How was October phishing in Ireland?

permanent spam

ESET Ireland keep monitoring and informing about the most widespread phishing scams, trying to make victims out of Irish computer users. Here is an overview of the most common ones in in the past month.

Early October was marked by fake Irish Revenue emails, in light of increased advertising of the tax return deadline. ESET Ireland observed several variations of these, but most were along the lines of telling the potential victim they’re eligible for a tax refund, but they must first send all their personal and banking details to the scammers. Some of these emails looked quite convincing, by including all the Irish Tax & Customs visuals, some were even composed as Gaeilge, while others were just in plain text and full of spelling errors, thus quite unlikely to fool anyone.

Then there was the usual bunch of varying banking phishing emails. We’ve received several unsophisticated emails, pretending to be from Bank of Ireland’s 365 Online and claiming there has been unauthorised access to our account there, so we should immediately “re-validate our account”, meaning send our login details to the cybercriminals, or “it will be shut down”. Bank of Ireland is aware of these scams and offers a nice guide on staying safe.

Scammers abusing the name of Permanent TSB and their OPEN24 service put a bit more effort in and equipped the email with appropriate corporate visuals, while they just asked potential victims to “update their contact details, so they can get in touch with them easier”. To do that, one has to visit a forged website and “log in”, again handing over their login information to the bad guys. Permanent TSB’s safety tips can be found here.

Another one pretended to come from Eircom Billing Department and claimed they “were unable to process your last payment of bill”. Poor English aside, the email looked credibly made and included a form in which the victim would have to enter all their personal and credit card details, including their expiry date, security code and phone number.

If you receive any such emails, you are advised to mark any and all such emails as spam and delete them. Make sure you do not reply to them, click links in them or open any attachments, because any interaction with them can have costly consequences.


One thought on “How was October phishing in Ireland?

  1. anything in November? got one purportedly from B of I (‘show original’ tab in gmail indicated a Spanish email address. Arrived on November 13th. A bit concerned as I subsequently received a suspicious non-phishing email and then had my gmail and IOS hacked through a link on my profile views on an academic website. Wondering still if 365 email was phishing or was more targeted. Do you know anyone who would look at details and tell me if it’s likely to be just another phishing email? It does look as if it was bounced through several servers.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s