Internet Security

 Today, 13th May 2017, according to news broadcasts it seems that one or more NHS employees must have seen a new email and opened it's attachment. I'm not altogether suprised because lately I've noticed my inbox has several such emails and these seem to be getting more and more plausible. Usually the language is a trifle odd, but of course nowadays the use of odd English language is so common, even on the Beeb, who's to say that DHL or Bloggs & Co aren't employing someone whose English is not their second language? Apparently the virus, once released, uses the local area network to spread to other computers.

 I was reading this on-line when I realised that some examples might help, so I copied a few below.. The links are excluded as are the attachments. Usually only the key link directs you to the scammer whilst others are genuine links to BT etc. Often the email is intended to cause panic and sometimes looks really genuine. I get maybe one or two per day and quite often some appear to be valid, although lack of command of the English language is a dead giveaway.. I haven't added any of the Nigerian scams as everyone knows about these. The worst invasion of my "space" was when I discovered that my BT email server was being used to distribute scam emails. I found around 30 emails each copied to around 30 genuine BT addresses each inviting the addressee to log into a bogus BT account that was piggy-backed onto an Indian website. I wonder how many people were duped into parting with their passwords as the pages to which they were directed were copies of real BT webpages?

 

Hi allan,

You are going to be billed $ 2,767.72 on your Visa card straightaway.
Check attachment to avoid it.
Password is 6089

Best wishes,
Mel

 

Dear Customer

Here's your Xero subscription invoice for the previous billing period.

View your bill: INV-944151

You've already provided us with your payment details so unless advice to the contrary is received from you by 04 Jul 2017, the amount will be debited from your credit card on or after 07 Jul 2017.

Need help updating your payment details or understanding how Xero bills you? Click here
Need help with your online subscription invoice? Click here
Need a question answered about Xero? Ask it here

Regards,
The Xero Billing Team

 

Fax Message [Caller-ID: +441512683201]
You have received a 4 page fax at 6/21/2017 7:16:56 AM.

* The reference number for this fax is
scn_did1-441512683201-20170621-343

Click the reference number to view this fax.

Please visit www.efax.com/en/online_fax_FAQ if you have any questions regarding this message or your service.

Thank you for using the eFax service!

 

 New BT Bill

Your bill amount is: 422.13 GBP. This doesn't include any amounts brought forward from any other bills.

We've put your latest BT bill for you to view. See your bill here.

The PDF version of your bill might not be available for download yet. It can take up to 48 hours.

We'll take your payment from your account as usual by Direct Debit.

Reduce paper waste
You're still getting paper bills by post. Why not go paper-free, and stop storing and shredding them once and for all?

Need some help?
Go to www.bt.com/business/support.

Thanks for choosing BT.

Grisel Wragg
CEO, BT Business

Payment processing fee: BT Payment Services Ltd, a BT Group Company, charges this fee.


This or confidential. It's meant only for the individual(s) email contains BT information, which may be privileged or entity named above. If you're not the intended recipient, note that disclosing, copying, distributing or using this information is prohibited. If you've received this email in error, please let me know immediately on the email address above. Thank you. We monitor our email system, and may record your emails.

 

As part of our continuing SCM drive we believe in honest open communication with our supply chain. This form gives your company the opportunity to give feedback on our performance on the above contract. Further guidance on the process can be obtained by clicking the 'Instructions' button on the form.

The document can be accessed via the following link https://interform.interserveps.com/lfserver/K9cWF_2011

You have a further 14 days before your pin number will be rescinded and you will no longer be able to complete the form.

We have pleasure in enclosing a copy of the sites assessment of your performance on the above contract.

Regards,

Procurement Department

This email may contain privileged, confidential and or copyright information. If you are not the intended recipient please notify the sender immediately and delete the material from any computer. We do not accept liability for any error or omission in the message arising from corruption of, delay in or interference with, its transmission. We reserve the right to monitor email communications through normal internal and external networks.

Interserve Construction Limited.
Registered in England, Number : 303359
Registered Office : 395 George Road, Erdington, Birmingham B23 7RZ

This year we donated our Christmas card money to Crisis to help them welcome over 4,000 homeless people to Christmas centers across the country. Thousands more people will also be helped in 2017 to learn, find jobs, build confidence and leave homelessness behind for good.

 

Vodafone bill is ready

Dear Customer,

You can now take a look and manage your latest Vodafone bill for invoice date 04/06/2015. Your total bill for this month is 414.64 GBP.

Don't forget, your line rental is charged a month in advance and calls are charged in arrears.

Click here to view your bill

Benefits of Online Billing

Print replica Paper Bills
Monitor who uses what and how costs are accrued
Practical breakdowns of usage across account and handsets
View costs accrued so far in the month and set alerts
Available 24/7
Finally, if you're yet to take full advantage of our Online Bill Manager, there are many benefits from utilising its tools. These include the ability to print paper versions of your bill, set usage and monetary alerts and create cost centres all available 24/7.

For further information, see our User Guide.

Kind regards,

Customer Services

 

Your company's accounts are due by 31/06/2017.

You must deliver them to Companies House in an acceptable format no later than 31/06/2015.

Please find information in the following link regarding your Company's annual accounts

Parliament imposes strict deadlines for the delivery of statutory documents and we would like to help you deliver yours on time.

Note: Delivering the accounts after the deadline will result in the company incurring a financial late filing penalty. The officer(s) could also be prosecuted or the company removed from the Register.

If you are one of several people to receive this email, please ensure that only one of you files the accounts.

If you have already delivered your accounts, please check they have been accepted by using the Companies House WebCHeck Service.

Note: reference to company may also include Limited Liability Partnership(s).

Companies House
eReminder Service

 

 

Unsubscribe from the eReminder Service

This is an automated email. Do not reply to this email as we will not be able to receive your message.

To contact us, email enquiries@companieshouse.gov.uk

 

Hello Hello BT Broadband Customers,

Your pending message is ready now. view it online now, you'll need your BT ID to view it. This is usually your email address.

Log in to view your pending message

You don't need to do anything to pay it. We'll take your Direct Debit as normal, a minimum of eight days after the date on your bill.

Got questions about your bill?
Take a look at our bill explainer tool for more help.

Go to bill explainer tool

Important: If you're renting equipment from us, there's a message on your bill about it. Please log in to see it.

Thanks,

Libby Barr
Managing Director, Customer Care

Keep up-to-date with any changes to your packages or products at bt.com/updates

My BT app Download the My BT app
Download on iTunes Download on Google Play
BT

My BT Help
Contact us Privacy Policy

Don't miss out on our emails
To make sure our emails get to your inbox, add bt.comms@bt.com to your address book.

Please don't reply. We won't see it
If you need to get in touch, click the 'Contact us' button above.

Don't click suspicious links
If you think you've been sent a 'phishing' or scam email that's been made to look like it's from BT, don't click any of the links – especially if they ask you to check or confirm your account details. If you want to do that, it's safer to type bt.com/mybt into your browser so you know you're going to the right place. To find out more about how you can protect yourself against scam emails, go to bt.com/phishing
© British Telecommunications plc 2017. We're registered in England at 81 Newgate Street, London EC1A 7AJ (company number 1800000).

All this information was correct on the date we sent this email. See our terms and conditions

 

Dear Allan,

We can not deliver your parcel arrived at January 28.

Download postal receipt attached to e-mail!

Sincerely yours,
Wade Roberts,
USPS Senior Delivery Manager.

 

 Hi!
I am a cheerful, optimistic and very feminine lady.
My Profiles:78789461 - http://vnlvxmenblf.zgr.name I would like to acquainted with a real man who becomes a lovely husband for me. He should be kind-hearted and tender, and of course loyal.

I am family-oriented and I prefer a relationship based on mutual respect, love and trust. If you are looking a friend in your life, then likely You are interested in viewing.

Bye,
Nelli.

 

https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcSqWJktcrfq7ARgH_wBar_jQLqjWO_JEcrOLjeOhEddvjGGZtuVGxNUaZEF

IMPORTANT NATWEST ONLINE NOTIFICATION :

For security reasons, you have a limited number of unsuccessful
PIN entries and your NatWest Online access was locked

However, a hold is placed on your accounts until you verify your
details with us.

Just logon to your NatWest secure online service to resolve this issue and
view your recent account activities.

Regards,

National Westminster Bank

 

UKMail Info!
Your parcel has not been delivered to your address November 23, 2015, because nobody was at home.
Please view the information about your parcel, print it and go to the post office to receive your package.

Warranties
UKMail expressly disclaims all conditions, guarantees and warranties, express or implied, in respect of the Service.
Where the law prevents such exclusion and implies conditions and warranties into this contract, where legally permissible the liability of UKMail for breach of such condition, guarantee or warranty is limited at the option of UKMail to either supplying the Service again or paying the cost of having the service supplied again.
If you don't receive a package within 30 working days UKMail will charge you for it's keeping.
You can find any information about the procedure and conditions of parcel keeping in the nearest post office.

Best regards,
UKMail

 

 Hello

Please find attached LPO for your reference.

Kindly send in your Proforma invoice so we can proceed with the needful

Best regards,

Balaram,
Business Development Manager

Sign INN Trading & Contracting Co

Al Aziziya | Doha | Qatar Tel : +974 4441 2954
Fax : +974 4471 9622
Mob : +974 3368 3068??
Mail : sitcoqa@gmail.com
Web : www.sitcoqa.com

Back to the NHS fiasco...Now that the man on the Clapham omnibus isn't the injured party, at least directly, the media is trying to pin the blame for opening a bad email attachment. As this type of problem has been with us almost since computers were first introduced you'd think, at least the State has filters in place to protect publicly owned systems from viruses. Certainly there's supposed to be an organisation in charge of this and in charge of that a Government Minister. According to statements I read (and can we believe these?) all the right instructions were given. As a manager, at least I was donkeys years ago, and I assume good practices are much the same, I understand that it's useless to issue an instruction without checking it's been obeyed. "I told the NHS yonks ago to update from Windows XP", is the excuse. Did you suggest a timescale I wonder or was it an open-ended request? Was it a passing suggestion or was a dictate? Another story, which may be more informed, tells me the virus spread, not through XP computers, but through Windows 7 machines that were missing a security update... and, the story goes, to save expense, were not fitted with an anti-virus package.

Many moons ago we would have heard next that, "so and so has resigned", but these days this never happens. Possibly a huge cut in salary is the reason for not resigning, but I can't say. Who is it that's in charge of this area exactly? It seems that the Cabinet Office is the prime mover.

 Click to see the PDF explaining everything

and here's what the organisation has to say

Office of Cyber Security and Information Assurance

The Office of Cyber Security & Information Assurance (OCSIA) supports Cabinet Office ministers and the National Security Council in determining priorities in relation to securing cyberspace. The unit provides strategic direction and coordinates the cyber security programme for the government, enhancing cyber security and information assurance in the UK.

The OCSIA works with other lead government departments and agencies such as the Home Office, Ministry of Defence (MOD), Government Communications Headquarters (GCHQ), the Communications-Electronics Security Department (CESG), the Centre for the Protection of National Infrastructure (CPNI), the Foreign & Commonwealth Office (FCO) and the Department for Culture, Media & Sport.

Aims and objectives
The OCSIA is responsible for implementing a number of cross cutting agendas including:

providing a strategic direction on cyber security and information assurance for the UK including e-crime
supporting education, awareness, training and education (for example, Get Safe online and the Cyber Security Challenge)
working with private sector partners on exchanging information and promoting best practice
ensuring that the UK’s information and cyber security technical capability and operational architecture is improved and maintained
working with the Office of the Government Senior Information Risk Owner (OGSIRO) to ensure the resilience and security of government ICT infrastructures such as the Public Sector Network (PSN) and G-cloud
engaging with international partners in improving the security of cyberspace and information security

 

Well, I should say they appear to have failed as far as "strategic direction" and co-ordination, insofar as the NHS is concerned... but then again, what do I know, I'm just an ancient pensioner?

 What's the answer? Well, if the problems originated from an email attachment, and I don't know if that is a fact, why not filter emails before allowing these to leave the email servers. Perhaps something really simple such as blocking attachments and embedded links?

 Before I wind up this subject, I'll just mention some of the recent scam phone calls I've been receiving. There are lots of callers pretending to be from Microsoft. Their aim is to get you to type in various commands so they can access your computer. My neighbour was caught out and all her desktop icons vanished, to be replaced only if she parted with cash. She didn't and all I needed to do, when approached for help, was to cancel the "hidden" attributes.

Another caller of which I've received several this week (June 2017) pretends to be the "BT Technical Department". The caller asked me to type in various MSDOS commands resulting in a CLSID code which is common to most Windows systems. Pretending that this "unique" number is my personal computer identity is supposed to make me trust them. They will, if permitted, get you to load a program which allows them to access your computer. I didn't go that far so I don't know what mischief they could have got up to... Interestingly the display on my phone said the call was from a Scunthorpe number, 01724-874574, although the caller sounded like he was calling from an Indian Call Centre. The technique used is called "Global Call Forwarding" and the caller in India sometimes has details of an address in the city corresponding to the dial code.. in this case Scunthorpe. Obviously you're more likely to pick up a call if your display indicates a valid number.

 The next day a caller pretending to represent the government backed Telephone Preference Service (for blocking calls) asked me to supply them with my full name. I declined and after this, I understand from information on the Net, they would attempt to get my bank details and steal money from my account. Of course I didn't supply any information, but instead told the Indian caller that my telephone display said "number withheld" and did she realise that to do this whilst cold-calling from within the UK was illegal. I said this because when asked she supplied her phone number as "0800-0869345" and her address as "27 Old Gloucester Street, London WC1N 3AX". Whilst she was gabbling away in broken English I checked the number and address. It seems the address is a "virtual address" for nearly a thousand companies. Not to be thwarted by my comments she passed the call to her supervisor who spoke ten to the dozen in slightly better Indian English. I suggested he was working for a scam company in India pretending to be calling from a bogus London address and he just hung up.
 Finally, those pathetic recorded announcements. I get so many, and all "number withheld" or "number not available", that I generally now listen and press "3" to be called back. Eventually, the day before yesterday I identified a caller probably related to the recorded call and politely told him to scrub my number from his list, which he said he'd do. Time will tell if these dratted calls will stop....

 Here's a new scam, at least it's the first time I've had such a phone call.

 The usual fake caller claiming to be from BT with an extremely strong Indian accent and lots of background noise which prompted him, on my mentioning it, to call me back. The number was 0034697-041212 (although he claimed later to be in Mumbai). Initially he said my IP address had been hijacked by someone in Mountain View. I asked him what my IP address was and after waiting a minute he supplied it, but it was wrong. After asking me to type in My IP address location a screen appeared with what I assumed was that of Google in Mountain View. He then asked me to type in "BTfibreoptic,webnode.com" which I did. This took me to a fake BT web page, really poorly done with virtually no links included. There were three basic links however.. "Home", "Our Services" and "Contact". Please click on "Our services" was his request. It came up with four optional links. One, for Windows which he asked me to click. I didn't do this, but the link was to Team Viewer, a piece of code which if installed would allow him access to my computer.

Return to Reception