Ocado scam

It doesn't really sound like a scam - more like a case of mistaken email address!

You could email them at [email protected]. Or phone them on 0345 656 1234.

Just to see what they say.

Don't follow any links on the email, go to the Ocado site direct and email them from there to ask what is going on (or on jing's contactus@ocado link) Probaly mistaken identity, but worth pointing it out ot them.

Thanks, I'll do that.

I've also just had an email from Ocado - saying my delivery is due, with no substitutions and attaching 'my receipt'. (which I'm not opening, needless to say)

I don't use them, and will be informing Ocado, as above.

Seems like a scam to me!

This /is/ a scam, and a very dangerous one. The payload in the "Receipt.doc" file attempts to auto-download Dridex, which is designed to steal login information regarding your bank accounts (either by key logging, taking auto-screens hots or copying information from your clipboard (copy/paste))

For more information on Dridex, and the terrifyingly-long list of financial institutions for which it tries to gather sensitive information, see :

sanesecurity.blogspot.co.uk/2015/01/word-excel-macro-malware-dridex-bot.html

They have not left me out! I've got one. I have never in my life used Ocado
I have e mailed Ocado. I wonder how whoever is doing this scam got my email address.

Everyone check their Emails and don't respond.

Thanks Chaa006. I hope Ocado are notifying their customers.

Nellie -- Ocado don't appear to be notifying their customers by e-mail, or if they are, it is taking a long time for the notification(s) to arrive. I am a long-standing customer, and informed them of the scam by telephone shortly after 11:12 today, but so far I have received no e-mail from them informing me of the message or of the risk of opening the attachment. They have, however, posted a warning on their web site, which reads :

Important Message

Some customers have been targeted with a spam email today which looks like it's from Ocado - the subject line is "Your receipt for today's Ocado delivery", and the delivery time is between 12pm and 2pm and the driver's name is Paul. If you have received this email please delete it without opening the attachment. Thank you.

How is it, when you type in some company's name, it appears as a link. I didn't try to put a link there. Just the email address.

I haven't had one.

Cari -- the only way of seeing that the sender was not really Ocado was by looking at the message headers, which most people do not see; for this message, the clue lay in the first "Received: " header, which read :

Received: from VHHC-PB4VKWD.hcm.local (113.183.214.95) by DB3FFO11FD055.mail.protection.outlook.com (10.47.217.127) with Microsoft SMTP Server id 15.1.300.4 via Frontend Transport; Mon, 19 Oct 2015 10:12:33 +0000

or

Received: from [45.121.188.9] (45.121.188.9) by DB3FFO11FD009.mail.protection.outlook.com (10.47.216.165) with Microsoft SMTP Server id 15.1.300.4 via Frontend Transport; Mon, 19 Oct 2015 10:20:51 +0000

together with an SPF warning :

Received-SPF: PermError (protection.outlook.com: domain of ocado.com used an invalid SPF mechanism)

Well done for alerting us Grannyknot.

Yes, and sorry for being sceptical - I couldn't see how scammers would be able to make money out of this but now it's been explained I realise I'm more gullible than I thought!

Yes, thank you for the warning Grannyknot I do sometimes use Ocado, so may well have not realised it was a scam - even though I like to think I'm pretty clued up!!!

Bumped to join the other one.

I got one of these emails yesterday and I went to my Ocado account, NOT using the link provided, as I knew this must be a scam as I too hadnt placed an order. I emailed Ocado advising them of the scam and I am awaiting a response.

I get loads of emails which supposedly come from Tescos, Boots, Argos etc, and my Yahoo mail generally gets it right to put them straight into my Spam folder. I've also discovered that if you hover your mouse over the name of the sender, it will reveal the email address which sent it, so you can double check if unsure. I even get "Bank" emails telling me that my account has been suspended, when I don't have accounts with them!

Hubby received one too yesterday. Weve never shopped with Ocado. We r more Aldi!! Hubby is very savvy with this sort of thing n deleted it straight away.

I also received one of these emails yesterday and wondered why it hadn't gone into my junk mail. Wish I had seen this warning yesterday as unfortunately I replied to it, though didn't click on any link. Hopefully nothing untoward will happen.

There are several email addresses in use in the household and this email arrived in the Inbox of two of them. Not being Ocado users they were immediately marked as spam but I have to say it looked far more convincing than many of those purporting to come from banks and other major players.

I have this morning received an almost identical e-mail, but this one (which I believe to be genuine, but which I have nonetheless forwarded to Ocado for confirmation) addresses me by name rather than just starting "Hello", so it may be worth checking any/all similar messages in the future to see if they are correctly personalised or just generic (the latter should trigger loud warning bells). Unfortunately the "View the web version" link was broken in this most recent message, so it would still have been necessary to open the attachment if one wanted to see inside (today's attachment was an Adobe PDF, not a Microsoft Word document); I have reported this to Ocado.

Good advice, Chaa006.

Another thing to watch out for when you get any such email is that your name isn't simply pasted from another source such as facebook, twitter or your email address found elsewhere.
I've had a lot of scam emails over the last year, supposedly from my electricity supplier (Scottish Power). The earlier ones just said something like "Hello Customer", but the later ones got cleverer!

A good way of how to check if an email is genuine, is to let the cursor hover over, what seems like a genuine "from" email address and you will see the details of the real sender disclosed underneath. Can be quite an eye opener! If in doubt always go to company website.