Fraud & Cyber Alerts
“Greater Manchester Police” Phishing Alert
The NFIB have identified that Fraudsters are sending out a high number of phishing emails to email addresses connected to businesses in the United Kingdom. Please see the information below this worrying example of this type of Phishing attack. This is the second example in a week of fraudsters assuming the identity of a UK Police Force in an attempt to have victims click on a link within the e-mail, which will allow banking malware onto their computer or smart phone. Please take head of the warning and advice.
The information contained within this alert is based on a high number of reports recently received by Action Fraud. The purpose of this alert is to increase awareness of this campaign currently in circulation. The campaign’s key target appears to be businesses in the United Kingdom. Its primary function appears to be distributing Banking Trojan malware, through a malicious link embedded within the email.
The alert is aimed at businesses, members of the public as well as government and public organisations.
Fraudsters are sending out a high number of phishing emails to email addresses connected to businesses in the United Kingdom, with the message subject heading ‘Notice of Intended Prosecution’ and ‘NIP – Notice Number’ followed by a combination of letters and numbers. The emails purport to come from the Greater Manchester Police.
It is believed that the URL hidden behind the line ‘Check The Photographic Evidence’ delivers the GOZI/ISFP Banking Trojan which is involved in stealing online banking login details from victims.
PROTECTION / PREVENTION ADVICE
Having up-to-date virus protection is essential; however it will not always prevent you from becoming infected.
Please consider the following actions:
· Don’t click on links or open any attachments you receive in unsolicited emails or SMS
messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication. Information on how to locate email headers can be found at https://mxtoolbox.com/Public/Content/EmailHeaders/
· Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
· Most anti-virus software contains an ‘anti-spyware’ scan which may be able to detect key loggers. If your current software does not offer this function, consider installing software which does - both free and paid for anti-spyware is widely available.
· Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to is not left connected to your computer as any malware infection could spread to that device as well.
· If you think your bank details have been compromised, you should immediately contact your bank.
· If you have been affected by this, or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visiting www.actionfraud.police.uk.
· Advice on when it should be reported to PSNI as a ‘Call For Service’ can be found at: https://www.psni.police.uk/crime/fraud/Reporting-Fraud/