Welcome Guest! The IOSH forums are a free resource to both members and non-members. Login or register to use them

Postings made by forum users are personal opinions. IOSH is not responsible for the content or accuracy of any of the information contained in forum postings. Please carefully consider any advice you receive.

Notification

Icon
Error
Potential SCAM on these Forums
Options
Go to last post Go to first unread
Previous Topic Next Topic
peter gotch  
#1 Posted : 17 July 2025 12:40:50(UTC)
Rank: Super forum user
peter gotch

All, 

I have received four Private Messages from "enheli" today between 11.50am and 12.08pm UK Summer Time.

PLUS a "Friends" request already declined.

I suspect that other Forum users will receive similar PMs if this hasn't already happened.

All very similar except that the first was not as well formatted and did not include a contact email address for the "person" messaging me.

That "person" joined the Forums on 13 July 2025 and has not posted on a thread on these Forums.

SUMMARY

Heading: "A friend works in the security industry wants to find a job and hopes to get help"

Main body - nothing to do with a friend but rather someone supposedly looking for help for themselves in terms of finding a new EHSE role.

Supposedly Li Ning, Chinese, aged 33 currently working in Indonesia. Various qualifications and experience cited.

An email address included which, in effect, is an invitation for recipient of any PM to share their own email address - the first element of giving away personal information.

Now if Li Ning was genuine the logical first thing to do after registering on these Forums would be to post a thread introducing themselves not to PM Forum users chosen fairly randomly.

I have emailed IOSH Data Protection to ask IOSH to investigate but don't even know whether the email address given on the Forums is active.

Please treat any communication with this "person" with extreme caution.

I will leave it to Li Ning aka enheli to explain here that they are NOT a scammer.

P
Back to top
Kate  
#2 Posted : 17 July 2025 12:56:48(UTC)
Rank: Super forum user
Kate

I have only received 3 of these.

Thanks for reporting, Peter.
Back to top
lisar  
#3 Posted : 17 July 2025 13:08:47(UTC)
Rank: Forum user
lisar

Does that mean if I clicked the link Ive been hacked?
Back to top
peter gotch  
#4 Posted : 17 July 2025 13:57:30(UTC)
Rank: Super forum user
peter gotch

Hi lisar

The Private Messages I have received have not contained any links to click on (or at least none that I could see, and I can't go back and have a closer look as I have now deleted all four messages).

So, in effect what the "person" has been doing has been inviting the recipient to contact them by email. Once they have your email address, it is relatively easy for a determined scammer to find out much more about you.

Yesterday on another platform somebody was trying to see if they good get some mail that they had received to the intended recipients. 

So for sake of argument it was a George and Jane Smith-McWallop. Never going to be easy to find out much about a Smith but McWallop is an uncommon surname (if anyone has such a name!) so very likely that you can find out all sorts about them. 

This item of post had been sent to an address with postcode XN15 etc. XN is obviously made up - I am not putting the start of my postcode up on social media (I have also changed ALL the names of the people involved).

Within five minutes, I had established that George Smith and Jane McWallop were on the electoral register in XN11. To get the second half of the postcode I would have to take out a subscription and probably pay for that, but XN11 is a starting point and not that far from XN15.

Also I had a clue as to the second half of the postcode which would narrow down where these people were recently living to just two buildings.

AND who a Jane McWallop works for.

Nothing to tell me whether George and Jane had got married and double-barrelled their surnames as appears to have been the case based on a photo of the letter that was in the wrong place.

Now a typical scammer isn't going to be Googling people and instead is playing numbers games. Send lots of messages by phone, email, text, or in this case Private Message on the IOSH Forums and see how recipients many bite. 

I've had three scam calls on the landline today. ALL bank security, all supposed unexpected transactions, in each case with one being supposedly for Amazon. I've checked the Who Called Me website, and each time I was the first person looking up the mobile number. So, new burner phones, old scam technique.

Suppose 200 auotmatically operated burner phones can convey 100,000 precorded messages a day. The scammers only need 1,000 people not to simply ignore the call and press either button 1 or button 2 to make the scammer's business model work. OK only a few of the 1,000 will go through with the process to the stage where they start giving away personal information and even fewer will give away their card details but it doesn't take more than a few to become lucrative INCLUDING via selling on the victim's details to others.

Kate's had three messages and I have had four, so that suggests that a computerised scammer has sifted through activity on the Forum - it doesn't notice that it is sending the same person more than one message. A huge RED FLAG for me. If I had just received ONE Private Message, I just might have responded, though usually I would have investigated the Forum profile of the "person" first and that would in this case have been enough to put me off.

As long as you don't reply using any personal information - email, phone number etc - to any messages from this "person" you should be fine.

If you were to get a LINK then different rules come into play.
Back to top
George_Young  
#5 Posted : 17 July 2025 14:19:13(UTC)
Rank: Super forum user
George_Young

I've got the same message.

Im on the fence on wether its a scam or someone just mass messaging in the hope of getting a new role. either way, I'm not engaing with it.
Back to top
A Kurdziel  
#6 Posted : 17 July 2025 14:46:42(UTC)
Rank: Super forum user
A Kurdziel

just reasd this email and then checked my inbox saw it was about getting someone a job in the security industry sector which I don't have a scooby about and delted all three.

thanks for the heads up 
Back to top
peter gotch  
#7 Posted : 17 July 2025 17:00:12(UTC)
Rank: Super forum user
peter gotch

Hi George, apart from the multiple messages another warning for me was in the complete disconnect between the title of the message - for a friend and the main body - for themselves. Now I know that people occasionally say things like 'I am asking for a friend' but if they do this they usually manage to maintain that disconnect in what else they have to say.

+ that in that main body they say nowt whatseover about being in 'security' - which in itself seems to have backfired for their PMs to AK who indicates that they have simply dumped the messages before even reading them!!!

So this "person" states that their experience, naming organisations such as CNOOC Shell, of 'production and construction safety' extends to 'petrochemicals, mining, metal smelting etc', with a claim of doing research into occupational health as well. Absolutely no mention of 'security'.
Back to top
Users browsing this topic
Guest
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF.NET | YAF.NET © 2003-2025, Yet Another Forum.NET