Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.



1080p

1332 posts

Uber Geek
Inactive user


#60806 3-May-2010 17:52
Send private message

Well this has apparently been going on for a couple of weeks but this can be a warning to those who have not seen it yet; I've just received an e-mail from someone claiming to be Kiwibank.

I have called Kiwibank to report this and forwarded the e-mail (suspicious.email@kiwibank.co.nz is the address to send it to if you have one) and apparently they know about this already.


/* EMAIL **/

(from) Kiwi Bank
(subject) Update & Re-confirm your account details.
(mailed by) ptd.net



You have one new Security Message !

Update and Re-confirm your account details.

Click here to Log In

/* /EMAIL **/


ptd.net looks like a US ISP (PenTeleData - http://ptd.net/tiki-index.php)

onionshed.com (74.208.38.107) doesn't load an HTTP page but appears to be registered to:

registrant-firstname:            Trey
registrant-lastname:             Watson
registrant-organization:         Onion Shed
registrant-street1:              PO Box 43
registrant-pcode:                75943
registrant-state:                TX
registrant-city:                 Douglass
registrant-ccode:                US
registrant-phone:                +93.65563002
registrant-email:                treyandlauren@gmail.com

(http://who.is/whois/onionshed.com/) and is hosted by http://1and1.com/ (lol!)

Now, my geek senses were tingling even before I opened this e-mail as I am not a current Kiwibank customer. The only correspondence I have ever had with them was a few months ago regarding opening an account (I wanted to check out their money manager http://heaps.co.nz/) but I didn't open one as I decided to wait until later this year.

My most urgent concern is that the e-mail address this was sent to - the one I use exclusively for banking/private mail - seems to be in the hands of spammers.

I am concerned that there might have been a leak of customer information somewhere as that e-mail is closely guarded (its a little paranoid, I know) and hasn't been used publicly anywhere online and definitely not in conjunction with Kiwibank (other than said e-mail registration).

I find this slightly annoying as I'm not sure what I can do about this; I deliberately have throwaway Gmail/Hotmail/Hushmail e-mail addresses to use with internet forums, Facebook and the myriad of other places an e-mail address can be leaked easily.

What can I do when an important and trusted NZ company leaks - accidentally or not - my private e-mail address? Has anyone else had an e-mail address they would rather not have shared thrown out into the internet by a company?

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
johnr
19282 posts

Uber Geek
Inactive user


  #326145 3-May-2010 18:32
Send private message

This is always going on for most banks

John



freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #326161 3-May-2010 19:27
Send private message

This is not "spam" it's "phishing". It happens for most banks and people should always be aware of not clicking those links.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


Kyanar
4089 posts

Uber Geek

ID Verified
Trusted

  #326163 3-May-2010 19:31
Send private message

1080p:
What can I do when an important and trusted NZ company leaks - accidentally or not - my private e-mail address? Has anyone else had an e-mail address they would rather not have shared thrown out into the internet by a company?


Yes.  The company initially denied they were responsible, but after about 3 days they discovered that their customer database had indeed been compromised and emails stolen.  Only emails though, as the database was extracted from one of their customer forum installations.



alasta
6703 posts

Uber Geek

Trusted
Subscriber

  #326166 3-May-2010 19:38
Send private message

One of our email addresses at work has been getting bombarded with those emails over the last few days. They don't look very authentic at all, but my accounts assistant who is an older lady and a bit naive asked me "how should we respond to those emails from Kiwibank" so it's easy to see how people get caught out.

Tabuti
134 posts

Master Geek


  #326169 3-May-2010 19:44
Send private message

Yup this is phising.

Some of the emails can look very authentic but no bank will EVER send an email like this.

I even have people who are not with Kiwibank that get these types of emails.

Don't follow them & you will be fine

alasta
6703 posts

Uber Geek

Trusted
Subscriber

#326171 3-May-2010 19:48
Send private message

Tabuti: Don't follow them & you will be fine


Alternatively, follow the link and bombard them with bogus details!

muppet
2568 posts

Uber Geek

Trusted

  #326186 3-May-2010 20:48
Send private message

alasta:
Tabuti: Don't follow them & you will be fine


Alternatively, follow the link and bombard them with bogus details!


This is what I do, yea.
Does it work? No idea. Does it make me feel better? Yes, it does.

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
kingjj
1728 posts

Uber Geek

ID Verified
Trusted

  #326213 3-May-2010 22:16
Send private message

muppet:
alasta:
Tabuti: Don't follow them & you will be fine


Alternatively, follow the link and bombard them with bogus details!


This is what I do, yea.
Does it work? No idea. Does it make me feel better? Yes, it does.


Does it open your computer up to drive-by-download risks? Yes. Does it allow suspicious sites to attack security holes in your system? Yes. Should you follow fake links in phishing emails? No. Innocent

Noviota
85 posts

Master Geek

Trusted

  #327331 6-May-2010 12:08
Send private message

I got similar phishing emails and let Kiwibank know.

I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.


bazzer
3438 posts

Uber Geek

Trusted

  #327343 6-May-2010 12:28
Send private message

Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding?  Did you ask them about it?  If so, what did they say?

freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #327344 6-May-2010 12:31
Send private message

bazzer:
Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding?  Did you ask them about it?  If so, what did they say?


How do you know the spammers got your email from that website? A database leak?





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


bazzer
3438 posts

Uber Geek

Trusted

  #327346 6-May-2010 12:41
Send private message

freitasm:
bazzer:
Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding?  Did you ask them about it?  If so, what did they say?


How do you know the spammers got your email from that website? A database leak?


Are you asking me?  Noviota was pretty clear that he used a unique disposable address for them.  Still, I suppose it could be random or something else.  What would you say is most likely?

freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #327347 6-May-2010 12:42
Send private message

If it was a random email for a specific site, cold it be that Noviota's PC was infected by a trojan at some stage, and that trojan harvested email addresses when one of those emails were in his inbox?





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


KellyP
1245 posts

Uber Geek

ID Verified
Subscriber

  #327350 6-May-2010 12:45
Send private message

I'm also getting many of these lately on a hotmail.com address.

Yesterday I received 2 within 40 minutes.

muppet
2568 posts

Uber Geek

Trusted

  #327368 6-May-2010 13:21
Send private message

kingjj:Does it open your computer up to drive-by-download risks? Yes

Are you making assumptions? Yes.

I'm not using I.E. to start with, I'm not using Windows and I'm using an addon that stops all script/flash etc unless permitted.

In a VM.

I have a second VM (Windows 98, yea!) that I happily run HaHaHa.exe in when it arrives via email, just to see what it does.

Tim

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.