Wednesday 03 June 2020
Select a region

Phishing attacks try to harvest your details

Phishing attacks try to harvest your details

Tuesday 14 January 2020

Phishing attacks try to harvest your details


Sure has taken action against scammers who sent out a phishing email to locals using its @cwgsy.net emails, by issuing a take down on the site being used to harvest people's details.

The email was posing as a bill from Sure, and was sent to hundreds of cwgsy addresses.

It was sent out last week, and asked customers to click a link to pay the bill, but in reality, the website linked on the email was a scam, and would have been used to harvest people's details, which could then be sold on, and potentially to steal their money. 

Tim Stonebridge, Sure's Chief Security Officer, said there had not been a security leak on Sure's part to enable this most recent phishing attack, but it only took one person to give their details up for an incident like this to occur.

"All you need is to phish one person and you get access to their contacts list, or you scrape their details from online," he said.

"You can even buy catalogues of people's details online for very cheap."

Mr Stonebridge explained that once Sure found out about a phishing attack on its customers, they could issue a takedown request - as they had done in this most recent case - which would get the site people were being directed too shut down. There was little they could do that was not already being done to stop the emails in the first place though.

Screenshot_2020-01-13_at_14.05.38.png

Pictured: The anti-phishing advice issued by Sure. 

Sure is also not being specifically targeted, according to Scott Kenyon, a security architect at the Guernsey-Headquartered telecoms company. He said businesses all around the world like theirs were constantly going to be probed in this way. He also added that once a phishing attack gained some traction, it was likely that more would follow it.

"When we issue a take down the page is normally down within one to two days," Mr Kenyon said. Sure also have some behind the scenes systems to try and prevent the attacks from happening in the first place, but there is only so much they can do.

Mr Stonebridge urged islanders to go to Sure's website and view their advice there. It includes tips on how to spot a scam, for example, it might not address the email to your name, but rather say Dear Sir. Sure also include their customer's account number on every email. 

He advised also advised people were as cautious as they could be with their passwords, particularly as phishing attacks were usually about trying to harvest account details like a password, rather than just getting money. 

Pictured top: Tim Stonebridge, Sure's Chief Security Officer. 

Sign up to newsletter

 

Comments

Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.

There are no comments for this article.

To place a comment please login

You have landed on the Bailiwick Express website, however it appears you are based in . Would you like to stay on the site, or visit the site?