ESET Ireland keep monitoring and informing about the most widespread phishing scams, trying to make victims out of Irish computer users. Here is an overview of the most common ones in in the past month.
Early October was marked by fake Irish Revenue emails, in light of increased advertising of the tax return deadline. ESET Ireland observed several variations of these, but most were along the lines of telling the potential victim they’re eligible for a tax refund, but they must first send all their personal and banking details to the scammers. Some of these emails looked quite convincing, by including all the Irish Tax & Customs visuals, some were even composed as Gaeilge, while others were just in plain text and full of spelling errors, thus quite unlikely to fool anyone.
Then there was the usual bunch of varying banking phishing emails. We’ve received several unsophisticated emails, pretending to be from Bank of Ireland’s 365 Online and claiming there has been unauthorised access to our account there, so we should immediately “re-validate our account”, meaning send our login details to the cybercriminals, or “it will be shut down”. Bank of Ireland is aware of these scams and offers a nice guide on staying safe.
Scammers abusing the name of Permanent TSB and their OPEN24 service put a bit more effort in and equipped the email with appropriate corporate visuals, while they just asked potential victims to “update their contact details, so they can get in touch with them easier”. To do that, one has to visit a forged website and “log in”, again handing over their login information to the bad guys. Permanent TSB’s safety tips can be found here.
Another one pretended to come from Eircom Billing Department and claimed they “were unable to process your last payment of bill”. Poor English aside, the email looked credibly made and included a form in which the victim would have to enter all their personal and credit card details, including their expiry date, security code and phone number.
If you receive any such emails, you are advised to mark any and all such emails as spam and delete them. Make sure you do not reply to them, click links in them or open any attachments, because any interaction with them can have costly consequences.