Phone Fraud Hoax

[Manxman27]

It was a hoax last time the email did the rounds it is still a hoax so stop forwarding these things!

 

The story on iomonline says telecom say it is a hoax, thats funny as the email I received this morning the initial forwarder was Bill Osland from Manx Telecom someone should have told him not to forward to to his mates.

 

Phone fraud email is hoax, warns Manx Telecom

 

What type of people forward these things around? Do they honestly think they are helping?

[pongo]

telecom say it is a hoax, thats funny as the email I received this morning the initial forwarder was Bill Osland from Manx Telecom someone should have told him not to forward to to his mates.

 

It says in the newspaper item that the message pretends to be from Manx Telecom. So the "initial forwarder" is probably bogus to make the thing seem more real. No? Bill Osland probably doesn't even exist at Manx Telecom.

 

It's trivial to spoof an email from - address. The header details would give you actual IP address information ? Email is a server - server 3 way handshake iirc - meaning that the originating IP cannot be spoofed (and will almost certainly be a trojan infected Windows machine). It's common afaik for the apparent 1st forwarder to actually be the originating IP - so that at a casual glance the originating IP seems okay.

 

Anyhow - somewhere in the history which the headers reveal will be a discrepancy - that's your actual originating IP.

[mannin]

It says in the newspaper item that the message pretends to be from Manx Telecom. So the "initial forwarder" is probably bogus to make the thing seem more real. No? Bill Osland probably doesn't even exist at Manx Telecom.

 

Bill Osland does work at MT and DID send it out, but it was not sent out as an "official MT" warning.....allegedly!

[BigDave]

I've had this 3 times today as well as multiple times in the past, but at least our users send stuff like this to us first to check if it's genuine.

 

Bit of trivia - The scam does actually work, but not on a normal line or a mobile. It relies on an old transfer call feature code in a now ancient PBX system. #09 or #90 would transfer the call to an open external line, so whoever called could dial any number at the cost of the company they conned.

 

Edit: On one I've seen today, someone stripped off most of the forwarder's addresses leaving the original sender and their signature intact. It's not been made to look like it's come from Manx Telecom, it's been made to look like it originated from a UK police force.

[pongo]

It says in the newspaper item that the message pretends to be from Manx Telecom. So the "initial forwarder" is probably bogus to make the thing seem more real. No? Bill Osland probably doesn't even exist at Manx Telecom.

 

Bill Osland does work at MT and DID send it out, but it was not sent out as an "official MT" warning.....allegedly!

 

Oh OK. Well I bet he feels a bit silly.

 

More trivia: the transcript of episode 79 of Security Now (with Steve Gibson and Leo Laporte) has a very thorough description of how the real original source of an email is always contained in the email (and touches on how the 3 way handshake makes it impossible to spoof an ip address - ETA - when a response is required)

[WTF]

so if the fraud is a hoax, does that mean there is no fraud??

[cussons]

It says in the newspaper item that the message pretends to be from Manx Telecom. So the "initial forwarder" is probably bogus to make the thing seem more real. No? Bill Osland probably doesn't even exist at Manx Telecom.

 

Bill Osland does work at MT and DID send it out, but it was not sent out as an "official MT" warning.....allegedly!

 

Oh OK. Well I bet he feels a bit silly.

 

More trivia: the transcript of episode 79 of Security Now (with Steve Gibson and Leo Laporte) has a very thorough description of how the real original source of an email is always contained in the email (and touches on how the 3 way handshake makes it impossible to spoof an ip address - ETA - when a response is required)

I have pondered that question too, The people that forward these messages believe it to be genuine, despite the fact that they can make phone call or check it online for themselves. If you receive such emails from some one you know it will tell you a thing or two about them.

[BigDave]

What bugs me about all email hoaxes is that if the inofrmation contained within is so critical and purporting to be from legitimate companies, how could anyone believe that those companies would rely on people forwarding emails on to "everyone you know".

 

Some people really need to ask themselves - why hasn't this been on the news if it's so fucking important?

[immortalpuppet]

The only genuine one i have had is off a mate about the Mellisa Virus years ago, all the rest that people send me get a nice reply in 72pt red caps telling them to research before forwarding me guff. Google is not a dirty word or a place in Jurby.

[pongo]

The only genuine one i have had is off a mate about the Mellisa Virus years ago, all the rest that people send me get a nice reply in 72pt red caps telling them to research before forwarding me guff. Google is not a dirty word or a place in Jurby.

 

email should be plain text

[Gavsta]

The only genuine one i have had is off a mate about the Mellisa Virus years ago, all the rest that people send me get a nice reply in 72pt red caps telling them to research before forwarding me guff. Google is not a dirty word or a place in Jurby.

 

email should be plain text

 

Blimy, something we agree on.