Really it is not a scam…

…but isn’t that what a scammer would say?

Here is an interesting situation to start off the cyber news week. How do you convince people your official website and service is not a scam? The Government is constantly having to do this for their Household Response Service.

UK gov keeps repeating its voter registration website is NOT a scam – BleepingComputer

It does look dodgy, especially the last three entries on the council list:

Of course it is scam site

It has all the hallmarks of a typical social engineering attack.

  • The letter directing you to the site includes the threat of a £1000 fine for failure to comply.
  • The security steps – a two part code – seem reassuringly complicated.
  • The domain is a .com not a .gov.uk.
  • There are suspicious entries on the council list.
  • The list formatting varies.
  • What is “BCP Council”?

This site however is legitimate

Your takeaway from this is do a better job of building your website if you want to collect personal information from your site visitors.

This is such a good example of a site you should be suspicious of and a job done badly I am going to use it in my next Cyber Security Awareness course.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading