Actions
Forum Thread Details
  • Replies 8 replies
  • Subscribers 527 subscribers
  • Views 2722 views
  • Users 0 members are here
Related

Targeted Phishing Attempt using Newark

colporteur

I suggest members be extra vigilant when responding to emails from sites that they may be familiar with.

I received a targeted email today masquerading as the Newark's orders department. It contained my name and indicated an order I have placed was on hold pending credit card finalization. The email asked to call a phone number or respond to the email address. I have no pending Newark order but I was filling my shopping cart recently in preparation for an order. The email was not from Newark. The email header provides the following Return-Path: <SRS0=uq+S=DG=newark.com=creditcardissues@srszone.org>.

Targeted phishing emails have an increase likelihood that a person will fall victim. Targeted emails have specific details that can lower a persons defences leading them to believe the message is real. I implemented and managed a security platform that distributed targeted email as part of a company security awareness program. The emails where tailored to train people on how to identifying suspicious emails. I'm not sure where the details to target me originated. Being an E14 Community member there is a high probability I would use the vendor resources that support the site.

Clicking on resources contained in emails with out some diligence, is like dragging your genitals through a third world sewer. At some point you will catch something.

Parents

  • Interesting to hear about that! (And glad you caught it!)

    I follow a couple of "scam baiters." They are people who call/email obvious scams to draw-out information about them.

    An exceptionally popular scam right now is known as the "Refund Scam." A spam email goes out saying you have placed an order on Amazon or are due for a (anti-virus/tech support) service renewal. Both are fake, obviously. The scammer walks the victim through a remote desktop connection, has the victim log into their bank, hides the screen, and the scammer edits the HTML to appear too much money was transferred to the victim's account. (Then they either want the victim to get cash to take to a Bitcoin ATM or send them gift cards.)

    A newer and more dangerous variation is the "Paypal Invoice" scam. Now scammers use PayPal (and Stripe) to generate "legitimate" invoices from compromised accounts. These invoices come FROM Paypal (or Stripe). BUT. The subject line and body of the invoice say to call a number if this was a mistake. (They're using Unicode characters to skirt around automated checks.)

    So if any interaction starts to sound or look like that, hang up immediately.

    I am surprised to see services like Newark (or TEquipment) being used similarly. They seem so niche compared to the more common Amazon, Microsoft, Geek Squad, and Paypal vectors scammers typically use.

    But as  says, you have to stay vigilant. Always, always, check the headers!

  • in reply to baldengineer

    If I get an email that contains an attached invoice. I never open the files or click the links. I used the invoice number to check. If the number is from UPS, I search and find UPS site without assistance. If the post office I do the same. I then use the number to confirm if the item exists.

    In this case I had been putting together a cart at Newark a few days before and thought maybe I might have hit purchase. Using my own known good links for Newark I went to the site and checked. Nothing!

    What surprised me was the focus of the email. The details could get you to drop your guard. I was considering calling the phone number of sending an email but that might just be a ploy to legitimise a collection of emails they have. Hey this is a real email, someone called. I do enjoy screwing with the bast***s just the same.

Reply
  • in reply to baldengineer

    If I get an email that contains an attached invoice. I never open the files or click the links. I used the invoice number to check. If the number is from UPS, I search and find UPS site without assistance. If the post office I do the same. I then use the number to confirm if the item exists.

    In this case I had been putting together a cart at Newark a few days before and thought maybe I might have hit purchase. Using my own known good links for Newark I went to the site and checked. Nothing!

    What surprised me was the focus of the email. The details could get you to drop your guard. I was considering calling the phone number of sending an email but that might just be a ploy to legitimise a collection of emails they have. Hey this is a real email, someone called. I do enjoy screwing with the bast***s just the same.

Children
No Data