PhishSpam almost got me.

[Lost_in_the_HTTP]

Looked at my email and found a notice from FedEx about an issue I'd been having, or so it said. Looked legit and I had indeed contacted them recently.

Copied the link in the email and was about to paste and go when I looked closer at the underlying link.

Nope.

Not even close.

 

[Captante]

 

[Torn Mind]

Actually happened to Sparky Channel and the agents that got his info wiped out his original Youtube channel.

 

[Stiff Clamp]

Something like that happened to Jim Browning and he temporarily lost his scam-targeting Youtube channel. Ironic.

 

[Red Squirrel]

Have to admit some of these are getting crafty. Especially because they seem to be able to time it with actually ordering something. It's like clockwork, order something and then a few days later get one of those scam emails. Purolator, Fed Ex etc don't even have my email though since I'm dealing with the retailer I bought from and not the shipper, so I don't think they would ever send me an email for real. If there is any issues related to shipping it would come straight from the retailer you dealt with. But either way anything I get that has a link I usually avoid clicking it. I don't even trust hovering it to see the status bar, because there's all sorts of weird stuff they can do with unicode characters to make it look legit.

 

[Captante]

Have to admit some of these are getting crafty. Especially because they seem to be able to time it with actually ordering something. It's like clockwork, order something and then a few days later get one of those scam emails. Purolator, Fed Ex etc don't even have my email though since I'm dealing with the retailer I bought from and not the shipper, so I don't think they would ever send me an email for real. If there is any issues related to shipping it would come straight from the retailer you dealt with. But either way anything I get that has a link I usually avoid clicking it. I don't even trust hovering it to see the status bar, because there's all sorts of weird stuff they can do with unicode characters to make it look legit.

Wise decision.... I make it a point to only copy plain text out of the body of any email if I need some of the specific info it contains and will never "click" on anything.

Safer to just assume that ALL info-requests, fraud notifications and the like that arrive via email are bull$hit scams.

 

[balloonshark]

Always go directly to the site in question or call a real 1-800 number. Never ever click on an email link or call a number in an email.

Today I got a questionable email from capital one. I noticed the to (capitalone@notification.capitalone.com) is different from all their previous emails. The email is a statement so all I need to do is go directly to their site to view and/or pay my bill which is way smarter than clicking on the email link and logging in and possible giving my credentials to criminals.

 

[Lost_in_the_HTTP]

I had tried to get to FedEx chat to check on a tracking number, but their chat was too busy and never replied. I thought just maybe they logged it and were replying by email. But there were no specifics, just a general reference to a 'ticket'.

And the URL was not even close.

Not thinking keylogger or other nasty because I've gotten other spam to that email account recently.

 

[Lost_in_the_HTTP]

The 'Click here' and Unsubscribe links and the View Messages button all go to the same URL that is not the same as the one in the From field. They go to some 'work-talents' URL.

 

[nakedfrog]

Normally a quick glance at the "from" address is enough to weed out the phishing emails. Yes, it can be spoofed, but they don't normally seem to bother.

 

[Captante]

1.800.GoFedEx 24/7/365

You're welcome!

Normally a quick glance at the "from" address is enough to weed out the phishing emails. Yes, it can be spoofed, but they don't normally seem to bother.

No need.... half the folks they send those emails to don't know what a "header" even is nevermind what it should look like.

 

[Torn Mind]

1.800.GoFedEx 24/7/365

You're welcome!




No need.... half the folks they send those emails to don't know what a "header" even is nevermind what it should look like.

Wacky fonts, periods, etc are present.

 

[Captante]

Wacky fonts, periods, etc are present.

Simply by virtue of being a member here you and I are technology-guru's compared to the average "Joe/Jane Six-pack".

When it comes to computers/internet all you can count on from the majority of "users" out there IRL is stupidity and gullibility on levels that are frankly difficult to grasp.

It's like they see a PC and all blood-flow above the neck ceases.... odd fonts and spelling errors won't cut it.

 

[Lost_in_the_HTTP]

Simply by virtue of being a member here you and I are technology-guru's compared to the average ...

FedEx


So there !!!

 

[Captante]

FedEx


So there !!!

Although I must say copy/pasting the Fedex logo IS beyond many of todays PC users skills!

 

[Red Squirrel]

Random fun fact. The FedEx logo has an arrow in it.

Now you can't unsee that.

 

[Lost_in_the_HTTP]

Although I must say copy/pasting the Fedex logo IS beyond many of todays PC users skills!

Check again Skippy.

No C&P there.

 

[Captante]

Check again Skippy.

No C&P there.

And the significance of this point is ?!?

 

[nakedfrog]

Simply by virtue of being a member here you and I are technology-guru's compared to the average "Joe/Jane Six-pack".

When it comes to computers/internet all you can count on from the majority of "users" out there IRL is stupidity and gullibility on levels that are frankly difficult to grasp.

It's like they see a PC and all blood-flow above the neck ceases.... odd fonts and spelling errors won't cut it.

I know what you mean, I work at an IT company, with yearly training sessions on phishing, and people still screw up
I suspect it's the older sales folks falling prey.

 

[Lost_in_the_HTTP]

I know what you mean, I work at an IT company, with yearly training sessions on phishing, and people still screw up
I suspect it's the older sales folks falling prey.

What's complicating things is companies using so many third party tools and scripts.

Even when I'm on known Federal Govenments sites ( .gov URLs ), I see all sorts of stuff passing by from other sites. UPS and FedEx and other large companies are doing it too, including using third party email notification services. They're really making it hard to stay safe unless you watch every step.

 

[balloonshark]

Got an email in my spam box from noreply@amazon.com. The title was amazon.com, important notice. Your Amazon account has been locked...

The timing of this email is rather strange since I used my account to purchase something for my sister and had it sent to her address. It was the first time using my account to send to another physical address. I had no problem going directly to Amazon and logging in and buying cashews though.

 

[Captante]

Got an email in my spam box from noreply@amazon.com. The title was amazon.com, important notice. Your Amazon account has been locked...

The timing of this email is rather strange since I used my account to purchase something for my sister and had it sent to her address. It was the first time using my account to send to another physical address. I had no problem going directly to Amazon and logging in and buying cashews though.

Did you forward a confirmation to her email?

Or discuss anything to do with it in range of a smartphone?

 

[balloonshark]

Did you forward a confirmation to her email?

Or discuss anything to do with it in range of a smartphone?

I only emailed her a tracking number and sent a text to let her know about the email. I'm sure Mark Suckaturd knew about it though since he's all up in her phone. Google and Yahoo also read the emails and Google read the text. And now Future knows lol.