Browsed by
Category: Computing related

Computing related posts

Beware the Companies House e-mail

Beware the Companies House e-mail

I have for some time now been plagued by e-mails claiming to come from Companies House, they generally say that there is a problem with web filing to Companies House. Now, as happens at the time when I first received one of these e-mail I was about the time one of the companies I am a director of was filing it’s annual report with Companies House. At first glance the e-mail looked plausible (there is a sample below) and it had come to an e-mail address which I use for company business, but something just did feel right about it.

First: it doesn’t mention the name of the company which is it supposedly referring to, just a submission number, real e-mails from Companies House always have the name of the company they are about in them.

Second: it had an attached zip file, which is odd because on the Companies House website where you can make your companies annual return by web filing, it says that you can download a pdf of the report. Confirmation e-mails from Companies House never have attachments.

Thirdly: while I am a director, I wasn’t the Company Secretary, and I would expect the Companies House to communicate with the Company Secretary in the first instance.

Fourthly: all the companies of which I am a member of the board, are registered in Scotland. Therefore, I would expect any correspondence in connection with these companies to use Companies House Edinburgh address.

Here is the test of the latest version e-mail, which I received this morning:

The submission number is: 2768706

For more details please check attached file.

Please quote this number in any communications with Companies House.

All Web Filed documents are available to view / download for 10 days after their original submission. However it is not possible to view copies of accounts that were downloaded as templates.

Companies House Executive Agency may use information it holds to prevent and detect fraud. We may also share such information, for the same purpose,
with other Organizations that handle public funds.

If you have any queries please contact the Companies House Contact Centre on +44 (0)303 1234 500 or email enquiries@companies-house.gov.uK

Note: This email was sent from a notification-only email address which cannot accept incoming email. Please do not reply directly to this message.

Companies House
4 Abbey Orchard Street
Westminster
London
SW1P 2HT
Tel +44 (0)303 1234 500

 

My suspicions aroused, I took a look at the full header of the email which immediately confirmed my suspicions, the return address and the message ID which not for Companies House, so it was obviously spam. I then decided to take Companies House advice on dealing with unsolicited/phishing e-mail, forwarding a copy of the offending e-mail to phishing@companieshouse.gov.uk as they suggest. This resulted in an immediate e-mail from my own system telling me that it had “received a message, apparently originating from you, which contains the “Mal/DrodZp-A” virus/malware. This message has not been delivered onwards to the recipients.” This was obviously caused by the attached zip file which had aroused my suspicions in the first place.

The lesson of this story is be wary of unexpected e-mails from Companies House, even if they look genuine, don’t open attachments or follow links in the body of the e-mail until you have checked that it is actually from the sender which claims to have come from. As a last line of defence always make sure that your anti virus software is up to date.

Possibly Related Posts: (automatically generated)

Comment spammer offers to help you with spam

Comment spammer offers to help you with spam

The cheek of this Comment spammer offering to help me with spam is so crazy I just felt I need to post it up as a warning to other.

Author : bounceconnect.com (IP: 5.135.86.49 , 5.135.86.49)
E-mail : candelariaknight@bigstring.com
URL : http://***********************
Whois : http://whois.arin.net/rest/ip/5.135.86.49
Comment:
Do you have a spam problem on this site; I also am a blogger,
and I was wanting to know your situation; we have developed some nice methods and we are looking to trade solutions with other folks,
be sure to shoot me an email if interested.

When these things come to me for moderation I generally check them out with Project Honey Pot and sure enough this is a known comment spammer. Now I am just wondering how long before this post attracts comment spam? 😉

Possibly Related Posts: (automatically generated)

Always backup before carrying out maintenance or changes

Always backup before carrying out maintenance or changes

Always backup before carrying out maintenance or changes a salutatory tale.

Today, having read about a Huge attack on WordPress sites could spawn never-before-seen super botnet I decided to up grade the security on this blog. I took the advice to add a security plug in and change a few settings. In the process of doing so it was suggested that I should carry out a back up, so I took the easy option and let the plug in do the backup for me. It said it would e-mail a backup file and after a short while an e-mail arrived in my in box, and I therefore carried on. The changes made I was surprised to get a message saying “new install”, confusion was replace with horror when I realised that just wiped the database.

I quick went to the in box and opened the e-mail which claimed to have the back up file, only to find no attachment! Panicking I started searching of a back fearing that I might just have lost seven year work. I manage to find one back up file from July 2012, then after more frantic searching one for December 2012. It then took four attempts before I managed to successful up load the back onto the database.

This still left me with four months of missing posts. I was lamenting this fact on Twitter when @branaby suggested that I check and see if Google had cached any of the missing posts. Sure enough I was able to recover all but one of the missing posts. The more resent wasn’t in the cache, but fortunately I still had the text elsewhere and so was able to recover that too. This time I was very luck, but the moral of the story is ALWAYS check you have a full backup before carrying out any maintenance!

Possibly Related Posts: (automatically generated)

Tax Refund Notification

Tax Refund Notification

I had an interesting e-mail today, it claimed to be from HM Revenue & Customs (HMRC) and read as follows:

 
From: HM Revenue & Customs <refund.claim-hm@hmrc.gov.uk>
Subject: Tax Refund Notification
Date: Sat, 7 May 2011 16:19:58 +0100
To: undisclosed-recipients:

Tax Refund Notification

After the last annual calculation of your fiscal activity, we have determined that you are eligible to receive a tax refund of 973.90 GBP. Please submit the refund request and allow 5-7 days for processing. Click Here To Claim Your Refund

Best Regards,
HM Revenue & Customs

 

It looks almost real but something about it just didn’t feel right. For one thing, the address looked wrong, having been a civil servant (I used to work for the Forestry Commission) I knew that all UK Government e-mails are name@[department].gsi.gov.uk, this wasn’t from inwith the Government Secure Intranet (GSI). Then there was the fact that it was to “undisclosed-recipients”, tax calculations are personal, this suggest that has been sent to multiple people. Thirdly, it wasn’t sent to the e-mail address I use to communicate with the Inland Revenue. So I did a wee bit of digging around and sure enough I soon found that it is a scam.

If you have also received one of these e-mails, first off do not click on the link and don’t give any of you details. Secondly, forward it with the full headers to HMRC (see here for details) and help them catch the scammers, it is in interest of all of us to stop this sort of thing!

I have since been told by HMRC that it “does not use email to contact people about being eligible for a repayment or to ask personal information or payment”. So any e-mail telling you that HM Revenue & Customs is offering you a tax refund it is a scam, don’t fall for it.

Possibly Related Posts: (automatically generated)

Phone call from the “Technical Department of Windows”

Phone call from the “Technical Department of Windows”

I received an odd telephone call this morning. The caller with an Indian voice, who claimed to be from the “Technical Department of Windows”, tried to tell me that I had down loaded some malware from the internet on to my computer. When I asked how she knew this, the caller became confused, and as the line was poor I took the opportunity to hang up. Ten seconds later the phone rang again, the same caller again apologising for having been cut off and once again telling me that there was a problem with my computer. So for a second time I asked how she knew, again she became confused, but this time handed me on to a male colleague who ignored my question and got on with the script. He asked me if I could see my computer, which I said I could, next he asked if I could see the “My Computer” icon. At this point I consider playing along to see where this was going, but two things stopped me, first I wasn’t going to able to follow his instructions (as I am using Ubuntu Linux, not MS Windows), and two I had better things to do with my day. Therefore I hung up once again and have had no further calls. I tried ringing 1471 but as they were phoning from abroad the number was unavailable so I had nothing to report to Consumer Direct’s “Report a Scam” service.

This afternoon I found myself still thinking about the call, I was intrigued to know how common this sort of thing is, so I did a quick Google search and I found there is plenty hits showing that this is a regular problem. Obviously, Microsoft would never make such a phone call, you have to phone them to get support not the other way around. Either way, their advice on dealing with scams is pretty thin. The best advice dealing with these scams comes from the Digital Toast blog, which also has an entertaining collection of videos of people winding up the scammers. Also, the Guardian technology editor, Charles Arthur, makes some interesting comments about who might be behind these scams. If you have received a call recently, maybe you would like to leave a comment.

Oh and just is case you were wondering if Microsoft knows about this scam, well yes they were told about it in March 2010, it is just that they can’t be bothered to do anything about it…

Addendum: It would appear that Microsoft have finally woken up and realised there is a problem and this is their official advice. Please note that the scammers are now also claiming to be from: Windows Service Centre, Windows Help Desk, Microsoft Tech Support, Microsoft Support, Windows Technical Care, Windows Technical Department Support Group or Microsoft Research and Development Team (Microsoft R & D Team). So please take care.

Addendum: There have been a number attempts to comment on this blog saying that the fraudster making this calls are legitimate, the latest came from:

 
Author: luckysharma (IP: 115.115.103.248 , 115.115.103.248.static-kolkata.tcl.net.in)
E-mail: luckysharma420@gmail.com
Comment: this is genuine company…ok

 

Please note these calls are entirely fraudulent, do not allow these people to access your computer.

Addendum: There has been one high profile arrest and conviction but, sadly, there are plenty more still active. Please take care.

 

Addendum: I have had a number of people asking if there is a way of stopping these calls (see comments below), well there are call blocking devices available on the market which can be effective. You also need Caller ID on your phone line, this may be an extra cost depending on your phone provider. Some phone providers may not supply Caller ID for international calls and so you need to think about just who you want to block, to avoid blocking legitimate calls i.e. family members and friends living abroad, or people calling from switchboards where the number is withheld (personally this last one is a risk I would take). If anyone has experience of using such call blocking devices they would like to share, please feel free to comment below.

Possibly Related Posts: (automatically generated)

Do NOT follow this link or you will be banned from the site!
%d bloggers like this: