Nothing unusual, standard type of 'we have barred your account pending input of your security and account details.....etc' Normally these are picked up by Yahoo and immediately go to the SPAM folder. It did however contain an apparent clickable link to a genuine natwest.com site.
This one however got into my inbox and opened during a distracted moment. No clicking on any of the links etc. However I manually marked as SPAM. When it was in my SPAM box I examined the underlying code which is very large, and discovered that contained embedded in the code is a large number of details of people from my contacts list.
The questions are,
1. presumably this info is only harvested in the event that you click a link -yes or no. 2.How does a an email that appears in your inbox collect the information?
I do not use NW for online banking but the mail is, I suspect,good enough to fool a lot of people.
I have posted here to ensure maximum visibilty - mods may like to move later to computing?
|
"……… a large number of details of people from my contacts list."
Would these have been gleaned from the contact list of the person from whom it had originated; there could well be an overlap of contacts?
|
It is even nastier than I thought.
It produces a spurious Yahoo message - Loading slower than normal with a click here to reload.. I think that I probably did that although it would not have been a manual login.
Time to to do a full scan I think and change passwords from another machine!
|
Having changed all my valuable passwords I have now further examined the source code of the SPAM mail on a separate machine physically isolated from the router and broadband connection.
It appears to contain a data log associated with both mails received and sent from my email account on the BTYahoo webmail page. My earlier refence to Yahoo system message, it appears to be a copy what was actually received rather than a spoof screen.
My html skills are limited to that necessary to modify web pages, I can not interpret what the page is attempting to do.
Anybody willing to receive a copy on a sandbox machine to interpret what this mail is trying to do?
|
NatWest Scam mail - warning - Haywain
