Sponsored by..

Thursday 10 October 2013

Companies House phish

This fake Companies House spam appears to be some sort of phishing attempt:

Date:      Thu, 10 Oct 2013 11:57:31 +0300 [04:57:31 EDT]
From:      Companies House [contact@companieshouse.co.uk]
Subject:      Compulsory Companies House WebFiling Update #90721

Compulsory Companies House WebFiling Update #90721

This is an important notice to inform you as a registered company to update your details.

This will make it easier to update our database and keep records of our company.

Kindly follow the link below to update your information.

CLICK - Start Here
Companies House
Crown Way
Cardiff CF14 3UZ

DX 33050 Cardiff 

The link in the email goes to [phish]www.misspanama.net/respaldo/ukcompany/CompaniesHouse.htm which asks only for a Company Name, email address and password.

Once the credentials have been harvested, the victim is sent to a genuine Companies House webpage at www.companieshouse.gov.uk/forms/introduction.shtml

So, what is being harvested here? There seems to be no malware involved, so perhaps the bad guys are actually trying to hijack company identities for some evil purpose.

It turns out that Companies House have a webpage all about this type of threat and recommend that you forward offending emails to phishing@companieshouse.gov.uk. Just remember.. sometimes phishers are after something a lot less obvious than your bank details!

No comments: