Very convincing phishing Companies House scam email doing the rounds

**Maslins** · 28 April 2017, 07:53

Yeah sadly some of these are very good. Especially for things "from" Companies House, as they can readily get so much accurate data as it's publicly available, so with a bit of effort they can make it very plausible.

**MrMarkyMark** · 28 April 2017, 07:54

Originally posted by cojak View Post

I've just received an email reminding me that my accounts need to be posted by a date in the near future.

It was so convincing that I forwarded it to my accountant before noticing the last bit of the 'Reminder' (it's always right after you hit the 'send' button).

The email domain was companyhousei.com

I'm admitting my numptyness here to alert others - I've already had to apologise to my accountant...

Thanks for letting us know Cojak

**BigRed** · 28 April 2017, 08:06

I got that one as well, spotted it straight away (it was in my spam folder though)

**fullyautomatix** · 28 April 2017, 08:28

Okay so how were they trying to exploit you ? Was there a link to pay the tax or somthing?

**WordIsBond** · 28 April 2017, 08:53

Originally posted by fullyautomatix View Post

Okay so how were they trying to exploit you ?

They wanted her to vote Labour. (I'll go hide in General now.)

**TestMangler** · 28 April 2017, 08:59

Originally posted by fullyautomatix View Post

Okay so how were they trying to exploit you ? Was there a link to pay the tax or somthing?

Years ago, when I had a computer shop, I got frauded with an online order. I managed to identify and find the culprit because he had created an online account for my shop. He also used the same password for my shop as he did for everything else.

Hacking/Phishing is not a game of action/reaction. It's a long game of collecting information you shouldn't be able to get hold of. Had Cojak logged in via a link in the phishing email, she'd have given away her email address and a potentially usable password and the fact that she actually has a company registered with companies house. So, could potentially be used for a mobile phone contract as her DOB and home address would then have been easily findable. If she'd been daft enough, she may even have gone on Fudbook and filled in one of these stupid 'What is your porn star name. It's made up of the name of your first pet and your mother's maiden name'. Now, that info couldn't be used for anything, could it ??

Hackers generally aren't after a quicky, even if that's how you happen to think.

**northernladyuk** · 28 April 2017, 09:14

Originally posted by fullyautomatix View Post

Okay so how were they trying to exploit you ? Was there a link to pay the tax or somthing?

It asks for details of contractual Direction and Control, Right of Substitution and Mutuality of Obligation, and it's required for legislative compliance for company registration in the new PSC category. Not sure who is behind the scam but it's signed 'Hector'.

**cojak** · 28 April 2017, 09:15

Originally posted by TestMangler View Post

Years ago, when I had a computer shop, I got frauded with an online order. I managed to identify and find the culprit because he had created an online account for my shop. He also used the same password for my shop as he did for everything else.

Hacking/Phishing is not a game of action/reaction. It's a long game of collecting information you shouldn't be able to get hold of. Had Cojak logged in via a link in the phishing email, she'd have given away her email address and a potentially usable password and the fact that she actually has a company registered with companies house. So, could potentially be used for a mobile phone contract as her DOB and home address would then have been easily findable. If she'd been daft enough, she may even have gone on Fudbook and filled in one of these stupid 'What is your porn star name. It's made up of the name of your first pet and your mother's maiden name'. Now, that info couldn't be used for anything, could it ??

Hackers generally aren't after a quicky, even if that's how you happen to think.

My default is never to click on an email link but to enter the website separately (although there was indeed a link).

I do need to look closely at my spam filter though...

**DaveB** · 28 April 2017, 10:02

Originally posted by TestMangler View Post

Years ago, when I had a computer shop, I got frauded with an online order. I managed to identify and find the culprit because he had created an online account for my shop. He also used the same password for my shop as he did for everything else.

Hacking/Phishing is not a game of action/reaction. It's a long game of collecting information you shouldn't be able to get hold of. Had Cojak logged in via a link in the phishing email, she'd have given away her email address and a potentially usable password and the fact that she actually has a company registered with companies house. So, could potentially be used for a mobile phone contract as her DOB and home address would then have been easily findable. If she'd been daft enough, she may even have gone on Fudbook and filled in one of these stupid 'What is your porn star name. It's made up of the name of your first pet and your mother's maiden name'. Now, that info couldn't be used for anything, could it ??

Hackers generally aren't after a quicky, even if that's how you happen to think.

The payload would have been behind the link in the email, and they are after a quick return because these things get shut down fast. They will try and get as much out of you in one go as they can before the website is blocked and the spam filters catch up.

More than likely the link would have gone to a site that is/was a convincing facsimile of the CH website and been loaded with drive by malware installers. It would collect user ID and password info for CH and almost certainly go on to ask for card/bank details to pay for the "filing". Even if that rings alarm bells, it's already too late.

The hit rate on these things is generally less than 1% but if you send enough of them you only need one or two to be successful to make money on it.

Very convincing phishing Companies House scam email doing the rounds