Some people and telecoms operators around the United Kingdom are being hit by a spate of SPAM emails, which appear to emanate from the national regulator. Industry sources initially suggested to ISPreview.co.uk that Ofcom had suffered a security breach, although the regulator denies this.
The email itself appears to have come from Ofcom’s “spectrum licensing” division, although the regulator said they have “not been sent” by Ofcom and are a “hoax” that should be “treated as spam and deleted“. In a statement Ofcom added, “We have not experienced a breach of our data or systems, and we are investigating as a priority.”
Advertisement
A partial example of the email in question can be found below.
The Hoax Ofcom SPAM Email
From: Spectrum.licensing@ofcom.org.uk
Sent: 05 August 2015 **:**
To: ******************
Subject: IMPORTANT – Document From Ofcom Spectrum LicensingDear Sir/Madam,
Please find attached an electronic version of important documents relating to your Wireless Telegraphy licence or application.
Please read the document carefully and keep it for future reference.
If any details within this letter are incorrect, please notify Ofcom Spectrum Licensing as soon as possible. It is the Licensee’s responsibility to ensure all information we hold is correct and current.
If you have any enquiries relating to this document, please email
spectrum.licensing@ofcom.org.ukYours faithfully,
Ofcom Spectrum Licensing
Riverside House
2a Southwark Bridge Road
London SE1 9HAPhone: *******
Fax: *******
Textphone: ******
The email includes a Microsoft Word attachment that, upon being opened, will ask you to enable Macros (automated tasks). Sadly anybody who is foolish enough to be tricked into doing that will instead enable a malicious macro that downloads further malware (Trojan), which appears designed to monitor and steal personal / financial information or do other damage.
As Ofcom says, it’s best to treat these as SPAM and delete them. Sadly it’s not hard to spoof legitimate email addresses and usually only a more advanced user will know to go into the message source and check the sending server details to see if they match with a legitimate one. The SPAMs sending servers tend to include locations from Iran to Romania and many more.
Comments are closed