Spam emails that are currently in circulation and how to report fraudulent emails.
We have recently been made aware of suspicious meeting invites being sent to Audit and Governance Committee members at two of our client health bodies. At first glance the invites appeared to be sent from legitimate sources. On closer inspection the sender’s email address raised suspicions. It has since been confirmed that the emails were not sent by the committee member and are believed to be a scam.
The email address that was used on both occasions was noreply@email.apple.com. Both emails contained numerous links and a calendar attachment, each of which could contain malicious software or viruses. The name used as the sender/person inviting attendance of a committee meeting in each case was that of a genuine committee member.
Unfortunately scams of this sort, where distribution lists are used to send emails containing malicious content, appear to be on the rise. We would always advise against responding to emails that seem unusual / suspicious and further advise never to open links or attachments contained within them.
If you wish to clarify the legitimacy of any similar invites you receive please request this from your usual internal contact responsible for issuing committee invites, using previously known contact details.
If you receive an email that is believed to be a fraudulent email here is a list of email addresses where you should send these emails:
- UPS - fraud@ups.com
- HMRC - phishing@hmrc.gsi.gov.uk
- If you are suffering a live cyber-attack that is in progress, call now on 0300 123 2040 to report, do not report using the online tool. This service is available 24 hours a day, 7 days a week for businesses, charities and organisations. Our advisors are also available 24/7 on web chat if you have any questions.
- phishing@hmrc.gsi.gov.uk
- security.custcon@hmrc.gsi.gov.uk
- Santander bank - phishing@santander.co.uk
- Barclays Bank – internetsecurity@barclays.co.uk
- Lloyds Bank – emailscams@lloydsbanking.com
- RBS Bank – phishing@rbs.co.uk
- TSB Bank – emailscams@tsb.co.uk
- NatWest – phishing@natwest.com
- www.tradingstandards.gov.uk
- Apple – reportphishing@apple.com
- Gmail - https://support.google.com/mail/answer/8253?hl=en
Police have issued advice on how to stay safe online.
Police have not named the business concerned but they have issued the following tips to stay safe online:
Having virus protection is essential, ensure that it is kept up-to-date.
Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can "spoof" an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication.
Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the devices you back up to aren’t left connected to your computer as any malware infection could spread to that too.
The spokesman added: "If you, or anyone you know, have been affected by this fraud or any other scam, report it to Action Fraud by calling 0300 123 2040."