I received this scam email last week. It was so clever, I thought it worthy of a blog post.

I've included a screenshot of the email. So let's analyse it.

1. The subject is designed to create an emotion and urgency (Oh ****, someones hacked my HMRC account, I better do something quick).

2. The first word of the subject isn't capitalised. Those that don't pick up on this, are more likely to fall for the scam. It's a deliberate filter.

3. If you look at the details of the sending account (circled), it's not coming from a government domain. That's a big clue. The domain is registered to a UK based company so I'm guessing their email has been hacked.

4. If you hover over the "log in" hyperlink (circled) it's also not a government website (it's claiming to be an educational site in Poland), and if you followed the link it's running some php code.

I'm sure this scam will have caught out quite a few people.

The point of this post is; never click on web links in emails without checking the senders email first, and checking the destination URL by hovering over it.

 
Chris Moody
#TheAntiVirusGuy - Keeping your computers virus free 
#ThePasswordGuy – Making online passwords easy
 
-- 
Mobile:          07852 159092
WhatsApp:   07852 159092
 
A bit of info about me:

💻 Helping Entrepreneurs, the Self Employed Sole Traders and Small Businesses  manage their online passwords and keep their computers virus free

💻 Really good Anti Virus (SentinelOne £16 or ESET £8)

💻 Secure Data Backup

💻 Fixing the pain of remembering passwords

💻 #MHBuzz Ambassador