Mcr Warrior
Veteran Member
- Joined
- 8 Jan 2009
- Messages
- 12,372
What a faff! But was this a scam, though?
-
Our booking engine at tickets.railforums.co.uk (powered by TrainSplit) helps support the running of the forum with every ticket purchase! Find out more and ask any questions/give us feedback in this thread!
A scam phone calls and emails discussion.
- Thread starter S&CLER
- Start date
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R
RailUK Forums
Ashley Hill
Established Member
I think what is worrying me about my Virgin issue is could someone have tried using my Virgin account? I was told it was probably a mistake by the account department but Virgin would not elaborate further. They were quite unreassuring.
Quite possibly. But it could equally likely be a mistake with an address as something done with malice.
londonbridge
Established Member
- Joined
- 30 Jun 2010
- Messages
- 1,489
That’s the thing, has someone hacked your account or have Virgin got their wires crossed and applied the details of another customer to your account by mistake? In my case it wasn’t a scam, I just mentioned it as a similar experience of the council getting their wires crossed and believing I’d moved when I hadn’t actually done so.
steamybrian
Established Member
Just had a call confirming my name and address as they wanted to check my loft and roof. I said I had recently moved and my new address was ... 24, Leinster Gardens, London W2.
Many of you will know what "building" that is.....!!
Many of you will know what "building" that is.....!!
75A
Established Member
steamybrian
Established Member
75A
Established Member
Thank you.
I knew about the false fronts but had no idea of the location/
Howardh
Established Member
- Joined
- 17 May 2011
- Messages
- 8,338
Noticed on facebook *I've* been sending out spam/scam videos of products. Think there were four or five, anyhow deleted them and it looks like someone's hacked in from Kansas; changing password didn't help as they were apparently permanently logged in, so I found the procedure for logging out of every device including my android devices, changed password again, using two-factor log-in and hopefully whomever it was can't log in again.
If this happens again then I'm done with facebook! It takes some detective work to find the place where all your devices are logged in!
If this happens again then I'm done with facebook! It takes some detective work to find the place where all your devices are logged in!
Last edited:
Mcr Warrior
Veteran Member
- Joined
- 8 Jan 2009
- Messages
- 12,372
Was the message addressed to you by your correct name? Or maybe just 'Dear Subscriber' or some such?
DelW
Established Member
- Joined
- 15 Jan 2015
- Messages
- 3,988
I had an email yesterday claiming to be from Microsoft's "Outlook Team", saying that my Outlook account needed updating or it would be terminated as I "hadn't been responding to [their] messages".
Even on my phone it looked unconvincing as it was very poorly formatted with some grammatical errors. Once I had a chance to look at it in more detail on my laptop, it didn't include my name, it came from a hotmail account, and the "update now" link went to a Google.com address.
I suppose I should be grateful that they're so incompetent.
This month the number of unsolicited telephone calls has significantly increased. I now to come home to find typically two per day logged by CID. One left a message about boiler replacement if more than 15 years old plus in receipt of benefits.
Scammers working to collect funds for Christmas ?
Scammers working to collect funds for Christmas ?
The latter.
Mcr Warrior
Veteran Member
- Joined
- 8 Jan 2009
- Messages
- 12,372
Probably a scam. Probably best to report it as spam and then block the sender.
No 'probably' about it, hence the post here.
d9009alycidon
Member
Now they've allowed the use of other characters for web addresses (designed so the likes of Russia, Greece and Arab countries can have web addresses in their native language) that has opened up the use of characters that look like normal ones but aren't by scammers.
75A
Established Member
Wouldn't have spotted that in a million years.
To be fair, it makes sense to let the majority of the world's languages be equally represented on the Internet. Even western European languages haven't had their full alphabets represented - thinking of things like umlauts and other diacritical marks that aren't included in 7-bit US ASCII.
Of course it's a good idea, would be good for there to be some checking that a web address is not spoofing something else but I guess so many domains are registered each day to make that difficult, could build a database of banned addresses but that would be a lot of work.
4COR
Member
- Joined
- 30 Jan 2019
- Messages
- 476
Turning on two factor authentication is a huge yes. Make sure you also go through all the authorised apps and revoke access.
Jamesrob637
Established Member
- Joined
- 12 Aug 2016
- Messages
- 5,335
My email filters are so strict that some genuine stuff actually lands in Spam. Unfortunately, the reverse happens too, but not as often. Similarly, my phone is set to send any unknown number (not stored in répertoire) to voicemail. As many say, if they're genuine, they'll leave a message. That function is always available on my device.
YorkshireBear
Established Member
- Joined
- 23 Jul 2010
- Messages
- 8,714
New one on me this week, scam email received directly from a hotel through booking.com messaging! Apparently some hotels suffering hacks to their booking.com access.
Yeah. Booking.com haven't admitted that there's a problem but there definitely is one. It's been going on for at least the last three to four months.
Generally the email says that there's been an issue processing the payment and asks the user to re-enter their card details. One property that I know of got hit by it recently and while most guests either ignored it or called the property directly to confirm, at least one person got hit for over £1,000!
Xenophon PCDGS
Veteran Member
Not a case of booking.yeah that their advert claims...
Yes, this has been discussed by the security blogger Graham Cluley. Apparently the hacker makes a legitimate booking with a hotel, then sends them an attachment with additional "special requirements" for that booking. Unfortunately the attachment is booby trapped and installs malware (malicious software) on the hotel's computer, so that when they next log in their booking.com login details are snaffled and that's how the scammers are able to infiltrate the booking.com portal.
Fraudsters target Booking.com customers claiming hotel stay could be cancelled
One of the world’s largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details. How do I know? The fraudsters tried the…
grahamcluley.com
I’m speaking at an event in London in November, and needed to book a hotel room for the night before. I don’t normally use Booking.com for my travel arrangements, but on this occasion I did – and as a result I nearly fell for a scam that could have stolen my credit card details.
The online booking went smoothly as you would expect. But on Friday, two weeks after I made the original booking, I received a notification from the Booking.com smartphone app that I had a new message from the hotel I was planning to stay at.
I looked in the app, and sure enough I had a message from the “hotel”, straight after a legitimate message from the hotel. It also appears on the website version of Booking.com.
Fraudulent message appearing on Booking.com
Note that this wasn’t email spam. This was a message sent via the Booking.com website/app.
Here’s how it looked in the Booking.com smartphone app.
The message told me that my booking may be cancelled due to some credit card issue, and tells me to visit a URL to reconfirm my credit card details.
Clicking on the link took me to a webpage that contained my booking details, but was at a domain (com-id334112.com) that had been created just hours earlier. Sure enough, it asked me to enter my payment card data again.
After over 30 years of working in cybersecurity I like to think that I wouldn’t fall for a scam like this. But I received the notification when I was half-way down a supermarket aisle trying to find some aubergines. I could very easily have clicked on the link in my haste to ensure that I didn’t lose my hotel booking.
I can easily imagine how many Booking.com customers would fall for something like this, regardless of whether they were hunting for the ingredients for ratatouille or not.
I did the right thing. I went home, made a ratatouille, and then investigated how to contact Booking.com’s security team.
Unfortunately, Booking.com doesn’t have a “security.txt” file set up on its website listing how to contact it responsibly when a security issue has been found, which would have made things more straightforward.
Fortunately, colleagues in the security community on Mastodon, Twitter and other sites were able to point me in the right direction.
And so I sent the security team at Booking.com an email with all the details of what I had seen, in the hope that they would look into it and get back to me.
They haven’t responded to my email.
But this evening I (and I suspect other Booking.com customers) received the following email. Let’s take a look at what they say.
(The article continues with further technical detail dissecting the weaknesses in Booking.com's response.)
YorkshireBear
Established Member
- Joined
- 23 Jul 2010
- Messages
- 8,714
Very interesting thank you, needless to say the 12 hours and we will cancel your reservation with a phoney looking booking.com link was enough to put me off!
I'm not convinced that's how it works. The property never gets the guest's email address, they only see a randomised @booking.com address. All messages between the property and the guest go through Booking.com. If Booking.com are still allowing malware infected attachments through after all this time then I have to assume that they're in on it.
At least that's how it works with the property I mentioned above.