Very nearly got ripped of this morning.

Page may contain affiliate links. Please see terms for details.

glasgowcyclist

Charming but somewhat feckless
Location
Scotland
Jeez, is it £157.50, i think I have watched more BBC in the last month watching the 5PM briefing for the first 10 minutes than I have for months, we rarely watch it, but that is another thread I'm sure.

I think it's still good value, it's less than the price of a KitKat a day.
 
D

Deleted member 26715

Guest
I think it's still good value, it's less than the price of a KitKat a day.
Interesting I don't eat kitkats or use the BBC, luckily I only have to pay for one of them
 

oldwheels

Legendary Member
Location
Isle of Mull
The general advice is never to click on a link. You can check by going to the site separately. I got one today telling me my broadband contract was coming to and end and would have to be renewed. It was obviously fake but I just went into my suppliers web site separately and checked. Sure enough no mention of contracts.
 

Faratid

Well-Known Member
Received an Email about tv licence and like a fool nearly paid it. Beware this is a scam Email and i am sure i will not be the only one to get it. At present the tv licence help line is not open, so check before paying or entering your bank details online.


Dear Customer,

Your TV Licence will expire !!! You must renew it now, or additional fees will be applied.

We are sorry to let you know that your TV Licence could not be automatically renewed.Something went wrong with your Direct Debit payment.
Something went wrong with your Direct Debit payment
Remember, you need to let us know if your personal information changes or switch to another bank

Click Here To Update

Please take care of this straight away or we may be forced to pass your details to a debt collection agency.
Please keep this email safe, because it tells you how to access your licence online.
Keep this email safe, because it helps you to access your licence online. Thank you!
TV Licensing
© 2020 TV LicensingAbout us | Contact us | Accessibility

You can forward this sort of thing to report@phishing.gov.uk
 
Since I can't sleep, waffle iron on regarding phishing and scam attacks.

SOME RULES
- There are few reasons to click on any links in emails (maybe password reset emails, but only so long as you know that you requested one from the real website), other than that, do not click on any links in emails
- You cannot rely on the status bar in the bottom left corner of your web browser to determine that the address that the link will take you to is correct for a variety of reasons. (in older browsers it is super easy to make these say whatever you want.)
- It is far safer to visit a site by typing its address yourself or using a bookmark, otherwise you can never be truly sure that the site you're visiting is the one you think it is
- Beware URL shorteners like tinyurl or bitly (99.9% of the time these usages will be fine, but NEVER put any information into the sites that they lead you to, even if the address looks legit)
- Don't use sites that don't use https, and if in doubt, check the certificate (by clicking on the padlock next to the address bar) and make sure it matches the company you expect.

REASONS
While there are a bunch of different ways to trick someone with a seemingly legit website and a seemingly legit web address, the easiest one to demonstrate is called a homograph attack.

This are where letters that appear identical are used in place of the ones you'd expect.
The simplest and most obvious one is uppercase i "I" and lowercase L "l": as in "helIo", where both letters look identical in some fonts. Since all domain names are lowercase in the browser, this isn't such an issue, although it may catch out the unwary who just inadvertently went to helio.com

It gets worse: in different alphabets there are letters that look identical

For instance, good luck differentiating between аcoolwebsiteijustmadeup and acoolwebsiteijustmadeup when you're not specifically looking for anything out of plаce.

In this example above I used the Cyrillic lowercase а instead of Latin lowercase a, which looks subtly different in the default cyclechat font
but there are plenty of homoglyphs that are visually identical.

If you hover over or click on exаmple.com it should get translated to xn--exmple-4nf.com and will display as such in the status bar, so this avenue of attack is mostly closed if you keep your browser up to date. If when hovering or clicking on this, it appears as exаmple.com, you need to update or change your browser right now.

HOWEVER: it is possible to reconstruct some latin words entirely in other alphabets.
Behold the power of аррӏе.com (it's a safe website, used purely to demonstrate the principle.)
Every letter in that address is in the Cyrillic alphabet. As this is not a mixed-alphabet domain name, browsers have no way of knowing that this isn't a legitimate domain name rather than a homograph attack on the real apple.com.

--

Also, use a password manager, don't reuse passwords, passwords should absolutely not be memorable except your email account and the master password for your password manager.
 

MontyVeda

a short-tempered ill-controlled small-minded troll
Lots of phishy clues in that one:

- "Dear Customer" - TV Licensing will know your name
...
after opening approximately six investigations on my property... TV licencing still address me 'dear customer' or 'the legal occupier'.
 

glasgowcyclist

Charming but somewhat feckless
Location
Scotland
after opening approximately six investigations on my property... TV licencing still address me 'dear customer' or 'the legal occupier'.

That’s because they don’t know who you are yet.

The scam email is about a missed renewal where the real TVL would know the name of the recipient and would quote it in correspondence.
 

I like Skol

A Minging Manc...
OK, I think I am onto a winner here..... I appear to have been BCC'd into an email that is inviting me to take part in a very lucrative offer. What do you think I should do?

1592498402992.png
 
Top Bottom