Other SOTA sites: SOTAwatch | SOTA Home | Database | Video | Photos | Shop | Mapping | FAQs | Facebook | Contact SOTA

OT - email from ofcom? - Phishing scam


#1

OT I know, but several people have received an email from ofcom with a .docm attachment.
I’ve had 2 this morning already, both marked as SPAM, although in the limited headers I can view on my phone I can’t see why.
Anyone else had one and thought it ever so slightly suspicious?
Suffice to say I’m not about to open the attachment. …


#2

Interesting. Nothing here.


#3

Ofcom normally send via snail mail.
Find there phone number and ask them direct.

Does seem a little odd

Keep us posted

karl


#4

No, no, no, no, no.

  1. If in doubt don’t open it. Never.
  2. You got it via the internet, maybe searching the internet with Google/Bing/DDG would help.

#5

Totally, so if in doubt leave it alone and deleted it.
Nothing either of my mail accounts either

Karl


#6

Good man.

Far too many people click anything and everything they receive. These are the people who regularly write in forums “so anyway when I reinstalled Windows it was OK after that”.


#7

Suspicion confirmed…

Whoops, just saw Andy posted it :wink:

Don

m0hcu


#8

I’ve seen a slew of different unsolicitd emails with ‘documents’ attached of late. Most of them come to email addresses I know have been swiped from one compromised organisation or another. Apparently-empty documents wih nasty little macros inside seem to be flavour of the month. Again.

I wonder whether Ofcom have had their system compromised…


#9

Well what goes around comes around Rick and macro viruses are back in fashion again just like in the 90’s.

One of the best moves I made was removal of everything Adobe (except Flash) and also MS Office from my computers. Adobe PDF reader is free but sadly it’s a massive bloatware of poor programming and design resulting in a huge program that is slow and very vulnerable to exploits. Patches for Adobe software are massive and slow to install. Removing Adobe PDF and using some 3rd party PDF software gives me the ability to read PDFs without the associated worry that a PDF download will exploit something in Adobe PDF. SumatraPDF or eVince work fine on Windows and Linux for PDF viewing and I print files to the CutePDF printer driver to generate PDF files.

Adobe PDF Reader is installed the majority of Windows machines and due to its poor heritage it is a serious exploit avenue. Moving to better packages removes that avenue and also means I can render the files many times quicker than Adobe PDF Reader does. Likewise I gave up using MS Office for similar reasons. I have it installed on my work PC but at home I have OpenOffice and LibreOffice installed for Windows and Linux and that gives 90% compatibility with Office. Hell, even real Office has problems with files saved in other versions of Office so OO or LO is more than good enough.

There will be exploits in all the programs I use now just as there are in Office and Adobe, but I have massively reduced the window of opportunity for these exploits as they are targeted at the main players. Security through obscurity is not really security but it’s still more secure than mainstream.

The only real nasty left is Adobe Flash. I only need that for QST Online and it is disabled by default. Sure some websites wont play video but HTML5 is more and more common and YouTube works so no Flash is a small problem. If only ARRL would dump it I could be Adobe free.


#10

Interestingly, I got an email today ‘confirming’ my booking for a business room, and attached was an invoice for £200 odd, the rest payable later.
The attachment is a word doc.
The names and company all seem to check out, but it is clearly some scam and most likely a macro virus, so it would seem they are back in fashion.
My email (in image form so no accidental clicks!) for reference.


#11

#12

Nice one. Google had nothing for me this morning when I got it.


#13

To be fair, I seem to get quite a few of them… the dubious delights of having an email address that’s been on the Internet for over 15 years (I must change it and/or move it to some ISP who will block such things )

Normally a spate of 3 or 4 ‘invoices’ or ‘hotel bookings’ or ‘flight tickets’ (even bills from care homes at one point!) from ‘reputable companies’ that actually exist, with valid contact details (they must get quite annoyed when people start phoning them up, complaining) but most of them seem to have at least one spilling mistook or have someone else’s email address in the ‘To:’ part, and thousands of suckers, like me :wink: bcc’d into it.
This one was rather clever (at least looking at the headers on the mobile. I must take a look at the full ones when I get a chance)

It would be interesting to find out if any non-hams were sent it.

It even made it onto el-Reg: :slight_smile:

Don
m0hcu


#14
  1. Regarding “odd” emails, I received one recently which invited me to pay for the hotel room “that I had recently booked” at a hotel in Edinburgh which I had never heard of. I ignored it, and heard nothing more.

  2. I removed Adobe Flash and all its plug-ins some time ago, as I felt the security risks were too great to justify keeping it installed on my Windows 7 PCs. It is surprising how many web sites still do require Adobe Flash for you to view video content, but that will not induce me to re-install it. For QST, I use the iPad QST App (available from the Apple App Store) and read them on my iPad. That doesn’t require Adobe Flash.

  3. I use Open Office for text files, spreadsheets and database functions. It works fine for me, but I get complaints from some Microsoft Office users who say they can’t open .odt files if I send them as an email attachment. I have to use Open Office to convert them into .doc format and re-send them, which is a bit of a pain.

  4. I have never used Microsoft Outlook, Outlook Express - or any Microsoft email client for that matter. I regard them all as a very serious security threat. My email client of choice is Pegasus, and I use Mailwasher Pro to scan all my incoming email before downloading anything.

  5. I do still have Adobe .pdf reading software, but I also have Nitro pdf and Primo pdf as alternatives. Adobe pdf seems to need updating on at least a monthly basis, which does seem rather excessive.

  6. AVG and Avast antivirus have both become problematic lately. They both slow down my PC to an unacceptable extent (although at one time I found them both satisfactory). I have abandoned both, and currently use Microsoft Security Essentials. It gives a somewhat lesser degree of protection, but at least it’s reasonably stable and doesn’t take ages to update itself.

73,
Walt (G3NYY)


#15

I don’t have a link to the story but apparently the spelling/grammar errors are often deliberate. Anybody who spots the errors is likely to be too smart to fall for the scam and the scammers want mugs not smart people. Otherwise the spelling would have been fixed by those running the “I have $27 MEEELLION DOLLERS US for you” scams as they have been running for many, many years. In this case the payload is a trojan designed to collect your passwords to bank accounts etc.

I wonder how many amateurs are now infected?


#16

I think at least one - I got a spam email from an amateur from the Bury area, who also runs a related Facebook site. Needless to say it went in the bin.


#17

Several friends of mine at Otley A.R.S have received the supposed email from Ofcom.

Be vigilant.

73 Chris M0RSF


#18

Hi Walt,

Why not follow the normal Microsoft practice and tell them they should upgrade to a later version of Office. The last two (or possibly three) versions of word can read ODT files - as can Wordpad on Windows 7 and later.

Ed.

Also - I have never used Microsoft Outlook, Outlook Express - or any Microsoft email client for that matter. I regard them all as a very serious security threat.

Even Microsoft have stopped supporting the man-in-the-street version of outlook (express). Outlook is still supported in commercial environments - but for how long? as MS are going cloud based with everything and already have a web email client. (i.e. you can access your mail, calendar, to do list etc. etc. from the company exchange server simply by using a browser - any browser).


#19

Beware of Windows 10!

"Microsoft can disclose your data when it feels like it.
This is the part you should be most concerned about: Microsoft’s new
(Windows 10) privacy policy is very loose when it comes to when it will or
won’t access and disclose your personal data:

We will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a good
faith belief that doing so is necessary to protect our customers or
enforce the terms governing the use of the services."

73,
Walt


#20

You are a Daily Mail feature writer and I claim my £5. :wink:

You’re spinning fact into hyperbole. You can disable all the data gathering in Windows 10 as a user. You can also set policies so the options stay turned off across updates.

As for data gathering in cloud services… if they want to do that and tell you they will then that’s fine. You can accept it or use a different service that doesn’t data harvest. Normally you pay for non-harvesting cloud services and the ones which scan your content are free.