Internet fraud again

[SailorBill]

The answer to poor security on Windows is Ubuntu. Seriously - give it a try. Two of my three PCs run nothing else. No viruses, no malware, faster...

Cheers
Patrick

I agree with that. Ubuntu 12.04 was released a few days ago and is noticeably faster than 11.10 (and that was faster than windows vista). As you say, no viruses and no malware. My laptop is set up to dual boot vista and ubuntu but I haven't booted into vista for ages. One day I will get rid of it altogether and reclaim the disk space.

To those who haven't tried it, you can download ubuntu and run it from a CD (or USB stick) without installing it - try before you buy. Except it's free If you like it then you can install it and set it to dual boot - windows and ubuntu installed at the same time. As you can tell, I like it!

 

[VicS]

Vic....This could have actually been quite genuine. It seems that the banks introduce a higher level of security verification if used for internet transactions. SOmetimes this Verification process is triggered the first time you use the card for an Internet transaction.

This happened to me when using a terminal in John Lewis to buy something through John Lewis online. I was horrified at the way Santander threw up a most amateurish web page wich gave me a difficult to remember user name and requested a password etc before the transaction could continue.

The RBS system wasn t much better! Once this system is validated it pops up at most internat transactions and asks for three specific characters from the password. There is usually an attached web site where the user name and password allow you to view internet transactions on that card. Both RBS and Santender have such sites.

I though at first that is might have been genuine but the incorrect name ( I'm not Irene McKechnie) and the word "effected" were pretty good clues that it probably was not. There were also several changes in font in the original.

I should have hovered over the link to the form... that would pretty well have settled the matter.
When I saw the questions on the form I realised it was not likely to be genuine. I'd have let the order fail rather than answer them.

On the order confirmation Damart say

Be Safe Online:
Damart will never ask for payment details by email. Please do not respond to any emails asking you to fill in payment details to complete your order.

Never open an attachment or click a link in an email asking for further information - even if it looks like a genuine request. If you receive anything purporting to be from Damart, please contact us immediately
​

I am used to the Extra security thing that is usually asked for with on line Visa card transactions. In fact I'd already been through that as part of the ordering process.

 

[VicS]

And this is the text of the email have subsequently received from Damart

Thank you for your notification regarding the email you have received.

Firstly, please be assured that Damart will never ask for payment card information by email. Do not respond to the email you have received or complete any information that you are asked for. If you have completed the form on the email you have received, then please alert your bank or card issuer immediately and get them to cancel your payment card to prevent any mis-use. If possible, please send a copy of the email to us to take a look at.

In the few previous cases we have heard about, customers reported instances of malware on their home computers, which we believe is being used to cause the emails. We recommend completing a full virus scan of your PC, and also downloading "Malwarebytes" which is free and recommended by our own technical team. Any feedback on the results of this would be most helpful, and give us some more information which can help to prevent further instances.

We are taking this issue very seriously, and have had regular security scans of all our networks and our websites by external security experts who have found no issues. We are also in contact with the relevant authorities to try to get any illegal websites regarding this closed down. Throughout all this, please be assured your information at Damart is completely safe.

Should you have any further questions on this matter, do not hesitate to contact us.



Kind regards,
Adele

The Damart Team


​

 

[Bilgediver]

I though at first that is might have been genuine but the incorrect name ( I'm not Irene McKechnie) and the word "effected" were pretty good clues that it probably was not. There were also several changes in font in the original.
.

I thought Irene McKechnie might have been your wife.

 

[DaveS]

And this is the text of the email have subsequently received from Damart

Thank you for your notification regarding the email you have received.

Firstly, please be assured that Damart will never ask for payment card information by email. Do not respond to the email you have received or complete any information that you are asked for. If you have completed the form on the email you have received, then please alert your bank or card issuer immediately and get them to cancel your payment card to prevent any mis-use. If possible, please send a copy of the email to us to take a look at.

In the few previous cases we have heard about, customers reported instances of malware on their home computers, which we believe is being used to cause the emails. We recommend completing a full virus scan of your PC, and also downloading "Malwarebytes" which is free and recommended by our own technical team. Any feedback on the results of this would be most helpful, and give us some more information which can help to prevent further instances.

We are taking this issue very seriously, and have had regular security scans of all our networks and our websites by external security experts who have found no issues. We are also in contact with the relevant authorities to try to get any illegal websites regarding this closed down. Throughout all this, please be assured your information at Damart is completely safe.

Should you have any further questions on this matter, do not hesitate to contact us.



Kind regards,
Adele

The Damart Team


​

It's a while since I bought from Damart. but has Alison Dale (warmly yours) now gone?

 

[dunedin]

The RBS system wasn t much better! Once this system is validated it pops up at most internat transactions and asks for three specific characters from the password. There is usually an attached web site where the user name and password allow you to view internet transactions on that card. Both RBS and Santender have such sites.

The OP email sounds very different from the RBS (and presumably NatWest) verification you refer to. IMHO the RBS one is actually provided by the card networks - either MasterCard SecureCode or Verified by Visa. This kicks in instantly during the actual online payment process. Depending on which card type you have, MasterCard or Visa, google this to see screens.

 

[Poignard]

Trusteer rapport - the work of the devil

The prob with Rapport is that, allegedly, it slows down machines. I get peeps coming in saying that their machines are running slow, they all have Rapport on them. See here http://www.pcpro.co.uk/realworld/359617/is-hsbcs-security-software-more-trouble-than-its-worth
Stu

I have been having loads of trouble trying to access my bank online from my PC. After finding the site and entering my account number and sort code I could not go any further and neither could I access any other internet sites until I restarted the PC.

But I had no such problems accessing my bank from my laptop.

Eventually, after hours wasted messing about uninstalling/reinstalling browsers, I noticed that my bank kept offering me Trusteer Rapport on the laptop but not on the PC and I found that TR had been installed on the PC without my being aware of it. Uninstalling it has cured the problem.

ps Usually it's me seeking computer advice on here so I am highly chuffed at having sorted out a problem for myself! I think I'll reward myself with a fried egg sandwich.

 

[ianj99]

And this is the text of the email have subsequently received from Damart

Thank you for your notification regarding the email you have received.

Firstly, please be assured that Damart will never ask for payment card information by email. Do not respond to the email you have received or complete any information that you are asked for. If you have completed the form on the email you have received, then please alert your bank or card issuer immediately and get them to cancel your payment card to prevent any mis-use. If possible, please send a copy of the email to us to take a look at.

In the few previous cases we have heard about, customers reported instances of malware on their home computers, which we believe is being used to cause the emails. We recommend completing a full virus scan of your PC, and also downloading "Malwarebytes" which is free and recommended by our own technical team. Any feedback on the results of this would be most helpful, and give us some more information which can help to prevent further instances.

We are taking this issue very seriously, and have had regular security scans of all our networks and our websites by external security experts who have found no issues. We are also in contact with the relevant authorities to try to get any illegal websites regarding this closed down. Throughout all this, please be assured your information at Damart is completely safe.

Should you have any further questions on this matter, do not hesitate to contact us.

​

If your pc is clean, then its Damart who have the problem and need to beef up their security. I doubt they would pass a PCI DSS audit.

Was the transaction done entirely on their site, or were you taken to Sagepay to enter your card details? (the former I'm guessing)?

Much as I dislike Paypal, I've come to the conclusion that its probably a safer way of paying online.

 

[nigelmercier]

The answer to poor security on Windows is Ubuntu. Seriously - give it a try. Two of my three PCs run nothing else. No viruses, no malware, faster...

Yawn. Another propeller head saying Linux is secure, yak yak yak...

How would Linux prevent someone from clicking the link and entering their card details?

 

[lenseman]

Yawn. Another propeller head saying Linux is secure, yak yak yak...

. . . . .

Come on Nigel, you must remember some people are much more clever that you!

 

[Sybarite]

Yesterday we ordered a couple of items from Damart on line

After the usual confirmation email we also received the following apparently from Damart.

Dear Irene McKechnie,
We are writing with regard to a recent order you placed with us; (2012-04-29 21:29:45).
We have received a query from our payment merchant (Sagepay) requesting that your transaction is to be verified before we can complete our payment process.


From now on, to protect our customers as well as our own personal information and to prevent fraudulent activity which isagainst The Fraud Act 2006, we require your immediate response to complete and submit our verification form.


Please click HERE to view the form.


Once your details have been reviewed by our payment merchant, your order will become successfully verified, processed and dispatched as planned.


Sincere apologies for any inconvenience this may have caused,


Please Note; If you fail to comply with this security procedure your order will be effected.
Kind Regards,

- Carol Heyman
Senior Sales Director, Damart.


​

The incorrect name puzzled me but the alarm bells did not ring loudly enough to stop me looking at the form mentioned

The form requested all our credit card/bank account details

Hovering over the return address revealed it was not Damart's

Fortunately I'm not totally stupid but I came close to falling for it.
Although they do warn customers to be alert for such things.

Ive sent the details off to Damart


What did I order you want to know...... A pair of "Welly clogs" and a rubber mat to go outside the back door.

I think Damart's methods are close enough to piratery as it is!

 

[Lakesailor]

I think this is an 8 month old thread.

 

[SailorBill]

Yawn. Another propeller head saying Linux is secure, yak yak yak...

How would Linux prevent someone from clicking the link and entering their card details?

Just like Windows, a Linux machine can have Intel on the inside and an idiot on the outside.

 

[oldharry]

I almost got caught by one of these a few months ago. I'd had a discussion over the phone with AOL over an unclear bill which was resolved amicably. An hour later an email, allegedly from AOL, arrived confirming that my billing was to be adjusted and that they just needed some additional information... The coincidence of timing was such that I very nearly fell for it.

I have had that with AOL too. Within 15 minutes of updating payment details, i was being 'phished' demanding re-entering of the card details.

AOL werent interested. Didnt even bother to reply when i forwarded it to them. The PC came up clean on several different scans, and had no other problems like that, so the leak was almost certainly elsewhere.

 

[Niander]

I hate the paypal or ebay phishing e mails
We all have to be very carefull!

 

[nigelmercier]

Mrs Nige bought some airline tickets a few days ago, since them she has had three junk emails claiming to be related to our foreign travel.

 

[Seajet]

This week I received a mail 'from' Natwest Online, asking me to give all my login and card details...

It had all the correct logo's etc and looked real, but Natwest have said they will never ask for card stuff in this manner.

I phoned Natwest - 08457 888444 - and they confirmed it was indeed a scam, and asked me to forward it to their scammery dept, ' phishing@natwest.com ' so at least they were interested.

Usually with such scams it's for a bank I have nothing to do with, so rather easy to spot.