Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Fraud scam email sent with full address on it  (Read 1138 times)

insidejob

  • Member
  • **
  • Posts: 54
Fraud scam email sent with full address on it
« on: April 03, 2017, 10:09:24 PM »

Today I checked my emails as normal and other than what I normal get I didn't expect anything else but got an email with an attachment, encryption I think that errors when trying to open and in plain text this person or fraudster shows my full address and my name.

I thought, how the hell did they get that. Now I am very careful and have not had an email like this at all from my past. I believe this may be something to do with my locations showing from plusnet and thats how they got it. I believe this is some sort of scam. So watch out if you get an email with some word attachment and with you full address in the main email.

Apparently from someone called Ron and heather who I dont know Lol.

I cant post all of the text about this email as it has my email and personal info but says this.


Quote
X-RG-Spam: Suspect
X-Junkmail-Premium-Raw: score=82/83,refid=2.7.2:2017.4.3.144215:17:82.491,ip=,rules=__HAS_FROM,
 __FRAUD_WEBMAIL_FROM, __HAS_X_MAILER, WEBMAIL_XMAILER, __HAS_MSGID,
 __SANE_MSGID, __MIME_VERSION, __TO_MALFORMED_2, __TO_NAME,
 __TO_NAME_DIFF_FROM_ACC, __CT, __CTYPE_HAS_BOUNDARY, __CTYPE_MULTIPART,
 __CTYPE_MULTIPART_MIXED, __MIME_TEXT_P2, __HAS_ATTACHMENT1, __DOC_ATTACHED1,
 __DOC_ATTACHED2, __STOCK_PHRASE_24, __PHISH_SPEAR_PASSWORD_1,
 __FRAUD_CONTACT_NAME, __FRAUD_CONTACT_ADDY, __NO_HTML_TAG_RAW,
 BODY_SIZE_10000_PLUS, __HAS_ATTACHMENT2, BODYTEXTP_SIZE_400_LESS,
 BODYTEXTP_SIZE_3000_LESS, __MIME_TEXT_P1, HTML_00_01, HTML_00_10,
 __FRAUD_WEBMAIL, WEBMAIL_SOURCE, __TO_REAL_NAMES, __HAS_ATTACHMENT,
 NO_URI_FOUND, NO_CTA_URI_FOUND, __PHISH_SPEAR_STRUCTURE_1, __MIME_TEXT_P,
 NO_URI_HTTPS, DOC_ATTACHED, OFFICE_ATTACHED,
 KNOWN_SCAM_CAMPAIGN[scam/mal-doc-encrypt-contract]
X-Authentication-Info: Submitted using ID ronandheather@bigpond.com
Received: from localhost (93.81.10.164) by smtp.telstra.com (9.0.019.11-1) (authenticated as ronandheather@bigpond.com)

So watch out encase this affects more people.
« Last Edit: April 03, 2017, 10:16:27 PM by insidejob »
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 30244
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Fraud scam email sent with full address on it
« Reply #1 on: April 17, 2017, 01:24:31 PM »

I had an interesting one last week


Quote
Hello Kitz!

I am disturbing you for a very urgent matter. Though you don't know me, but I have considerable ammount of individual info concerning you. The matter is that, most likely mistakenly, the information of your account has been emailed to me.
For example, your address is:

xxxxxxxx
xxxxxxx
Lincs



I am a law-obedient citizen, so I decided to private data may have been hacked. I pinned the file - Bagley.dot that I received, that you could examine what info has become available for deceivers. Document password is 6435

Best regards



Interestingly the address is real and although its not mine, it appears that someone called Kitz Bagley lived at the address quoted in the email until fairly recently linky.

I did a bit of digging and came up with this from Naked security - The scam that knows your name and address.


There's speculation on some forums such as MSE that the information may have come from the ebay data breach that happened a few years ago.  Several people have said the email address it was sent to had only been used for eBay.    If it was the ebay database hack it would explain how they have your address.

The email address it was sent to me on is not the one I use for my own ebay account..... but within the last year I have been aware of the very same Kitz Bagley because I received other mail to that account meant for him.   He may possibly have a similar email address but with a slightly different domain extension.  Note how the attachment was named Bagley.dot, so it was actually intended for Kitz Bagley
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

insidejob

  • Member
  • **
  • Posts: 54
Re: Fraud scam email sent with full address on it
« Reply #2 on: April 20, 2017, 01:12:58 PM »

Hi Kitz. :)

I think you are most likely right in what you say. The email address that scam email were sent to, were used on ebay. I didn't think I would get caught up in that eBay hack.

Just shows you no matter how hard you try and stop your data getting into the wrong hands, that we all rely on company's like eBay, to make sure our data is protected and safe. You can't even trust the company's these days though to do just that.

Now some should understand exactly why I dont want my location data being shown. :)
« Last Edit: April 20, 2017, 10:22:44 PM by insidejob »
Logged

NEXUS2345

  • Reg Member
  • ***
  • Posts: 226
Re: Fraud scam email sent with full address on it
« Reply #3 on: April 20, 2017, 06:56:32 PM »

If you want to know what breaches your email is in, this site contains quite a few large ones: https://haveibeenpwned.com/

The site is run by an Aussie security researcher called Troy Hunt. Great guy, his blog is a good read if you have the time. He compiles these from breached databases that are sent to him. He only puts email addresses onto the database for his site, so there is no other sensitive info that he publishes. He also gives a run down of what data was taken in each breach.
Logged
Zen ADSL2+ | HG612 + TP-Link C2600 | Awaiting FTTC (build in progress)

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1229
Re: Fraud scam email sent with full address on it
« Reply #4 on: April 24, 2017, 12:37:37 PM »

I remember this address and email thing happened 1 or 2 years ago too.

I think it was down to some kind of breach. I can't remember which, I think ebay?

In the one I got it was asking for money.

P.S.

Don't open attachments from people you arent 110% certain of. Most of these nasty viruses, like ransomware, comes through them.
Logged
BT Infinity 2 - HG612 & Asus RT-N66U - ECI Cab
 

anything