A new type of phishing email that includes the recipient’s home address has been received by thousands of people in the UK and is likely to be replicated across the world, including South Africa, USA and all across Europe.
Somehow, the scammers in this latest hoax have been able to get hold of your home address and include this in their email to you. This makes their email seem legitimate to some recipients who do not doubt the authenticity of the email. Full details of this email can be read on the BBC website.
The email also claims that the recipient owes hundreds of pounds to firms. One security expert warned people that clicking on the link would install malware onto your PC. Many people can recognise phishing emails by the content of the email, usually containing poor spelling and grammar and appearing somewhat suspicious in some way. However, this latest hoax has good spelling and with the inclusion of your home address, appears very different to traditional phishing emails.
However, the urgent need for the recipient to pay a fee could be a good giveaway to people that this is not an authentic email, and to check it out with the original and proper company before parting with any money. Scammers ultimately want your money, and like many phishing emails, they will attempt to get you to pay a fee to them by conning you out of your money. Wonga, a short term loan provider in South Africa, was used as the ‘face’ of a phishing attack 2 years ago. Hackers in this case sent out mass messages via email and text message to thousands of South Africans (their contact info was leaked from an unconfirmed government source but Wonga assured customers no data breach occurred on their side), these messages offered a too-good-to-be-true loan which required an upfront fee. This is not something any reputable brand would ever do – charge for a loan upfront. Especially in an industry as heavily publicised and moderated as the loan industry.
Many people fell victim to this kind of phishing email, believing the messages to be authentic and paying the fee.
Other ways you can spot a phishing email include:
- The sender’s URL is mismatched or suspicious looking
- The email contains a link to a copycat site that the hackers have set up themselves
- The email contains poorly worded content (but not always, as seen here)
- The email seems out of the blue or too good to be true
- Your email provider flags the email up as suspicious
- The email goes straight into your junk folder
In any case, you should call the company directly (not with a number provided in the suspicious email) and ask the business about this email and whether it originated from them or not. Hackers are becoming more sophisticated about how they target customers, and can con many people out of money – even those that would consider themselves literate about this sort of thing. If you’ve been fooled, don’t worry – but react quickly. Cancel your bank cards if this information has been jeopardised and contact Action Fraud for advice on what to do next.