Forum
Comments:
-
- on Sat 13 Mar 2010
- 03:44:21 PM UTC
tax refund request
This sort of e-mail phishing is immediately identified as a scam because HMRC never send notifications of tax refunds to come. HMRC does the maths and if you have overpayed tax then HMRC send a cheque. Also, I never been sent an e-mail by HMRC, and I have certainly never seen HMRC use "Best Regards" on any of their communications.
Clearly the scammer isn't familiar with the UK tax regime, nor with the fact that most UK tax-payers are on Pay As You Earn (PAYE) and all PAYE tax matters are dealt with by the employer's accounts department, whilst self-employed people tend to leave all tax matters to their Accountant.
-
- on Sun 14 Mar 2010
- 03:44:35 AM UTC
210.102.34.19
- IP: 210.102.34.19 - robtex
is found in the following blacklists: - dev.null.dk
spamsources.fabel.dk
korea.services.net
no-more-funn.moensted.dk - holds 2 domains:
- ifsb.co.kr
namkumi.org
I can not view: namkumi.org
OpenDNS has it blocked for Phishing
re: http://phish.opendns.com/?url=namkumi.orgcan anyone post a screen cap for namkumi.org
Interesting whois results for registrant name on Google-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W -
- on Sun 14 Mar 2010
- 11:24:22 AM UTC
namkumi.org
namkumi.org
google translate / namkumi.org
-
- on Mon 15 Mar 2010
- 08:25:31 PM UTC
Seen this one before
Referenced here:
http://blog.webroot.com/2010/02/10/tax-themed-phis...
"the page tells you to “click on your bank’s logo to continue” and then lists the logo of ten major banks in the UK: Barclays, Lloyds TSB, Halifax, Abbey, HSBC, Cahoot, RBS, Egg, NatWest, and Alliance Leicester."
-
- on Mon 15 Mar 2010
- 09:42:13 PM UTC
bank’s logo
I really can't see from this as to how anybody could be taken in by this type of scam. Firstly, no reputable business would display bank logos in this manner because legitimate secure payment sites do not need to display bank logos, and secondly, hovering over any of the logos would show the destination address before clicking on the link, and the link address would obviously not be for a real bank. In Firefox the link address shows on the bottom left of the browser window when hovering the cursor over a link.
Whilst it is good for WOT users to highlight this sort of scam, I fail to see how any but the most gullible would be taken in.
Tax Refund / Bank Phishing
An email I received earlier allegedly from hmrc.gov.uk, but actually from jfq.jfqueluz.local
([81.193.248.252])
"Tax Refund Notification
After the last annual calculations of your fiscal activity, we have determined that you are eligible to receive a tax refund of 988.50 GBP.
Please submit the tax refund request and allow us 2-3 days in order to process it.
Click Here
to submit you tax refund request
Note : A refund can be delayed a variety of reasons, for example submitting invalid records or applying after deadline.
Best Regards
HM Revenue & Customs
© Crown Copyright
Terms & conditions
Privacy policy"
Email directs to 'namkumi.org/kimson/_upload/popup/index.html', then to
'ifsb.co.kr/bbs/data/__zbSessionTMP/folder/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/folder/New Folder/United2/Folder/Folder/Folder/Folder/Folder/Folder/Folder/empty/empty/empty/United2/United/United/United/index.htm', where you find links to Lloyds, Halifax,
Abbey, HSBC, Cahoot, RBS, Egg, Nat West & Alliance & Leicester Banks!
namkumi.org
ifsb.co.kr
phishtank link for verification