Erik van Straten on Nostr: Yesterday Bleeping Computer reported a phishing campaign targeting elderly UK ...
Yesterday Bleeping Computer reported a phishing campaign targeting elderly UK citizens in
https://www.bleepingcomputer.com/news/security/scammers-target-uk-senior-citizens-with-winter-fuel-payment-texts/.
Because phishing messages may arrive in various ways, including paper mail (possibly wit a QR-code) or via e-mail (possibly from a valid but comprimised sender), it is ESSENTIAL to check the domain name (in your browser's address bar) of the website you're eventually directed to, without being distracted by anything shown in the webpage.
If a domain name does not end with
.gov.uk
(note BOTH dots) then it is NOT a UK Goverment domain name. For example,
www.whatever-gov.uk
is NOT a .gov.uk domain name because gov is not preceded by a dot.
Note: it does not make much sense to block the domain name mentioned by Bleeping Computer: "noticesgove[.]top".
Since Oct. 30, scammers have registered 234 different domain names that resolve to just one IP-address, more than half of them variations of noticesgove[.]top (see my follow-up toot).
We need a safer internet!
npub1ld4e08ezz6uewrjzleae2xdyv805j44dpq9yufkncqxwuvmhjepspfxgd6 (npub1ld4…xgd6) #Phishing #Scams #Infosec
Published at
2024-11-10 14:50:03Event JSON
{
"id": "d14f5776ab56053fb8bc83afca0fa969461b7cafb4b1406114148bf9b9ef7d73",
"pubkey": "20930bb37c402b36d6577333ebddc01318bf20a854617e8c544d1cd623541954",
"created_at": 1731250203,
"kind": 1,
"tags": [
[
"p",
"fb6b979f2216b9970e42fe7b9519a461df4956ad080a4e26d3c00cee33779643",
"wss://nostr.sprovoost.nl"
],
[
"p",
"f205dd1bbe2e04ce10bb4ce739b4a71e1d072587f474fb7cacd22684de1a6a6d",
"wss://nostr.sprovoost.nl"
],
[
"t",
"phishing"
],
[
"t",
"scams"
],
[
"t",
"infosec"
],
[
"proxy",
"https://infosec.exchange/users/ErikvanStraten/statuses/113459213340803062",
"activitypub"
]
],
"content": "Yesterday Bleeping Computer reported a phishing campaign targeting elderly UK citizens in https://www.bleepingcomputer.com/news/security/scammers-target-uk-senior-citizens-with-winter-fuel-payment-texts/.\n\nBecause phishing messages may arrive in various ways, including paper mail (possibly wit a QR-code) or via e-mail (possibly from a valid but comprimised sender), it is ESSENTIAL to check the domain name (in your browser's address bar) of the website you're eventually directed to, without being distracted by anything shown in the webpage.\n\nIf a domain name does not end with\n\n .gov.uk\n\n(note BOTH dots) then it is NOT a UK Goverment domain name. For example,\n\n www.whatever-gov.uk\n\nis NOT a .gov.uk domain name because gov is not preceded by a dot.\n\nNote: it does not make much sense to block the domain name mentioned by Bleeping Computer: \"noticesgove[.]top\".\n\nSince Oct. 30, scammers have registered 234 different domain names that resolve to just one IP-address, more than half of them variations of noticesgove[.]top (see my follow-up toot).\n\nWe need a safer internet!\n\nnostr:npub1ld4e08ezz6uewrjzleae2xdyv805j44dpq9yufkncqxwuvmhjepspfxgd6 \n#Phishing #Scams #Infosec\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/113/459/079/369/311/671/original/2c5a513dbc5f94c2.jpg\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/113/459/081/697/135/525/original/5f45b7ed711b1467.jpg\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/113/459/082/340/406/398/original/3b921c62f85bdac4.png",
"sig": "6a828f83dfa8cbd302fc88a0f6833696ad6c2ee28d6dd03728833d2c572eb9e93c694e813c63e6c013297fe0d60920540df707fd7b00fe2fba08462afe508521"
}
