Thursday, January 30, 2020

fake text message from ee, or more on how to spot phishing scams

hello there


just another of them "public service" posts i try to do as and when i get chance, look you see. never, ever forget that not everyone knows what you know, and that not everyone out there can see through a blatant scam as easily as you might think. i believe it is important to share information like this; if it stops so much as one person getting scammed well then i have done some good in this world.

an important note first. under no circumstances should you visit any of the web addresses which feature in this post, and you should certainly not call the telephone number listed. that all seems like it is really important, so once again in bold - under no circumstances should you visit any of the web addresses which feature in this post, and you should certainly not call the telephone number listed.

right, mindful of the above, a text message landed for me today. one that i am aware of having been received by a number of people today. here it is.



this looks like it might be legit, at a glance. the company name is right there, and look it even has one of their website addresses in place, "ee.uk". we will break that down in a moment, but my suspicion was instantly raised by the fact that EE would have absolutely no reason at all to send me any sort of bill or invoice. first tip for scam busting, then. if you have no business with the company be suspicious of any message suggetsing that you do.

right, the address. a quite simple confidence trick, which relies on our westerner eyes reading from left to right to be a success. yes, there is the "https" certificate which means it is a secure site, and yes, there is says "ee.uk". so, surely this means that all is legit and correct?

no. whereas you should not transmit any financial or personal data over any website which does not have the "https" security in place, please don't think that having "https" in a web address automatically makes it safe and legitimate. all it means is that they have paid for the security certificate settings. literally any website can have it bought and installed; there are no checks to make sure the website using it is legal or real.

so, the address. the actual website you are visiting is always the one before the last domain in the address. the domain part is the .com, or .co.uk, or .uk, or .net or similar. anything that looks like a domain before the last one is a sub-domain, basically an extra page on the website.

when we read this address from left to right, the con artists want us to just read "ee.uk" and assume it is real, clicking on it and handing over bank details. in reality, the website being visited above is "billing05.com".



above is the registration details for this "billing05.com" website, taken from who.is, an excellent and useful tool to look up the details behind any website.

it would appear that this "billing05.com" only came into existence on the day they started sending out text messages warning people about a "problem with their account".



other than being a dutch, or if you like Netherlands registered website domain name, as you can see in the above whoever has registered this site has gone to great lengths to keep their business details all private. which would be a very strange thing to do for a company like EE.

should you ever get a message - be it an email, a phone call or a text message - suggesting that there is a problem with your account or asking for money, double check it, quadruple check it or just triple check it. there is no harm or shame in asking - if you don't know then ask.

this blog of mine is an advert free, not for profit, i do not make a single penny from it thing. i just try to provide stuff that's amusing, or passes the time of day, or might help someone. the latter is the case here. if you think you might now of people who will find this information helpful in avoiding being scammed, please share it.



be excellent to each other!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!





No comments:

Post a Comment