ESET Ireland looks at Electric Ireland, Bank of Ireland and “looking for love” scams targeting Irish mailboxes this January.
For years now, Ireland has proven a profitable target for cybercriminals. Which is why they persistently keep coming back for more. Varieties and new forms of phishing scams or infecting links keep finding their way into Irish mailboxes, hoping they’ll be able to con Irish victims into handing over their banking and payment card details or infecting them with ransomware. In January we encountered a few interesting ones.
A well-made and professional looking scam, pretending to come from Electric Ireland (though the email is Swedish) and claiming the recipient received a refund of €98.04.
All that is required to claim the “refund” is to “log in” to their faked Electric Ireland website,
enter your name, card details, expiry date and security code,
and even upload a scan of your photo ID, thus giving the scammers the means to carry out identity theft fraud.
Bank of Ireland
The latest variation abusing the name of Bank of Ireland comes from a Turkish email address and claims “they’re going paperless” and require you to “log in” and “confirm your personal details and email address” (as well as your bank account details, of course).
Looking for love
The last one worth mentioning looks like a romantic letter that reads:
The email contains a link which leads to either a scam site or an infected site, that could infect your computer with drive-by malware. Sorry, Vera, but I don’t think you’re the one for me.
In all the cases above, ESET Ireland recommends recipients do not click on any links in the emails, do not reply to them, but instead flag them as spam and delete them. If you’re unsure, just ring the company or bank in question, and ask if they sent you anything.
by Urban Schrott, ESET Ireland