I just received this phone call from Officer Dennis Grey (Gray). It came to my smartphone that I only use for apps – I never give anyone the number, I don’t know what it is! Even though, there is always an element of doubt, even for me with my experience of reading 30,000 scams.
Plenty of clues confirms it is a scam. The very fact it was an automated voice, lack of personal details and just general bad grammar are some examples. There are others but this is not a training session for scammers.
Just received this message from 07547820550 to my personal mobile – I do not have a HSBC account so I knew immediately it was a phishing attempt. The odd looking domain gives it away anyway.
The domain was registered today, so it looks like a quick “mash and grab” attempt to steal as many passwords as possible before it gets shut down.
This is what the phishing attempt looked like, taken about a minute after my text message. Anyone fooled would have entered their banking login and password, which would now be in the hands of the scammer.
If anyone was fooled, immediately contact your bank. Change your passwords, and everywhere you use the same password.
On the plus side, they sent their phishing attempt to a Brendinghat administrator who immediately took action to report the site. Within five minutes of receiving the text message, the major browsers started to display a “dangerous site” warning.
You are not being sued. This notice affects your rights. Please read it carefully.
This Email appeared in my personal Gmail account – It immediately raised suspicions so I did my usual checks. General searching revealed that the background story is true – Google are being sued regarding a data breach at GooglePlus. But there are no recent updates in the mainstream media, the only recent posts are people asking about the legitimacy of the Email
After my checks, my conclusion is
Unfortunately, this came to a personal Gmail account, so I do not have all the necessary forensic data available. But what I can see of the Email header, it all looked genuine.
There are links to the claim pages. These take you to a Google domain, but to their appserve pages – THIS IS SUSPICIOUS – This is a known trick – It looks like an official Google link, but it is a public hosted area – anyone can put a page on appserve.
OUR ADVICE – DO NOT CLICK THE LINKS
This is purely based on our usual advice – NEVER click a link in an Email. Our investigations revealed that the links are not working anyway.
The back story is true – Google plus is being sued under the court reference mentioned in the Email. Of course, this means nothing – scammers will often use genuine information in order to gain legitimacy.
One aspect in its favour is that this has only been received by my Gmail account which was used for GooglePlus. My other Gmail accounts – nothing. None of our Brendinghat honeypots have received a copy.
The Email talks about a claim website which exists and visually looks genuine. Again, alarm bells are ringing – it is not hosted by Google and the owner of the domain is hidden. Could be genuine – very likely a legal company would organize this independently of Google.
Obviously a claim would ask for your personal details. but is it safe? First of all, remember that we are talking about $12 maximum.
OUR ADVICE – GIVE IT A FEW DAYS BEFORE DOING ANYTHING.
The big problem is that there is nothing about this in the main stream media. But you have until October. Personally I would wait until I saw reports in the papers (although I am not actually eligible being a UK citizen).
It is genuine. There are still no reports in the mainstream press, but some techy sites have had it confirmed by Google e,g, https://9to5google.com/2020/08/04/many-receiving-settlement-notices-for-google-class-action-lawsuit/
This was a network message that appeared on my phone.Click here for the baiting
