Browsed by
Category: Computing related

Computing related posts

Beware the Companies House e-mail

Beware the Companies House e-mail

I have for some time now been plagued by e-mails claiming to come from Companies House, they generally say that there is a problem with web filing to Companies House. Now, as happens at the time when I first received one of these e-mail I was about the time one of the companies I am a director of was filing it’s annual report with Companies House. At first glance the e-mail looked plausible (there is a sample below) and it had come to an e-mail address which I use for company business, but something just did feel right about it.

First: it doesn’t mention the name of the company which is it supposedly referring to, just a submission number, real e-mails from Companies House always have the name of the company they are about in them.

Second: it had an attached zip file, which is odd because on the Companies House website where you can make your companies annual return by web filing, it says that you can download a pdf of the report. Confirmation e-mails from Companies House never have attachments.

Thirdly: while I am a director, I wasn’t the Company Secretary, and I would expect the Companies House to communicate with the Company Secretary in the first instance.

Fourthly: all the companies of which I am a member of the board, are registered in Scotland. Therefore, I would expect any correspondence in connection with these companies to use Companies House Edinburgh address.

Here is the test of the latest version e-mail, which I received this morning:

The submission number is: 2768706

For more details please check attached file.

Please quote this number in any communications with Companies House.

All Web Filed documents are available to view / download for 10 days after their original submission. However it is not possible to view copies of accounts that were downloaded as templates.

Companies House Executive Agency may use information it holds to prevent and detect fraud. We may also share such information, for the same purpose,
with other Organizations that handle public funds.

If you have any queries please contact the Companies House Contact Centre on +44 (0)303 1234 500 or email enquiries@companies-house.gov.uK

Note: This email was sent from a notification-only email address which cannot accept incoming email. Please do not reply directly to this message.

Companies House
4 Abbey Orchard Street
Westminster
London
SW1P 2HT
Tel +44 (0)303 1234 500

 

My suspicions aroused, I took a look at the full header of the email which immediately confirmed my suspicions, the return address and the message ID which not for Companies House, so it was obviously spam. I then decided to take Companies House advice on dealing with unsolicited/phishing e-mail, forwarding a copy of the offending e-mail to phishing@companieshouse.gov.uk as they suggest. This resulted in an immediate e-mail from my own system telling me that it had “received a message, apparently originating from you, which contains the “Mal/DrodZp-A” virus/malware. This message has not been delivered onwards to the recipients.” This was obviously caused by the attached zip file which had aroused my suspicions in the first place.

The lesson of this story is be wary of unexpected e-mails from Companies House, even if they look genuine, don’t open attachments or follow links in the body of the e-mail until you have checked that it is actually from the sender which claims to have come from. As a last line of defence always make sure that your anti virus software is up to date.

Comment spammer offers to help you with spam

Comment spammer offers to help you with spam

The cheek of this Comment spammer offering to help me with spam is so crazy I just felt I need to post it up as a warning to other.

Author : bounceconnect.com (IP: 5.135.86.49 , 5.135.86.49)
E-mail : candelariaknight@bigstring.com
URL : http://***********************
Whois : http://whois.arin.net/rest/ip/5.135.86.49
Comment:
Do you have a spam problem on this site; I also am a blogger,
and I was wanting to know your situation; we have developed some nice methods and we are looking to trade solutions with other folks,
be sure to shoot me an email if interested.

When these things come to me for moderation I generally check them out with Project Honey Pot and sure enough this is a known comment spammer. Now I am just wondering how long before this post attracts comment spam? 😉

Always backup before carrying out maintenance or changes

Always backup before carrying out maintenance or changes

Always backup before carrying out maintenance or changes a salutatory tale.

Today, having read about a Huge attack on WordPress sites could spawn never-before-seen super botnet I decided to up grade the security on this blog. I took the advice to add a security plug in and change a few settings. In the process of doing so it was suggested that I should carry out a back up, so I took the easy option and let the plug in do the backup for me. It said it would e-mail a backup file and after a short while an e-mail arrived in my in box, and I therefore carried on. The changes made I was surprised to get a message saying “new install”, confusion was replace with horror when I realised that just wiped the database.

I quick went to the in box and opened the e-mail which claimed to have the back up file, only to find no attachment! Panicking I started searching of a back fearing that I might just have lost seven year work. I manage to find one back up file from July 2012, then after more frantic searching one for December 2012. It then took four attempts before I managed to successful up load the back onto the database.

This still left me with four months of missing posts. I was lamenting this fact on Twitter when @branaby suggested that I check and see if Google had cached any of the missing posts. Sure enough I was able to recover all but one of the missing posts. The more resent wasn’t in the cache, but fortunately I still had the text elsewhere and so was able to recover that too. This time I was very luck, but the moral of the story is ALWAYS check you have a full backup before carrying out any maintenance!

Tax Refund Notification

Tax Refund Notification

I had an interesting e-mail today, it claimed to be from HM Revenue & Customs (HMRC) and read as follows:

 
From: HM Revenue & Customs <refund.claim-hm@hmrc.gov.uk>
Subject: Tax Refund Notification
Date: Sat, 7 May 2011 16:19:58 +0100
To: undisclosed-recipients:

Tax Refund Notification

After the last annual calculation of your fiscal activity, we have determined that you are eligible to receive a tax refund of 973.90 GBP. Please submit the refund request and allow 5-7 days for processing. Click Here To Claim Your Refund

Best Regards,
HM Revenue & Customs

 

It looks almost real but something about it just didn’t feel right. For one thing, the address looked wrong, having been a civil servant (I used to work for the Forestry Commission) I knew that all UK Government e-mails are name@[department].gsi.gov.uk, this wasn’t from inwith the Government Secure Intranet (GSI). Then there was the fact that it was to “undisclosed-recipients”, tax calculations are personal, this suggest that has been sent to multiple people. Thirdly, it wasn’t sent to the e-mail address I use to communicate with the Inland Revenue. So I did a wee bit of digging around and sure enough I soon found that it is a scam.

If you have also received one of these e-mails, first off do not click on the link and don’t give any of you details. Secondly, forward it with the full headers to HMRC (see here for details) and help them catch the scammers, it is in interest of all of us to stop this sort of thing!

I have since been told by HMRC that it “does not use email to contact people about being eligible for a repayment or to ask personal information or payment”. So any e-mail telling you that HM Revenue & Customs is offering you a tax refund it is a scam, don’t fall for it.

Phone call from the “Technical Department of Windows”

Phone call from the “Technical Department of Windows”

I received an odd telephone call this morning. The caller with an Indian voice, who claimed to be from the “Technical Department of Windows”, tried to tell me that I had down loaded some malware from the internet on to my computer. When I asked how she knew this, the caller became confused, and as the line was poor I took the opportunity to hang up. Ten seconds later the phone rang again, the same caller again apologising for having been cut off and once again telling me that there was a problem with my computer. So for a second time I asked how she knew, again she became confused, but this time handed me on to a male colleague who ignored my question and got on with the script. He asked me if I could see my computer, which I said I could, next he asked if I could see the “My Computer” icon. At this point I consider playing along to see where this was going, but two things stopped me, first I wasn’t going to able to follow his instructions (as I am using Ubuntu Linux, not MS Windows), and two I had better things to do with my day. Therefore I hung up once again and have had no further calls. I tried ringing 1471 but as they were phoning from abroad the number was unavailable so I had nothing to report to Consumer Direct’s “Report a Scam” service.

This afternoon I found myself still thinking about the call, I was intrigued to know how common this sort of thing is, so I did a quick Google search and I found there is plenty hits showing that this is a regular problem. Obviously, Microsoft would never make such a phone call, you have to phone them to get support not the other way around. Either way, their advice on dealing with scams is pretty thin. The best advice dealing with these scams comes from the Digital Toast blog, which also has an entertaining collection of videos of people winding up the scammers. Also, the Guardian technology editor, Charles Arthur, makes some interesting comments about who might be behind these scams. If you have received a call recently, maybe you would like to leave a comment.

Update
In the years since this post was originally written this scam has changed to include the “Technical Department of BT” and “Virgin Media Technical Department”. The simple fact is that no “Technical Department” cold calls customers to tell them that their computers are in some way infected with a virus. These calls are scams, please don’t fall for them.

Oh and just is case you were wondering if Microsoft knows about this scam, well yes they were told about it in March 2010, it is just that they can’t be bothered to do anything about it…

Addendum: It would appear that Microsoft have finally woken up and realised there is a problem and this is their official advice. Please note that the scammers are now also claiming to be from: Windows Service Centre, Windows Help Desk, Microsoft Tech Support, Microsoft Support, Windows Technical Care, Windows Technical Department Support Group or Microsoft Research and Development Team (Microsoft R & D Team). So please take care.

Addendum: There have been a number attempts to comment on this blog saying that the fraudster making this calls are legitimate, the latest came from:

 
Author: luckysharma (IP: 115.115.103.248 , 115.115.103.248.static-kolkata.tcl.net.in)
E-mail: luckysharma420@gmail.com
Comment: this is genuine company…ok

 

Please note these calls are entirely fraudulent, do not allow these people to access your computer.

Addendum: There has been one high profile arrest and conviction but, sadly, there are plenty more still active. Please take care.

 

Addendum: I have had a number of people asking if there is a way of stopping these calls (see comments below), well there are call blocking devices available on the market which can be effective. You also need Caller ID on your phone line, this may be an extra cost depending on your phone provider. Some phone providers may not supply Caller ID for international calls and so you need to think about just who you want to block, to avoid blocking legitimate calls i.e. family members and friends living abroad, or people calling from switchboards where the number is withheld (personally this last one is a risk I would take). If anyone has experience of using such call blocking devices they would like to share, please feel free to comment below.

More junk mail

More junk mail

Despite being signed up to the Mailing Preference Service I still get some junk mail. One such item arrived in today’s post from the Domain Renewal Group, helpfully pointing out that one of the domain names which I own expires later this year. It is worth noting that this event is a good six months away. The letter informs me that I must renew my domain name “to retain exclusive rights to it on the Web” so far so good. It then goes on to say “now is the time to transfer and renew your name from your current Registrar to the Domain Renewal Group. Failure to renew your domain name by the expiration date may result in a loss of your online identity” Well yes, but my current Registrar will contact me in good time, usually a month before. So I really don’t need to be told six months ahead by the Domain Renewal Group, and they give no good reason why I should change to their more expensive service. The Domain Renewal Group is of course just a scam, they aren’t acting in my interests, they just trying to rip me off.

So what to do? I could take the advice of domainscams.co.uk which mainly seems to be to return the addressed envelope, enclosed with the letter, without a stamp and with a short message, but none too polite telling them where to go. While this maybe briefly satisfying, I doubt it will have much real effect as they have probably taken this cost into account in their “business model”. No, what is really need is a heavy fine, so I think it better to take the MPS advice and send them a full copy of the mailing including the envelope. I am also thinking of taking it up with Trading Standards, but I suspect they will just tell me to take it up with the MPS in the first instance. What ever I do, this time I am not just going to shred it, I am going to fight back.

Google Chrome

Google Chrome

I saw an advertising poster for Google Chrome the other day, it has set me thinking. I have never seen a poster for a web browser before, why do Google feel the need to take out expensive advertising? Just cast your mind back a few years to when Google first appeared as a search engine was there a large expensive advertising campaign? No, of course not, its reputation as the most powerful search engine was spread by word of mouth and within a year of launch it was dominant around the world, a real killer app! Whereas, now Google is resorting to convention advertising to promote it’s products, could it be that that Google has lost it’s edge? That Chrome is not the killer browser it is hyped to be? Certainly looking round a few tech web sites the User ratings are far lower than the “Expert” ratings. Time will tell.

Just one further thought, when Google was hacked in China which browser were the Google employees using? Oh yes, they were using Internet Explorer for there personal browsing. Now why that browser??

Project Honey Pot receives its 1 billionth spam message

Project Honey Pot receives its 1 billionth spam message

Project Honey Pot is a community of tens of thousands of web and email administrators from more than 170 countries around the world who are working together to track online fraud and abuse. The Project has been online since 2004 and each day receives millions of email and comment spam messages which are catalogued and shared with law enforcement and security partners.

On Wednesday, December 9, 2009 at 06:20 (GMT) Project Honey Pot received its billionth email spam message. The message, a picture of which is displayed below, was a United States Internal Revenue Service (IRS) phishing scam. The spam email was sent by a bot running on a compromised machine in India (122.167.68.1). The spamtrap address to which the message was sent was originally harvested on November 4, 2007 by a particularly nasty harvester (74.53.249.34) that is responsible for 53,022,293 other spam messages that have been received by Project Honey Pot.

image of spam message

Every time Project Honey Pot receives a message it is estimate that another 125,000 are sent to real victims. This one billionth message represents approximately 125 trillion spam messages that have been sent since Project Honey Pot started in 2004.

If you run a website, own a domain, or contribute to an online forum you can join Project Honey Pot and help stop online fraud and abuse today.

The Koala climbs

The Koala climbs

Canonical, and the Ubuntu developers, have now released the final version of Ubuntu 9.10 Karmic Koala.

On a new installation of Ubuntu 9.10, the system uses the Ext4 file system, the GNOME 2.28 desktop environment and the GRUB 2 boot manager, by default. However, it should be noted that neither of these is implemented if you update from Ubuntu 9.04 (Jaunty Jackalope). The Kernel has been updated to kernel 2.6.31 and now offers kernel-based mode setting, which should make the graphics issues in Ubuntu 9.04 a thing of the past. DeviceKit and udev have replaced HAL as the system’s hardware interface. The boot system has largely been transitioned to Upstart. The AppArmor security extension offers protective profiles for a range of applications.

On the desktop, “Add/Remove” on the Ubuntu application menu has been replacing by the new Ubuntu Software Centre, designed to simplify adding applications with a friendlier interface for package management. Ubuntu One, the Cloud backup and sharing system, is also included which installs CouchDB in the background to synchronise local data with a server on the network. Empathy has replaced Pidgin as the default instant messaging client.

For servers, Ubuntu 9.10 has versions that are designed to run on the Ubuntu Enterprise Cloud (UEC) or on Amazon’s EC2 cloud. UEC is based on Eucalyptus, an API compatible, open source implementation, of Amazon’s EC2 cloud system.

As usual the various desktop/laptop, server edition and netbook remix versions are available to download from Ubuntu.com and for those that prefer the KDE desktop there is also Kubuntu 9.10.

I haven’t yet tried Ubuntu 9.10 as I am still running Ubuntu 9.04, but intend to do so soon and will write a post about my experiences when I have done so.

Do NOT follow this link or you will be banned from the site!
%d bloggers like this: