For instance, whenever I transact with HMRC (a Government website) on legitimate business, within hours I get two or three Phishing emails purporting to come from the same place. All with zip files attached, which HMRC never do.
This would worry me a bit. There are only a handful of possible answers to this question.
1. your computer is compromised. software is installed or altered to communicate with the phishers
This seems very unlikely indeed, but how would I check that?
2. something is intercepting your communications
- the web site you are using isn't using ssl, allowing interception of traffic at various places on the internet
- the web site itself is using ssl, but is submitting forms via plain http POST traffic, allowing interception of traffic at various places on the internet
- another computer on your LAN is monitoring the traffic and is communicating with the phishers
- a computer on the government LAN is monitoring the traffic and is communicating with the phishers
The other computers on this LAN are all in this office and only two people use them; the other one is completely non-technical.....
3. the government computer is compromised. software is installed or altered to communicate with the phishers
This wouldn't surprise me, the same thing happens with UK banks who in addition to HMRC and Companies House have found it necessary to put Phishing Warnings on their front pages.
4. your email provider's LAN or mail server is compromised
Hmmm.........
None of this can be ruled out without investigation. It is all possible. You can take steps to isolate / rule out factors. For example, if you take your laptop to another location and it doesn't occur, you have a LAN issue. Using another computer at your same location set up identically (same www and email settings) that doesn't get this response suggests your computer is compromised. Using your iPhone/4g to email the request (using identical mail settings) that triggers the response rules out your LAN and computer. Selecting to send using a different SMTP server (such as gmail), all other factors being unchanged, and not getting a response, strongly implicates your email provider. (I would count that as the greatest odds of being the problem)
I/we have no laptop (not required), I/we have no iphone either.
BTW, when communicating with these Government websites, it is not done by email. Submitting (mandatory) forms and requesting information is all done directly on their websites. No email transactions.
Remember, no one is above suspicion. If your email provider is gmail, and you don't get a response when you send via media com's SMTP server, google IS the leak. Trust no one completely.
I don't use gmail either.......THANKS for your input, which is/was thought-provoking, but I still think that that is coincidence. For instance, I also get Phishing emails from airlines I have never used, "containing" my "e-tickets". Also from carriers such as UPS, "containing" my "tracking information", when there are no such air tickets nor delivery documents. All of these have zip attachments which proves to anyone who knows anything, that they are spam and probably viral spam destined for M/soft computers. Real e-tickets are in plain view, real tracking information ditto.
Further examination of my business email's on-line settings blizzard of icons today, reveals that I am also applying Spam Assassin to everything going through. The filter level was set at 3, I have upped it to level 5. I honestly don't think this will make much difference, but it can't do any harm.
The endless War against Spam. Sigh.
