UK Firstcall Photographic Scam e-mail

Chris Livsey · Jan 30, 2015

Of course they may have customers in other countries not just UK.

I, and others I am aware of, have received a scam e-mail purporting to come from Firstcall Photographic http://www.firstcall-photographic.co.uk/

Hello Christopher !
Our company "Firstcall Photographic" (www.firstcall-photographic.co.uk) celebrates 5 years!

Up to February, 15th all our customers will get a free company gift – a leather bag (which costs 65 pounds). The bag will be delivered to you within 5-7 days with the transport company.

To get the bag, please, complete the delivery information on the Enter Cargo transport company website [url]http://entercargo.com/service/firstcall/shipping_gifts/main.php?firstcall_tracking=7455893152[/URL] (Christopher - your number delivery 7455893152). The cost of the delivery is only 2 pounds. The quality bag is free.
Letter for customer Firstcall Photographic (MY PERSONAL E_MAIL ADDRESS REMOVED BY ME !!) 5 178
Copyright 2015 Firstcall Photographic LTD

The page pointed to is very convincing, surprise, but shows no security lock etc and the reply address to the e-mail is to gmx.com (free e-mail accounts)
it is patently a scam so please beware.
As of writing Firstcall have not responded to my mails and I am concerned if passwords or any credit card data has been compromised in the leak/hack.

Out of interest Firstcall were founded in 1990, a bit of poor research there!!!

paul_c5x4 · Jan 30, 2015

From their facebook page (pity it isn't on the front of their web site..).

Thank you Michael and to all other customers and friends who have contacted us in the last 24 hours about these emails. Unfortunately, as most of you have concluded, they are totally fictitious and a scam. Please delete them and do reply to the third-party response address. I am still awaiting final answers from our network and anti-virus teams as to the way this breach happened other than to admit although sophisticated no financial or personal information has been compromised except the name and email address as used.

I will update the page again as soon as our advisors are convinced that the increased security measures has had the effect of restoring normal communications.

My thanks also to all of you who realised that we have actually been in business twenty five years as the biggest error in the content

I had one too, but it got filtered directly to my spam box.

Chris Livsey · Jan 30, 2015

paul_c5x4 said:
From their facebook page (pity it isn't on the front of their web site..).
I had one too, but it got filtered directly to my spam box.

Thank you for that, I checked the "news" on their web site- nothing!! I don't do Facebook. I would have thought even an out of office reply with that info would have been set up as I am sure I am not alone in mailing in the question.
I have had good service from them but they are not handling this as well as I would expect.

paul_c5x4 · Jan 30, 2015

I don't normally "do" facebook either - Way to many fruitcakes & nutters I'd rather avoid...

I've only ever made one purchase from Firstcall, but despite their assurances that financial or personal information has not been compromised, I'll be keeping an eye on my credit card statements from now on.

pentaxuser · Jan 30, 2015

Paul, I hope that was that a recent purchase. Otherwise if it was a long time ago then it indicates that the scammers have scooped all of Firstcall's existing customers going back for a long time.

It is getting to the stage that if it appears to be a general announcement then the only safe way is to use the bookmarked website to check that the same announcement is there but many won't and all they need is a tiny percentage not to bother.

pentaxuser

gone · Jan 30, 2015

Thanks for the heads up Chris. Just call your credit card company now Paul (and whoever else has concerns about this) and ask them to send you a card w/ a different number. Tell them that you have security concerns. Better to do it before there's problems than later.

pentaxuser · Jan 30, 2015

Chris, were you able to work out what info the scammer obtains if you had responded? If the scammer has already obtained access to your credit card details then why send you and presumably many others, as evidenced by Firstcall's announcement, something that might alert you to a possible scam?

I had presumed that in Paul's case as in others targetted the scam was to get him to apply for the bag with credit card or Paypal details for the £2 delivery and then and only then to give away what the scammer needs?

No response as in Paul's case then no worries or have I missed something?

pentaxuser

Ricardo Miranda · Jan 30, 2015

I don't believe any debit cards or credit cards were compromised.
I also received that email and it went straight to where it belongs: Spam.
As I never bought anything from them and so never gave Firstcall any financial info, these scammers only got a mailing list.

RobC · Jan 30, 2015

There's an awful lot of jumping to conclusions going on about mailing lists being hacked.

firstcall appear to use a third party email company and that company uses another third party email company in the US. The mailheaders I have seen show at least one source of the mail coming from the US but not from any of those email outfits and not from firstcall. But those email outfits could have been hacked or had their mails intercepted. Do you know if thats the case? I certainly don't and I doubt you do either. It could have been firstcalls own servers hacked or their website hacked or some disaffected employee selling a database of data. You and I just DON'T KNOW. It could even be a web forum like this which has been hacked and being photographers the scammer decided to pick a photographic retailer to spoof the mail sender as. Do you know if thats the case? No you don't. So all you can do is wait for firstcall to investigate. I doubt they will ever find out but it looks to me having had a quick look at their DNS setup (which is in the public domain) that the outfits they are using for email could be doing better with protecting against spoofing email sender which might have stopped all this mail.

Vonder · Jan 31, 2015

I can't understand not updating the web page. I have seen it happen in far worse situation. A lot of companies have decided web sites don't matter much anymore. It's all about Facebook now.

Go to Dead Link Removed

You can even order online. But guess what? The store closed last November.

Chris Livsey · Jan 31, 2015

RobC said:
There's an awful lot of jumping to conclusions going on about mailing lists being hacked.

Thanks for the investigations Rob. I, in the first post drew no conclusions about who had been hacked and did mention a leak which would involve "insiders" as a possible.
My beef is with Firtstcall who obviously know about this from Facebook messages others have quoted. they could have, as others do, been pro-active and warned their mailing list, they could have placed a banner on their website, which does not appear to be compromised, they could have used an "out of office" e-mail to reply to enquiries such as mine as to the issue.
Whilst I don't know I don't think credit card details are compromise because that is what the fake site is seeking, that remains a possibility.
It looks to me the Firstcall have handed over this issue to their e-commerce suppliers and have not received any support for their compromised customers nor have they been pro-active in warning customers themselves.
If they think customers are happy with just a facebook interaction they need a re-think pronto.

Just double checked, nothing on the web page but the blog has a great article on choosing the right DIGITAL SLR !!!!

Ricardo Miranda · Jan 31, 2015

Yeap, Rob is right.
Right, now lets prepare to go out for the London's "March on Homes" and take some photographs.

UK Firstcall Photographic Scam e-mail

Privacy & Transparency

Privacy & Transparency