Alert - Beware of hoax messages about copying your contact list if you dial a number on your phone

Here's a message I received, it is a hoax (fake, false, not real), let's have a look at it and I'll explain why it and any similar message you might receive is nonsense.

>>>
Very Very Urgent ...*

Please pass this message to your family and friends.

People have been receiving calls from
tel:+375602605281,
tel:+37127913091
tel:+37178565072
tel:+56322553736
tel:+37052529259
tel:+255901130460
or any number starting from +371 +375 *381


These guys only ring once and hang up.
If you call back,bthey can copy your contact list in 3sec and if you have a bank or credit card details on your phone, they can copy that too...

+375 code is for Belarus.
+371 code is for Lativa.
+381 Serbia
+563- Valparaiso
+370- Vilnius
+255- Tanzania
These calls maybe from the ISIS terrorist organization
*Don't answer*
or *Call back.*

Also, Don't Press
#90 or #09
on your Mobile when asked by any caller.

It's a new trick which terrorists use to access your SIM card, make calls at your expense and frame you as a criminal.

Urgently forward this message to as many friends as you can, to stop any intrusion

<<<

Stop!

If you see any message that says "forward this to..." you should STOP! Think about it, is this genuine? How do you know? If you forward nonsense to others are you not just spamming them? Wouldn't it be a good idea to check first? 

Read it carefully

It says it is "very very urgent" and immediately tells you to "pass this message to your family and friends" - no, don't do what they say! 

How can someone who calls you on the phone access the data you have on your phone? The part about dialling a number; how can that be the case that a simple number can provide access to someone remotely? It is unlikely. Think it through, is this probable? Even if you are not sure, don't jump to the assumption that this message must be telling the truth, be sceptical!

The part about "terrorists" is there just to scare you, to reinforce the urgency. It's classic social engineering, be wise to such tactics! 

Again at the end it urges you to send it to others, this is always the biggest warning sign. 

Investigate

After a few seconds on Google I found the following article explaining how this is a hoax:

https://www.hoax-slayer.net/mobile-phone-misinformation-xalan-and-90-hoax/

Yes this Hoax Slayer website is trustworthy and very helpful.

Or if you have an IT department at work, ask them for advice to be sure. 

Where do these messages come from?

Such messages can be found on social media like Facebook, they can be sent through Telegram, Whatsapp or by e-mail. Just because a friend, family member or colleagues sent it, doesn't mean it is true. Remember they just sent it on too. If the message is from a completely unsolicited sender, then that's even more reason to be concerned. Yes, not everything is trustworthy, especially if you find it in the depths of Instagram, Facebook, a chat room, etc.

Chain letters

Before the internet there were chain letters. A letter would arrive on your doorstep. You'd read that you must copy and send the letter on to others. If you do not do this then something bad would happen to you. It was the same as the hoax explained here. It relies on scare tactics to spam everyone and scare others. That's the only purpose, it's disturbing why anyone would start a chain letter of any kind. There are definitely some sad people out there.

Conclusion

Please remember not to forward or copy/paste such messages to your friends and family. No one wants to be spammed or scared. Always take time to review such messages. Perhaps ask a trusted friend before re-posting such a message. Take care out there! 

Alert - Beware Fake UBS Bank e-mails

Please be careful and do NOT click any links or open attachments of any e-mails before reading them carefully first. Here's a good example, it's a fake e-mail that I received recently:

>>>
Subject: Wir haben ein Problem mit Ihrem Konto festgestellt

Hallo!

Einen kurzen Validierungsprozess durch zufhren, um Ihre Rechnungs- und Zahlungsdetails zu ber prfen. Wenn Sie den Validierungsprozess nicht abschlie en, wird Ihre UBS-Mitgliedschaft gesperrt.

Wir unternehmen alle notwendigen Schritte, um unsere Nutzer automatisch zu validieren. In diesem Fall konnten wir leider Ihre Daten nicht best tigen.

Der Vorgang wird nur ein paar Minuten dauern und es uns erm glichen, unseren hohen Standard der Kontosicherheit beizubehalten.

UBS 1998-2018
<<<


Here's the same text translated to English using Google Translate:

>>>
Subject: We have detected a problem with your account

Hello!

Perform a short validation process to verify your billing and payment details. If you do not complete the validation process, your UBS membership will be suspended.

We take all necessary steps to automatically validate our users. In this case, unfortunately we could not confirm your data.

The process will take only a few minutes and will allow us to maintain our high standard of account security.

<<<


A screen shot of the original message:

If you open an e-mail like this the first thing to do is STOP!
Do *not* open any attachments (I didn't have one on the e-mail I received but this is general advice)
Do *not* click any links (especially that big red one!). First read the e-mail a few times:

• Look at the sender e-mail address, this is the biggest giveaway that this must be a fake. There's an obvious mistake in the name, it says "USB" and not "UBS" (presuming it's pretending to be the Swiss bank UBS. The e-mail address itself, it has nothing to do with UBS!
• The message is in German, the language you communicate with your bank with is determined by your personal settings/configuration with your bank. Does this language match your selection? If not, it is suspect immediately.
• Do you bank with this particular bank? If not then of course this is obviously fake.
• What are those strange question marks? It looks weird.
• Does it look anything like the usual communication from your bank? In the example above it looks amateurish. The UBS logo is missing for example. Even if the logo is there, does it look normal? Question everything!
• Typically banks are very careful with how they communicate with you. Always be wary of any e-mail that says it's from your bank, ask yourself if this makes sense or not - if ever in doubt contact your bank directly by phone before clicking anything!

Conclusion
Please delete such e-mails.Remember to always think before clicking any link or opening attachments. Always look at the from e-mail address first, it's usually a quick giveaway that this is a dodgy e-mail.

Block such e-mails and report them if your e-mail software allows. If you receive such a mail at work, contact your service/help desk and request they add it to their black list.

Be careful out there!

Also, the following is an interesting case of a fake DHL e-mail:
https://mgxp.blogspot.com/2017/08/malware-alert-beware-fake-dhl-e-mails.html

Alert - SMS Lotto Gewinnspiel

There are a lot of scams around these days, most come in via e-mail but the following is one I received by SMS. Here it is together with an explanation:

+447484732319 Congratulations! You have won 2,000,000. WIN No:HNNSY-251-4577509. Email: lotto.gewinnspiel@gmail.com Now Claim Your winnings.

It says I've won a lot of money and without thinking I wonder how I can get my hands on the cash! 

STOP!!!

Don't click anything! 

It looks a bit fishy doesn't it!?! 

Look carefully at the above screen shot and you'll see:

• The mobile number it came from is a UK number (+44)
• The prize is in euros, not pounds
• The email address is lotto.gewinnspiel@gmail.com - the word "gewinnspiel" is German, I looked it up in Google Translator and it means "contest"
• I didn't enter a lottery! 
• I didn't enter a lottery where I gave my mobile number!

If you put the above observations together you can see there is no way this can be true. It is a scam! Why is it from a UK number but there's a German word in the e-mail address? Why am I being sent this, I didn't enter a lottery. If I have recently entered any lottery, did I give my mobile number, if not then how did they send this SMS to me? Wouldn't they send me an e-mail perhaps?

Think carefully when you receive e-mails or SMS text messages like this one. If the information is not consistent, if you didn't sign up for something or enter a competition, or if it's just too good to be true - it's very likely to be a scam! 

Delete such messages and stay safe!

Reference

For a very detailed look at a similar scam please see the following link:

https://blog.avast.com/2013/09/10/congrats-your-mobile-number-was-selected-as-a-winner-of-l-2000000-00/   [Last accessed August 2016]

The above page is on the AVAST website. AVAST are an established and well known anti-malware company.