I was having a conversation with a friend over a delicate health matter, and she sent me a video, it just appeared like the above. I just thought she had got fed up with typing. So I clicked the link, it wanted me to add an extension to watch it. Crazy, me didn’t think much of it, because she uses a lot of different platforms that I might not know. However, after I added the extension it didn’t work, I thought OH DEAR! I looked at it more closely saw that the URL was very strange. Its actually changed again already it now says – budaner.pw – yes I clicked it to check but I made sure I didn’t let it in this time. It adds an extension called – iHU or another one with three letters.

Shortly after – it sent a video link to about 15 – 20 of my friends. Ah! I quickly wrote to all of them to tell them it was a Facebook video scam and not to click it.

As Steven Healey explains here – in this Facebook live video – we’ve seen a few friends with this today, and some getting very annoyed. Yes, its a silly mistake to make but mistakes do happen, and it wasn’t intentional of your friend. It basically hacks your account so the extension sends it automatically to people in your own friends list.

This is how they are catching us out, sending it via a Facebook messenger message from a friend you trust. With your name on.

How to remove the Facebook video scam from Google Chrome

Don’t click this link in the video

Delete it

If you do click it – and install the extension (stupidly like me).

Quickly go to Google Chrome.

Click the 3 dots.
Click Settings.
Click Extensions on the left.

Scroll down until you see the offending extension – this is the one I had but there are others.

If you are not sure which one it is immediately – just stop them all right away so that you can go through them.

When you have turned it off.

Go back to Facebook – and change your password.

Click in the top right corner of any Facebook page and select Settings.
Click Password.
Type your current and new passwords.
Click Save Changes.

Quickly tell everyone that you have sent a message to not to click it.

Post on your Facebook page not to click the link thats its a Facebook video scam.

I did three malware scans and could not find anything, so it seems its just related to the extension – once that’s gone, nothing else happened.

As you can see its nothing really to get stressed about – delete the extension and change your password, and nothing can happen.

Hope this helps.

Singer and Producer Peter Hollens Hacked by security OurMine

Posted on 15th September 20168th February 2017 by Michelle Harris

Last night Peter Hollens the singer and producer most known for his awesome Capella covers over on YouTube was distraught last night, when hacking group who say they are not hackers but just testing his security attacked many of his social media accounts. Many fans were tweeting – Peter Hollens Hacked.

Peter Hollens Hacked

We love Peter Hollens and we were upset to read a tweet from Peter that all he wanted to do was come home after a hard day and spend sometime with his daughter but no, there he was running around tracking the accounts that had been hacked so that he could change passwords and remove any thing the hackers had posted.

Singer and Producer Peter Hollens Hacked by security OurMine

Peter Hollens is in a long list of people that have been hacked by the group OurMine, who say that they are just trying to inform people that nobody is safe. OurMine are mostly targeting CEOs, and YouTube stars, Celebrities and I did see one article that said they were targeting MineCraft users.

Techcrunch were hacked in July of 2016 and received the same message as everyone seems to get and the same as Peter Hollens received.

Don’t worry we are just testing security, we didn’t change any passwords, please contact us

I hope that all the messages of support helped Peter get through this annoying time, I’m not sure what they did on his accounts, I do know that it was reported that they sent emails to Variety subscribers informing them that the website had been hacked.

So, I’m assuming this is their way of getting work to secure peoples accounts? I wonder if anyone has actually contacted them as they ask. If you know please let me know.

In the meantime, we should all be getting Two Factor Authentication on all of our accounts – this makes it harder for hackers to get in with an extra layer of security – where you have to have a password and something else. I don’t think this is going to help with the various exploits or phishing attacks but it has to help a little.

In the meantime check out this new video from Peter Hollens – Hamilton – An Acappella Medley – Peter Hollens & Co.

Update – It seems Peter was hacked again as on 1st of November this information came from Peters Facebook

UPDATE: It’s 100% VIDiq, they confirmed. DELETE IMMEDIATELY…. ATTN Youtubers: (Already 15+ users affected) Anyone who uses VIDiq needs to disable it immediately. There’s a huge meta data breach… go into youtube and disable access. I’m 100% positive this is how my channel was hacked yesterday.

Here’s how to do it: Click here to delete access: https://security.google.com/settings/security/permissions…

SHARE THIS POST ASAP.

More confirmation: https://twitter.com/vidIQ/status/793549756622528513

Whatsapp 4G VIP Scam fooling users again

Posted on 7th September 20168th February 2017 by Michelle Harris

I’m sorry to be writing about Whatsapp again so soon and I’m sorry that it’s about yet ANOTHER Whatsapp hoax message but I had to warn you that there is a new scam going around – because I’ve seen it so many times already! Its similar to the last one Whatsapp 4.0. This Whatsapp 4G VIP Scam is fooling users into thinking that it is a real update. Its more like an extention of the phishing scam Whatsapp Version 4.0 where the post action lists the extra features that you can get.

The promises on this new VIP scam are as follows

Private Messaging, while withholding your number
Free WiFi mode
Video Calling
See who has viewed your profile picture on Whatsapp
Free calls

Of course, not everyone can have this – its VIP don’t you know, it’s for special people who invited users only. So you must invite your friends before you can download. (ALARM BELLS YET?)

Also as usual with these scams if look carefully at the message – is written in bad English, (worse than mine, even) with capital letters all over the place, there is no way that Whatsapp would advertise like that.

AND it the link is NOT from Whatsapp but from a created URL by the scammers to looks like Whatsapp but of course its FAKE.

Whatsapp 4G VIP Scam fooling users

The link takes you to a website like this

I’m not certain what happens after you download it, I did not want to find out and haven’t yet found out from the people I know that shared it – but I would suggest you immediately delete it and change your password – and if you can scan your phone, disinfect your hands and go and sit in the corner for the rest of the day! 🙂

Please never share things like this before you check it out – Always go to the Whatsapp website and check to see if any updates or the store for your phone – never click a link sent via Whatsapp or email before you check it out.

If you are really unsure Whatsapp do have a special help page – Frequently Asked Questions.

I received a strange Whatsapp message. Is it true?

You may have received spam from an unauthorized third party and not WhatsApp.

We work diligently to reduce any spam messages that come through our system. Creating a safe space for users to communicate with one another is a priority. However, just like regular SMS or phone calls, it is possible for other WhatsApp users who have your phone number to contact you. Thus, we want to help you identify and handle these messages.

Unwanted messages from unauthorized third parties come in many forms, such as spam, hoax and phishing messages. All these types of messages are broadly defined as unsolicited messages from unauthorized third parties that try to deceive you and prompt you to act in a certain way.

You may be the target of a deceptive scheme if any of the following describes a message you receive, via WhatsApp or email:

The sender claims to be affiliated with WhatsApp.

The message content includes instructions to forward the message.

The message claims you can avoid punishment, like account suspension, if you forward the message.

The message content includes a reward or gift from WhatsApp or another person.

Hope this helps

Stop Sharing Hoax Post on Facebook About Retaining Control

Posted on 3rd July 20168th February 2017 by Michelle Harris

Yet again people are sharing a hoax post on Facebook about retaining control over things that you share on Facebook – we see these spam posts time and time again and still people are sharing. And frankly its just annoying.

Facebook Hoax About Retaining Control

This one isn’t any different that the ones before.

Basically it says Deadline tomorrow – well its already been floating around for at least a week so that deadline has passed if you are still sharing this Facebook Spam.

Here is the text from the offending Facebook Post.

Everything you’ve ever posted becomes public from tomorrow. Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. Channel 13 News talked about the change in Facebook’s privacy policy. I do not give Facebook or any entities associated with Facebook permission to use my pictures, information, messages or posts, both past and future.

With this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile and/or its contents. The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308- 1 1 308-103 and the Rome Statute).

NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tactically allowing the use of your photos, as well as the information contained in the profile status updates. DO NOT SHARE. Copy and paste to be on the safe side.

Its just not true, it is a hoax. Who Channel 13 news are I have no idea. I’d rather not even search it for fear of catching some virus so I will leave it at that.

We have seen so many types of this hoax and other scam on Facebook its just crazy that people are still fooled into sharing these posts.

Switch to Pink Facebook

Mark Zuckerberg isn’t giving you money

Facebook Gold Membership – also still doing the rounds

Oakley Sunglasses

And it goes on and on……. This is just another Facebook hoax and does nothing but amuse the poster and confirm that Facebook users do not listen.

How do we know its not true ?

For a start – do you really think a post on your wall is going to stop Facebook doing anything. You can still protect your posts as you have always done.

Facebook even posted a statement saying this was not true

You’re In Control

You may have seen a post telling you to copy and paste a notice to retain control over things you share on Facebook. Don’t believe it. Our terms say clearly: You own all of the content and information you post on Facebook, and you can control how it’s shared through your privacy and application settings. That’s how it works, and this hasn’t changed.

You can visit Privacy Basics to find out more about who sees what you share on Facebookand other topics.

You can also read the Data Policy to find out what information we collect and how it is used and shared. We want you to be informed and in control of your experience on Facebook.

https://www.facebook.com/fbfacts/1573108242983244

So please stop this madness – do not share this rubbish.

Thanks

Beware – iPhone Apple ID text message scam

Posted on 21st April 20168th February 2017 by Michelle Harris

It seems that hackers are trying to get hold of your Apple ID via a phishing scam sent via text messaging – it appears there are two different types of text messages being sent out.

Users on social networks are asking “Are these text messages real?” The scam Apple messages look like they are from Apple themselves – they use carefully constructed wording and URLS to fool us into thinking they are legitimate.

iPhone Apple ID text message scam

One message is like this

The Apple ID associated with this number is due to be terminated. To prevent this please confirm your details at – Supportatapple.com – Apple Inc

The other message is more sneaky and actually quotes your name

<your name> your Apple ID is due to expire today. To prevent termination confirm your details at appleidlogin.co.uk – Apple Support.

This one would probably trick more people as it looks very real especially because it uses your name.

The links they use also look quite real, but of course they are not, they take you to a fake website or phishing site and once you give your user name and password you are told you are locked out of your account and you have to give more information such as your credit card details to unlock your account.

We used to see a lot of apple phishing; emails trying to get hold of our personal information, and the SMS messages are exactly the same thing, They are trying to be clever and catch people off guard, as you may not pay as much attention when looking at your phone whilst you are mobile.

If you do receive this message please do report it and of course do not click any of the links or enter any private information.

For more information take a look at the Apple website – Identifying fraudulent “phishing” email

Facebook Hoax – Mark Zuckerberg IS NOT giving you money.

Posted on 28th December 20158th February 2017 by Michelle Harris

So this Facebook Hoax has been going around a while now and I just feel I need to inform you – that it is a Facebook Hoax – Mark Zuckerberg is not giving you money.

I don’t think he would even be happy that his original message for his daughter his now being used by users to spam other users with a hoax.

We have seen so many of these over the years, I thought we could recognise them by now – Free Oakleys – Gold Membership – Switch to Pink and the list goes on.

Facebook Hoax – Mark Zuckerberg is not giving you money

Okay this one doesn’t harm us really but its gone viral because people keep sharing it saying – it can’t hurt. Yes, it can, it might make people mute you.

It started off as

THANK YOU, MARK ZUCKERBERG, for your forward-thinking generosity! And congrats on becoming a dad!
Mark Zuckerberg has announced that he is giving away $45 billion of Facebook stock. What you may not have heard is that he plans to give 10% of it away to people like YOU and ME! All you have to do is copy and paste this message into a post IMMEDIATELY. At midnight PST, Facebook will search through the day’s posts and award 1000 people with $4.5 million EACH as a way of saying thank you for making Facebook such a powerful vehicle for connection and philanthropy.
I hope someone I know gets a piece of the pie–let me know if you do!!!

and now we are seeing this one …….

Can’t wait to see who the winners are Facebook Mark Zuckerberg is going to give away 4.5 million of his Facebook stock tonight at midnight 10% to people like you and me! All you have to do is copy and paste this to your page and post. Facebook is doing this to show what a powerful tool of connection it is !!! Can’t wait to see who wins !!! This is not a hoax !!! It’s on Good Morning America !!! ‪#‎MarkZuckerberg‬

Folks, this is never going to happen. Stop sharing them. All these do is fill up our streams with rubbish and makes you look silly.

The actual announcement was a public letter to his new baby girl – and someone has changed it – like always happens, so that people share this rubbish.

As you begin the next generation of the Chan Zuckerberg family, we also begin the Chan Zuckerberg Initiative to join people across the world to advance human potential and promote equality for all children in the next generation. Our initial areas of focus will be personalized learning, curing disease, connecting people and building strong communities.

We will give 99% of our Facebook shares — currently about $45 billion — during our lives to advance this mission. We know this is a small contribution compared to all the resources and talents of those already working on these issues. But we want to do what we can, working alongside many others.

Stop it now lol thanks 😉

Road Tax Email Scam

Posted on 1st May 20158th February 2017 by Michelle Harris

When you are about to renew the tax on your car – watch out for the new Road Tax Email Scam.

The scammers this time appear to be taking advantage of people being confused about the changes to the UK vehicle tax disc and the fact that you no longer need to display the paper tax disc.

Road Tax Email Scam

Click to Tweet: Road Tax Email Scam http://ctt.ec/1SAh9+

The Phishing scam email, seems to come from official sources at the Driver and Vehicle Licensing Agency and they try to get you to give over your bank details. Of course the DVLA would never ask for your bank details in an email.

Phishing – as in fishing for confidential information

The scam email claims that you are owed a discount from a previous vehicle tax disc that you had paid for then gives you a link to go to so that you can verify your credit card or bank details in to get a refund.

The DVLA strongly advise you to ignore the email and delete it, if you are at all concerned go to the Vehicle Tax section of the Gov.uk website.

Paper Tax Disc

The paper tax disc was abolished on the 1st of October last year. You do not have to display a disc any more but you still buy it in exactly the same way as you did before or using the new services on the website.

There is one difference now – that when you buy a new car – or transfer ownership – you have to buy new tax before you drive the car it seems this is catching people out – read – Tax disc loophole leaves angry drivers facing massive fines

If you are still confused – please take a look at this video.

Also remember

Never give out private information (such as bank details or passwords), download attachments or click on any links in emails if you’re not sure they’re genuine. Always go to the original website to check the information, or telephone the company.

Credit for tax disc image Paul Townsend Creative Commons

Paypal email scam

Posted on 17th December 20148th February 2017 by Michelle Harris

We are all very busy at this time of year and might overlook these bank phishing scams, such as the Paypal email scam

They are clearly hoping to catch us off guard at this time of year, when we are all rushing around spending money.

Paypal email scam

This is what I received – this is a fake email pretending to come from Paypal Luckily Gmail sent this fake paypal email straight to my spam folder, so most people won’t get caught out.

How can we tell its fake a Paypal email

First look at the address it came from – i@city.websitewelcome.com – not paypal.com – however some scammers do get email addresses that have paypal in it so don’t be fooled by that either.

Secondly – it says Dear Member, not my name

Another thing to notice is the spelling mistakes, this is often the case with phishing emails and this one that says its from Paypal is no exception.

Until we here from you…..

Also when you hover over the button that says Update your account now, you can see that it doesn’t go to Paypal at all. (this url shows at the bottom of your screen) When you are using paypal you should always see https://www.paypal.com/ at the top of your screen.

See here for more information on What is a phishing email

This comes from Paypal themselves

You’ll know that an email is not from PayPal when:

The email uses a generic greeting like ‘Dear user’ or ‘Hello, PayPal member.’ We’ll always address you by your first and last name or the business name on your PayPal account.
The email requests financial and other personal information. A real email from us will never ask for your bank account number, debit or credit card number etc. Also we’ll never ask for your full name, your account password, or the answers to your PayPal security questions in an email.
The email asks you to provide the tracking number of a dispatched item, before you’ve received the payment into your PayPal account
The email includes a software update to install on your computer.

If you’ve recieved an email like this you can forward it directly to spoof@paypal.co.uk and then just delete it from your inbox.

If you have clicked on the button, or entered in any information contact paypal or any other bank immediately

Social Network Emails – Your account may have been compromised – What to do.

Posted on 23rd February 20138th February 2017 by Michelle Harris

Users are still concerned after receiving emails saying that their accounts might have been compromised or the one entitled – Important information regarding your security and privacy from social networking sites – Twitter, Tumblr and Pinterest.

The problem arose when Zendesk who store and organise emails for customer support and help desks for these social networks had their systems hacked. Zendesk believe that during the security breach personal information such as email addresses linked to these platforms may have been downloaded by the hacker.

Quote from the zendesk blog

We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response.

This will only affect you if you have emailed customer support at Twitter, Pinterest and Tumblr – which most of us have at some point. I imagine if you have then that is why you have received an email warning you of the breach. – There is no indication that passwords have been stolen at all.

So, I don’t think there is much to worry about here – if you are concerned you can change your passwords, in fact if it has been a while since you changed your passwords on these or any accounts then maybe you should anyway.

Phishing Scam

What we need to watch out for are bogus emails pretending to come from these platforms asking us to change our passwords with a link that looks like it comes from the social network itself. This is how hackers will then hack into your accounts with a Phishing scam email. Sites like this never ask for your passwords via email, so it will be easy to spot if you do get a Phishing email.

Never, click links in emails like this – always – If you want to change your password – go directly to the site and click on change password.

How to change your passwords

For Twitter

Click the cog – settings – password (on the left)

For Tumblr

Click the Cog.

For Pinterest

Hover over your username – click settings and then Change Password.

Hope that helps

What is a Phishing Scam

NatWest Scam Email

How to remove the Facebook video scam from Google Chrome

Don’t click this link in the video

Peter Hollens Hacked

Singer and Producer Peter Hollens Hacked by *security* OurMine

Whatsapp 4G VIP Scam fooling users

I received a strange Whatsapp message. Is it true?

How do we know its not true ?

You’re In Control

iPhone Apple ID text message scam

Facebook Hoax – Mark Zuckerberg is not giving you money

Road Tax Email Scam

Paper Tax Disc

Paypal email scam

How can we tell its fake a Paypal email

Phishing Scam

How to change your passwords

Singer and Producer Peter Hollens Hacked by security OurMine