An overwrought phishing email claiming to be from Tesco offering a free refund is circulating. It says you are due compensation from Tesco ‘because of a system error’ further claims that you made a complaint in-store that ‘something was wrong with a purchased item’ and because of a ‘system error’ you were stopped from receiving a refund.

The mail says your complaint was about one year ago. This is clearly designed to fool the recipient into thinking that perhaps they did make a complaint but have forgotten because it was a year ago.

After a bit of a lengthy ramble the phishing message then says, “What I need from you now is to validate your email address… “ by replying to this email. “Your reply can simply be empty, as long as we can see you replied to this message we can take care of the rest and make sure you get what is rightfully yours.”

WhatsApp Easter egg fraud

A fake message spreading through WhatsApp is using Easter as a hook to get recipients to click through to a website. The message ‘invites’ recipients to take part in a ‘Cadbury FREE Easter Chocolate Basket.’ The message displays an image of a Cadbury’s Easter egg and says there are ‘5.000 free gifts for you.’ Note how 5.000 is spelt out, with what should be a comma replaced by a dot. This suggests the scammers are not native English speakers or their knowledge of written English is poor.

Clues that tell you it’s a scam phishing mail
  • It’s an email you weren’t expecting. It could be a surprise refund, an unexpected bill or a message claiming you’ve won a competition you don’t remember entering.
  • You’re being asked to take urgent action because the scammer wants you to reply to the email. If you’re unsure whether the email is genuine or not, contact the impersonated company using its official contact channels, which can usually be found on its website.
  • You’re being asked for personal or financial details. Most organisations won’t ask for this information to be given over email, and if they do then it’s safer to contact the company directly using an official customer telephone number.
Common phishing mail attack methods

Spear phishing is a targeted phishing attack. The criminals gather data on an individual, whether its their name, company, position, or their phone number, or other information. Much of this data is pulled from social media where information on the target including current workplace and details of their job role, can be gleaned. The attacker uses the information to craft a specific email for their target to trick them into thinking it’s from a brand they know, or someone they know within their organisation.

Account takeover is the most common type of phishing where the attacker takes a list of email addresses and sends fake emails to everyone on the list. This is an extremely common phishing method as it requires little to no research and is more about casting a wide net for a few fish to be caught. You will often see these as generic emails from well-known brands/companies such as Amazon, Google and so on. The links within these emails take the victim to a fake website in an attempt to steal their credentials and or any other information site.

Pharming is a trick cyber crooks are using as increasing number of people become more educated on traditional phishing scams. Pharming is when a website’s traffic is manipulated so that the user hands over their confidential information. Basically, the attacker produces a fake website and redirects the user to it.

Make sure you’re using proven antimalware protection.