Date: Investigation: Investigation into phishing emails, messages and phone calls Officers carrying out investigation:

Incident

Number

Type of

Communication

Official sounding

source

Sense of urgency

in expected

response

Implied threat Makes the

recipient feel

anxious

Makes the

recipient feel

curious, hopeful

or excited

Offers something

that seems too

good to be true

Asks for personal

details

Encourages the

recipient to click

on a link

Asks the recipient

to download a file

Investigation: Phishing MessagesCYBER CRIME

EMERGENCY RESPONSE UNIT

Thank you for shopping with Arizona. Your new iPhone has

been dispatched and payment for £1020 will be taken from your account today. If you do not

recognise this purchase, please get in touch with us immediately

on 09898976567

We can see from your gaming accounts that you have built up a debt of £250. Please follow this link immediately to pay this off. Failure to do so will result in an additional fine, taking your total

debt to £1000Debt Repayment

Answer the following general knowledge question to be in with a chance to win a brand new 40

inch Smart TV:Which of Santa’s reindeer had a

red nose?Text 0947584748 with your full

name, address and answer NOW! Competition ends at midnight.

This is an automated text message from your phone

provider. We have been unable to collect payment for your

phone this month. Please click on the link below to pay your bill.

Your service will be terminated with immediate effect if you do not respond straight away. Link

Hello am I speaking to Ben Barton? Hi, I’m phoning on behalf of PC Products. We are in the process of providing all pupils across the country with the latest iPad model to help with learning at home. You may have heard that the government want to better support young people and their education? This roll out of equipment is the first part of a phased plan to get all pupils access to technology to help them make best use of learning resources at home. Would you be interested in joining this scheme? All we are asking at the moment is that you provide us with some proof of your name, age and address. We will send you a web link, just click on that to access a page where you can give us your details and we’ll get that new iPad out to you by the end of the week. It’s been a pleasure talking to you.

Hello, I’m calling from Microsoft. We have detected a problem with your computer. Have you noticed it running a bit slower recently? Can you start up your computer and follow my instructions so that we can remedy this for you.

Context:

The recipient did think

that her computer had

been running a bit

slower and was keen to

get this sorted.

Good morning am I speaking to Mr Smith? Hello, I’m PC Dixon from Halway Police Station. We’ve been informed of some unusual activity on your bank account by someone in your area. You need to call 08988546747 urgently to change your bank details to prevent any large withdrawals from your account.

Hello, I’m calling from Arizona. We have been made aware of some fraudulent activity on our site which has resulted in a number of our customers paying for expensive items that they haven’t purchased. We would like to reimburse you immediately, could you give us these bank details so that your money can be returned to you?

Inbox

Contacts

Trash

From:

To:

Exit

Dear Customer

You are the lucky winner of our latest prize draw! Congratulations!As a valued customer of Great Deals Done, you are automatically entered into our fantastic prize draw each month and this month your name was pulled from the hat!Click on the link below to collect your prize, worth £899 :

Kind regards,The Great Deals Done Team

GDD@greenmail.com

jjellerson@jmail.com

Prize Draw

Great Deals DoneWINNER!

Context:

The recipient had never

shopped with Great

Deals Done as far as

they were aware but

they weren’t completely

sure.

Inbox

Contacts

Trash

From:

To:

Exit

Dear Customer

We regret to inform you that a vulnerability has been identified in the Gamers Unit mobile application that allow an attacker torecord calls and videos you have made from your device without your knowledge.We have created a website for all members to verify if their videos and calls have been recorded and subsequently made public.To perform the verification, please use the following link:

This website will be available for 12 hours.Big Fish Little Fish Games Company

Bigfishlittlefish@gamers.co.uk

mrsmithson@jmail.com

Big Fish Little Fish Games Company

Video and Call Verification

Inbox

Contacts

Trash

From:

To:

Exit

Hello,We have been unable to take this month’s payment for your Notflix account. Please update your payment details:

If payment is not received within 2 hours, your account will be suspended from midnight tonight.

If you need help, please visit the Help Centre or contact us now on 01343679347

Notflix Account Team

Notflix@tv.co.uk

mrwon@jmail.com

NOTFLIXYour account is about to be suspended

UPDATE ACCOUNT NOW

Hello,This is an urgunt notice regardings email svaughan@microsift.co.uk. Your email is reported for sending spam email to your contacts. In order to protect your contacts from further attack we ask you to download the following to your computer, this willdisable further problems:

Failure to download this program will result in permanent disablement of your account.

Sincerely,Microsift

Inbox

Contacts

Trash

From:

To:

Exit

<no-reply@microsift.com>

svaughan@yourschool.co.uk

EMAILS UNDER SCAM INVESTIGATIONurgent

Your account is about to be suspended

Download

Dear Customer,Thank you for your purchase from Tiny Toy Shop.The attached information will give you a special code to enter onto our website: www.tinytoyshop.co.ukWe hope you enjoy the free gift!

SincerelyThe Toy Team

Inbox

Contacts

Trash

From:

To:

Exit

tinytoyshop.co.uk

gemsmaine@yahee.co.uk

Tiny Toy Shop

www.a2ss4rend9987aperprxd

Secret code

Context:

The recipient noticed

something strange

when he hovered his

cursor over the link…

Post Investigation Team Meeting

Teams to feedback on what they discovered about each of our chief suspects

• Was there any evidence of criminal activity?

• What clues were you able to pick up on?

• What should our next steps be to combat these crimes?

• What tactics were the criminals using?