Forum Home → Discussion → Access to justice and advice sector issues → Thread
Hacked?
received today an invoice in word that appears to be from LASA - it’s a bit too clever and I wouldn’t want a busy person to regret opening the word document.
Thought maybe it would be good to warn other users?
Invoice # US-9744320621
POD and Invoice Attached, Please process for payment.
Best regards,
Daphne Hall
—————————————————
> Date: Friday, February 07, 2019 16:53
> From: “”
> To: “Daphne Hall”
> Subject: Re: Daphne Hall COMET SIGNS PAYMENT NOTIFICATION ...........
Daphne Hall rosesylvia.ambeba @ ke.wananchi.com
from
[ Edited: 12 Feb 2019 at 02:47 pm by shawn mach ]The Email address @ke.wananchi appears to relate to a business in Kenya.
It could be my fault as the forum is open and on an earlier post i had not censored an email address - didn’t think that would be an issue but as it’s an open forum it does allow anyone viewing to link email addresses to the site.
With a bit of work one could do this anyway but I suppose there are some machines that will do this and it’s making the job easy?
Stupid internet.
Goes to show just how easy this is nowadays. “Busy” people however have no excuse. We’re 19 years into the 21st century and whilst I could forgive my elderly parents a moment of stupidity I’m not sure anyone who’s been working over the past 20 years has much excuse beyond a refusal to engage with the simplest of technologies.
Goes to show just how easy this is nowadays. “Busy” people however have no excuse. We’re 19 years into the 21st century and whilst I could forgive my elderly parents a moment of stupidity I’m not sure anyone who’s been working over the past 20 years has much excuse beyond a refusal to engage with the simplest of technologies.
I was trying to be kind.
Goes to show just how easy this is nowadays. “Busy” people however have no excuse. We’re 19 years into the 21st century and whilst I could forgive my elderly parents a moment of stupidity I’m not sure anyone who’s been working over the past 20 years has much excuse beyond a refusal to engage with the simplest of technologies.
I was trying to be kind.
I’m not :)
Goes to show just how easy this is nowadays. “Busy” people however have no excuse. We’re 19 years into the 21st century and whilst I could forgive my elderly parents a moment of stupidity I’m not sure anyone who’s been working over the past 20 years has much excuse beyond a refusal to engage with the simplest of technologies.
I was trying to be kind.
I’m not :)
You’re pretending - we know you are.
Hi John -
Apologies (and to anyone else who’s received a spoof email) ..... just to confirm that they are spam.
We’ve had a couple of other reports which lead us to understand that it’s not a result of the site being compromised.
However, we’re investigating further and I’ll report back asap.
If anyone else has received a similar email, if they could let me know: https://www.rightsnet.org.uk/contact
Cheers - Shawn
Hi again ... ....
We’ve been doing some work on this and it looks like those affected, who might have received a spam email ostensibly from a Lasa account, are those whose email addresses are on the DWP ‘escalation’ list.
So, actions we’re taking include:
- removing the forum thread where some people had posted their email addresses to be added to the list.
- contacting all those on the list to advise of the possibility of them receiving a spam email; advising that we will never send out an invoice or invoice-related email other than from our ‘rightsnetadmin’ and ‘finance’ accounts; and that if they should receive such an email they should delete it / deal with it as appropriate according to their email security setup.
- migrating the escalation mailing list to the mail software we use to send out our daily email newsletter to provide greater security going forwards.
NB - we’ve also had some reports of people receiving similar emails from an ‘etayler’ account. This is also spam, that member of staff having left Lasa approx 2 years ago and whose account has therefore long since been deleted.
Please share this message with any colleagues you think may be affected ... and, again, apologies if you have received a spam email that looks like it comes from us.
Do contact me if there’s anything we’ve missed here, if you need any more information, or have any questions we can help with.
Cheers - Shawn
Ps - John, I’ve edited your orginal message to remove the email addresses.