email support

td123 · ‎27-09-2023

Following the "Refresh Your Account" phishing scam I have now recieved others. These are purporting to be from Barclays and Lloyds Bank - I know it's phishing as I haven't had an account with either for over 10 years. I send it on to phishing@talktalk.co.uk and also report@phishing.gov.uk

My concern, given the number of other tiscali/talktalk account holders who have recieved these scam emails, is how have they got hold of the addresses. Could TalkTalk have suffered a security breach?

Be warned & stay alert!

This is the Lloyds Bank one, the Barclays follows the identical format.

Phishing scam

Gliwmaeden2 · ‎27-09-2023

Some do check from time to time that they have an up to date mobile phone number etc, @Floydoid.

The difference is that you would get the prompt once logged into banking.

Unfortunately people do just sometimes drop their guard or are too tired to think straight.

Gliwmaeden2, a fellow customer.

Floydoid · ‎27-09-2023

This is what's known as the scatter gun approach - by using the more common brand names (in this case banks) and sending mails to hundreds if not thousands of addresses, they know that some recipients will actually have an account with that particular bank, and may panic and fall prey to the scam.

Other commonly spoofed organisations include Amazon, Netflix, eBay, PayPal and Apple - we've probably all received spam messages for those. In short any message asking you to refresh or confirm or update your personal details is total rhubarb. Why would any genuine organisation do that when they have all your details on file anyway? (And naturally if any personal details do change, such as address or phone number or bank details or whatever, we do that anyway via the genuine website.)

"A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools."
- Douglas Adams, Mostly Harmless

td123 · ‎27-09-2023

@Gliwmaeden2

Yeah, I have 2 banks that genuinely have reason to contact me. Both use my name and then either my postcode or a semi-disguised card No. along the lines of " ...ending in *******1234" . In this case I don't have accounts with them so easy to spot as scams but I wonder how many people who DO have accounts with them might fall for it?

Gliwmaeden2 · ‎27-09-2023

Thanks for the heads up, @td123.

They do seem to like using the phrase, "refresh your..." but otherwise the content is fairly plausible.

Banks will usually show our postcode and name, or simply mention to go to a new message in your account however. And any updating of details that really needs to be done must be done from a website that you know to be correct. Never go directly from the email.

Gliwmaeden2, a fellow customer.

Gondola · ‎27-09-2023

Obviously scam messages.

The common factor in the latest phishing emails is that email addresses are on both the Onliner Spambot and Zynga data breach databases. A further indicator that the address has been in the hands of criminals for 5 to 6 years and therefore a prime candidate for spoofing use in phishing emails. In some cases like this the hacked email accounts are being used by Hackers. This should be flagged up by the system allowing TalkTalk Security to shut these hacked accounts down for good.

Gondola Community Star 2017-2024

Like below to appreciate my post . . . Mark as solved Accept as Solution

email support

New phishing scams....