| | | Effective PR

phishing

A very suspicious e-mail spoofing email addresses of not one but two banks and appearing to link to a website appearing to relate to an embassy has been received at the offices of The Anti Money Laundering Network. The hook is information on OFAC blacklists. The mail is in HTML format and therefore disguises the destination of links and also enables the placing of in-line graphics. We place regulators, enforcement agencies and those in financial institutions, especially in compliance and risk management, on alert.

The Hong Kong Monetary Authority (HKMA) has issued warnings relating to fake websites and/or phishing attacks on customers of three banks: China Citic, OCBC Wing Hang and Bank of China.

FCRO Subsection: 

Sending server: webmail.123-reg.co.uk
Request for External Wire transfer

CoNet Section: 

IP address: 37.46.124.111
@companieshouse-gov.uk (fake domain.
(free content)

FCRO Subsection: 

Today, the US cyber security office, US-CERT has issued a renewed warning about HIDDEN COBRA which it describes as a "spear phishing" virus.

What does that mean?

CoNet Section: 

The following e-mail addresses are associated with potential phishing or drive-by malware attacks this morning:

davidibe718@gmail.com
J.Ryan@hud.ac.uk

CoNet Section: 

Thanks to all the scammers who make is sooooo easy to send their mails to the bin unread.

But we've been digging around in the spam-trap because sometimes we find things that make us smile.

Here's this week's SPAM AWARDS

A new form of spam-scam has come to our attention. We understand that this has not been widely seen before. Its nature is that it is likely that many receiving the email will click on links.

CoNet Section: 

The USA's Internal Revenue Service has, for some time, been warning corporations of a spam-scam targeting companies. But now, it says, it has evidence that it is spreading into "school districts, tribal organizations and non-profits." and other sectors. But that's not all: the criminals have found a way of hitting the same targets twice.

CoNet Section: 

In recent weeks, we've seen a significant number of spam-scams from a domain that is remarkably similar to an official UK government domain, showing that registrars and hosts are failing to identify obviously fraudulent customers. The fraudulent domain name is close enough to the real thing to fool many targets.

CoNet Section: 

Purported sender: admnsh @ ccu.edu.tw
Standard Bank
Subject Receipt Of Deposit Transaction 6th Of October, 2016
Originating IP address: 140.123.206.217
Attachment: ATTACHMENT...E_NOJS.htm

BIScom Subsection: 

A spam-scam, phishing exercise is circulating and it is unusual in that the purported outgoing e-mail address appears genuine.

BIScom Subsection: 

In the past few hours, a high-volume phishing scam, purporting to be from Bank Negara Malaysia, has hit inboxes. That is it a scam is without doubt: the outgoing addresses are all, in common with many such scams, .edu addresses. They contain a PDF file, BNM.pdf, as an attachment which does not trigger anti-virus warnings when it is delivered to inboxes.

BIScom Subsection: 

A remarkably simple phishing spam may be one of the most successful at gathering debit card data and therefore giving access to bank accounts.

FCRO Subsection: 

Pages

hahagotcha