A Member of the Neighbourhood Watch has received a phishing scam by email (copied below) relating to a false Fixed Penalty / Parking Charge Notices being issued against them.
Cyber criminals made contact with our Member by email and used a phishing technique to try and obtain money from him.
Phishing is where Cyber criminals use fake messages as bait to lure you into clicking on the links within their scam email or text message, or to give away sensitive information (such as bank details). These messages may look like the real thing but are malicious. Once clicked, you may be sent to a non secure website which could download viruses onto your computer, or steal your passwords.
The email purports to be from HM Courts and Tribunal Service and tries to infer that our Member had been charged for using a vehicle in what they call a “charging area”.
There are three main things that identify this email to be fraudulent:
-Email Address: This is the strongest evidence that this email is fraudulent but it is not the most obvious. Whilst the display name of the sender shows as from HM Courts and Tribunals Service the actual email address is very different.
-No Vehicle Details: Legitimate parking enforcement companies contact DVLA to obtain registered keeper detail of vehicles using the Registration, Make and Model of your vehicle. They are only provided with a name and address and not email addresses or telephone numbers. If you had genuinely been issued a Fixed Penalty or a Parking charge Notice you would be contacted by post. If your vehicle has been parked in an area it shouldn’t the details of your vehicle will be recorded manually or by some form of electronic monitoring equipment.
-Location: The location for the alleged offence. The only information provided about the alleged offence is that it occurred in the United Kingdom. Legitimate Parking Companies or Law Enforcement would state the exact location, date and time.
Our Member correctly concluded that the message was a scam and deleted the message. Searching the internet for reports of similar scam attempts he sent us a warning issued by Humberside Police reporting that the same email had very recently been sent to others. We have used that information in the preparation of this report together with a copy of the email (screenshot).
If you have received an email which you are not quite sure about let us know, you might also forward it to the Suspicious Email Reporting Service (SERS): firstname.lastname@example.org
Your report of a phishing email will help protect more people from being affected.
The National Cyber Security Centre (NCSC) will analyse the suspect email and any websites it links to. They’ll use any additional information you have provided to look for and monitor suspicious activity.
If they discover activity that they believe is malicious, they may:
-Seek to block the address the email came from, so it can no longer send emails
-Work with hosting companies to remove links to malicious websites
-Raise awareness of commonly reported suspicious emails and methods used.
Whilst the NCSC is unable to inform you of the outcome of its review, they can confirm that they do act upon every message received.