Contributor Post Created with Sketch. Getting Myself Phished, a Quick Yakking about Hacking

 

Phishing is the email version of pretending to be someone you’re not. The end goal is to talk some dupe into clicking on your link, to either steal their information or otherwise break into their computer. I know a thing or two about what this is and how it works, and yet I clicked on the link last night. Let’s go straight to story mode, shall we?

I see an email in my inbox, from Admin PayPal. Subject line “Your account has been limited. (Code: E8 -s0me-malarky)” I open the email. I’ll screenshot the message for you to see it for yourself.

Email Text: Dear Client, Suspicious Activity on Your Account. Your Account Information has been changed. [ Billing or Shipping Address ] As our security precautions, we need more information from you. Your account will be limited until you provide some additional information. Please login into your Account and review your activity by clicking on the link below. paypal.com/login? Yor action is required to help us protect you PayPal account securely.
Wouldn’t you like to be a sucker too?
I click the link. It takes me to a login page, and I give them my login and my password. The captcha has a set of letters and numbers on a background of the PayPal logo repeated randomly. I screw up the captcha on the first try, it tells me to try again. I log in.

The next page is asking me for my address, and other information. At this point, my brain goes “Wait a minute…”. If this were legit they’d be asking me to confirm information they already had, not asking me to input it again from zero. I look up at the URL. It’s not to PayPal.com. This is a scam, and I fell for it. “Oh, crap.”

Let’s leave me hanging on that cliff for a bit and play a game. This game is not nearly as popular as I’d expect. It’s called “What did Hank do Wrong?” Let me give you a list of minor and major errors, from the top:

  1. ‘Admin PayPal’ is as generic as a name comes. I could have recalled that I get my monthly statements from service@PayPal.com, which should have made me suspicious.
  2. The subject line tells me they’re taking something away. That’s a cheap psychological trick to get you to want it more, as surely as Shamrock Shakes are here for a limited time only.
  3. The body of the email has some suspect grammar in it. A great deal of the time these attacks are authored by people who don’t have English as a first language. Hey, if you’re a Russian hacker, are you going to scam other Russians, or go for the Yanks who have money? Bad grammar isn’t dispositive in this day and age, but I should have noticed and been suspicious.
  4. Another cheap psychological trick, note how the email is worded subtly as “you have a problem, you need to fix it.” This puts you on the defensive and makes you eager to trust the scammer in order to prove that you’re not a bad person. The main thing I dislike about cheap psychological tricks is how well they work.
  5. This is the big one, I didn’t check that the link in the text goes where it says it goes. If I had taken the time to hover over it, a destination tooltip would have shown up in the bottom left of the screen, telling me that this particular link will send me to mysp.ac/4ZhbF. There’s absolutely no reason why PayPal would use that address. You should always look at that tooltip before you follow a link, if only to avoid getting Rickrolled. Like a chump, I didn’t check.
  6. Again, no reason to trust that link. If the email was legit I could have gone to a new browser window, gone to PayPal manually, and logged in like I normally do. The site would have given me whatever alert was necessary there and I wouldn’t be exposed to the risks of an email link.
  7. Finally, I acted too quickly. “Problem with PayPal” translates to a problem with my money, which means I need to act quickly so no one gets access to my money. So to limit the damage I act rashly, giving people the ability to do exactly the sort of damage I’m looking to mitigate. I’ve made better decisions.

Okay, back to the story, what did I do next? I closed out of that window. I opened another window, went to PayPal.com in that window, logged in, and changed my password. There’s still a great deal more risk than I would like in the minute the bad guys had my active password. Still, locking them out helps mitigate damage. If they didn’t act immediately then they won’t get very far with a no-longer-useful password. Next, I reported a security issue to PayPal. They had a chat-bot which confirmed for me that the email didn’t originate with them. It also let me know that, thanks to the ‘rona, they’re understaffed and it’d be several hours before a real live person would be able to talk with me. Guess it’s a propitious time to go a-hackin’.

What happens next? I don’t know. If they managed to do something nefarious to my computer simply by my clicking the link (which is possible), then I’m going to run into more complications as time goes by. Next possibility, they had a program set up to take the credentials immediately and mess with my PayPal account. That would be pretty bad, but having alerted PayPal to an issue I can at least hope they shut down any fraudulent transactions with a vengeance. Financial institutions don’t like getting scammed any more than I do. What I think is most likely to happen is nothing at all. That’s the outcome I’m hoping for. That would mean that the hacker didn’t build a complex and automatic response to my stupidity; they’re just gathering information that will be used at a different time. In which case they’ve got my login, a password that’s no longer useful anywhere, and two attempts at a captcha. That ain’t much.

What can we learn from this sordid episode? One, it happened to me. I know how this stuff works; I flatter myself that I could craft a better phishing email than the dastard who hooked me. But they still got me. Anyone can fall for this stuff, so prepare your defenses in depth. I wrote out my mistakes and what I ought to have done so that you can see and be warned by them. And remember that the Good Lord has the last word on cybersecurity.

Two, don’t be afraid to talk about it. Phishers and con artists rely on marks who haven’t heard their line before. A sucker who knows that you don’t own the Brooklyn Bridge won’t buy it from you, now will he? So I’m admitting to getting stung, in detail, in the hopes that it’ll make this particular nogoodnik’s life of crime less profitable.

And three, a quick note about cybersecurity. The dirty secret of the whole profession is that you don’t have to outrun the bear. You just have to outrun the slowest hiker. In this case I’m pinning my hopes on the probability that this particular phisher has other suckers on the line who didn’t react quite as quickly as I did. If he can filet the other suckers than he can continue on fat and happy without giving me a second thought. If he has to deal with smart targets the hacker is going to get hungry, which means he’ll have to up his game into the more dangerous (but more difficult) automated responses I mentioned up above.

And that, ladies and gentlemen, is as far as I can take this story at the moment. Hopefully you’ll never hear about my bank account being drained, my secrets being published on an .onion site, and how Rick Astley is never gonna give you up. I’ll just have to wait and see.

Published in Science & Technology
Like this post? Want to comment? Join Ricochet’s community of conservatives and be part of the conversation. Get your first month free.

There are 31 comments.

Become a member to join the conversation. Or sign in if you're already a member.
  1. Sandy Member

    Quick thinking, and good advice. I get lots of messages telling me my Apple and Paypal accounts have been shut down—they seem to be favorites. After reading one or two of these, I assumed they were all rotten. Without further evidence, I’ve decided that any email saying that an account has been shut down is phishing. Am I wrong? In any case, it’s easy enough to check to see where the email is actually coming from or maybe just to open the supposedly shut-down account. If I have time, I like to look at the details of the message to see where they made errors. There are always errors.

    • #1
    • April 30, 2020, at 9:36 AM PDT
    • 5 likes
  2. RightAngles Member

    I got that email the other day, and you will be totally embarrassed when I tell you that this is what I did with it:
    ……………………………………………………

    • #2
    • April 30, 2020, at 9:42 AM PDT
    • 3 likes
  3. Matt Balzer, Imperialist Claw Member

    Hank Rhody, Badgeless Bandito: This game is not nearly as popular as I’d expect. It’s called “What did Hank do Wrong?”

    I bet it’s still more popular than you would like.

    I got one of those too. I was with you up until between steps 3 and 5. I went into the email, read it and remembered to check the link. Apparently the tedious training they made us do paid off. So far at least.

    • #3
    • April 30, 2020, at 9:58 AM PDT
    • 7 likes
  4. DrewInWisconsin Doesn't C… Coolidge

    I got one from Wells Fargo yesterday about problematic transactions on my account.

    Which would have got my attention if I actually banked with Wells Fargo.

    • #4
    • April 30, 2020, at 10:14 AM PDT
    • 15 likes
  5. Stad Thatcher

    I’ve been getting e-mails supposedly from a couple of my old friends in Raleigh, but they deny sending them. For example, the subject line will be something like Fwd: From Joe Smith. When you open it, a line says something like From: <Joe Smith>, and the text below says, “I’ve been meaning to send you this: [with a link].

    The link usually ends in something weird like “.INFO”. When you go into the e-mail properties, you see the return address is from some person @college name.edu – no doubt a fake person using a real college’s web address (or spoofing it).

    No wonder one of my friends at work thinks identity thieves should get the death penalty . . .

    • #5
    • April 30, 2020, at 10:39 AM PDT
    • 7 likes
  6. Miffed White Male Member
    Miffed White Male Joined in the first year of Ricochet Ricochet Charter Member

    DrewInWisconsin is done with t&hellip; (View Comment):

    I got one from Wells Fargo yesterday about problematic transactions on my account.

    Which would have got my attention if I actually banked with Wells Fargo.

    I get those four or five times a week. I don’t use Wells Fargo either.

    My general rule of thumb is to ignore *all* emails from any financial institution. Pretty much the only ones that are legitimate are the ones either trying to sell me something (which I don’t really care about), or telling me that my latest statement is available (which I don’t need an email to know about, since they’re on a schedule).

     

     

     

    • #6
    • April 30, 2020, at 10:45 AM PDT
    • 6 likes
  7. Miffed White Male Member
    Miffed White Male Joined in the first year of Ricochet Ricochet Charter Member

    The one piece of advice that @hankrhody missed is to enable two-factor authentication (if available) on any financial accounts. That’ll get you a text message if anybody tries to log into your account from an unauthorized computer.

     

     

    • #7
    • April 30, 2020, at 10:47 AM PDT
    • 9 likes
  8. Stad Thatcher

    Miffed White Male (View Comment):

    DrewInWisconsin is done with t&hellip; (View Comment):

    I got one from Wells Fargo yesterday about problematic transactions on my account.

    Which would have got my attention if I actually banked with Wells Fargo.

    I get those four or five times a week. I don’t use Wells Fargo either.

    My general rule of thumb is to ignore *all* emails from any financial institution. Pretty much the only ones that are legitimate are the ones either trying to sell me something (which I don’t really care about), or telling me that my latest statement is available (which I don’t need an email to know about, since they’re on a schedule).

     

     

     

    I love the ones from the “Windows Team” telling me my Windows 10 is corrupted. I want to e-mail back and say, “Of course it’s corrupted – it’s from Microsoft!”

    • #8
    • April 30, 2020, at 10:48 AM PDT
    • 13 likes
  9. Hank Rhody, Badgeless Bandito Contributor

    Sandy (View Comment):
    There are always errors.

    You’re right, and that worries me. Note that paragraph about being the second slowest runner. When the phisher can’t make a living with bad spelling and worse grammar then he’ll have to improve. and these will be harder to spot.

    • #9
    • April 30, 2020, at 11:01 AM PDT
    • 4 likes
  10. Arthur Beare Member

    My address book contains about 30 entries beginning ”Abuse @ . . . “ & I always report these things. I have even tried to contact college IT groups when the link or origin ends in”.edu”, which is fairly common (3-8%), and more difficult than you might think.

     

     

    • #10
    • April 30, 2020, at 11:04 AM PDT
    • 5 likes
  11. Hank Rhody, Badgeless Bandito Contributor

    Matt Balzer, Imperialist Claw (View Comment):

    Hank Rhody, Badgeless Bandito: This game is not nearly as popular as I’d expect. It’s called “What did Hank do Wrong?”

    I bet it’s still more popular than you would like.

    I can handle that, it’s just difficult when they’re playing the team sport variant.

    I got one of those too. I was with you up until between steps 3 and 5. I went into the email, read it and remembered to check the link. Apparently the tedious training they made us do paid off. So far at least.

    Yeah. I usually spot these too. It’s just that some times you end up winning the Spanish National Lottery.

    • #11
    • April 30, 2020, at 11:12 AM PDT
    • 3 likes
  12. Hank Rhody, Badgeless Bandito Contributor

    Miffed White Male (View Comment):

    The one piece of advice that hankrhody missed is to enable two-factor authentication (if available) on any financial accounts. That’ll get you a text message if anybody tries to log into your account from an unauthorized computer.

    It’s good advice, with the caveat that you don’t want to use your phone as a second factor if you’re also banking over your phone. That leaves you in a pretty sour position if someone gets ahold of your cellphone.

    • #12
    • April 30, 2020, at 11:26 AM PDT
    • 2 likes
  13. Matt Balzer, Imperialist Claw Member

    Hank Rhody, Badgeless Bandito (View Comment):
    It’s just that some times you end up winning the Spanish National Lottery.

    That must be my $400 now!

    • #13
    • April 30, 2020, at 11:56 AM PDT
    • 3 likes
  14. Belt Member

    One other suggestion. Make it a habit of never clicking on a link from a ‘notification’ email, even if it’s from a legitimate source. Go to the company’s website directly and use their logon. If the email is legitimate, you can take care of it from there. If not, you’ll figure out that they’re scamming you.

    By changing your password, you’re probably okay. But if you use that, or a similar password for any other service, change it there as well. Once the scammer gets your logon credentials for one service, they’ll try a bunch of other services just to see if they can get in those as well.

    • #14
    • April 30, 2020, at 1:41 PM PDT
    • 8 likes
  15. Hank Rhody, Badgeless Bandito Contributor

    Belt (View Comment):
    By changing your password, you’re probably okay. But if you use that, or a similar password for any other service, change it there as well. Once the scammer gets your logon credentials for one service, they’ll try a bunch of other services just to see if they can get in those as well.

    This was a randomized password saved in a password manager. It’s plenty unique. 

    • #15
    • April 30, 2020, at 2:03 PM PDT
    • 4 likes
  16. Basil Fawlty Member
    Basil Fawlty Joined in the first year of Ricochet Ricochet Charter Member

    Hank Rhody, Badgeless Bandito (View Comment):
    It’s plenty unique. 

    They’re the best.

    • #16
    • April 30, 2020, at 3:00 PM PDT
    • 2 likes
  17. Basil Fawlty Member
    Basil Fawlty Joined in the first year of Ricochet Ricochet Charter Member

    In this day and age, any good email provider should have caught it in their spam filter.

    • #17
    • April 30, 2020, at 3:14 PM PDT
    • 3 likes
  18. RushBabe49 Thatcher

    I also got one from Wells Fargo, and due to all the publicity they are getting lately, they are the last bank I would ever consider doing business with. I have never in all my 71 years had anything to do with Wells Fargo.

    • #18
    • April 30, 2020, at 4:32 PM PDT
    • 4 likes
  19. Basil Fawlty Member
    Basil Fawlty Joined in the first year of Ricochet Ricochet Charter Member

    RushBabe49 (View Comment):

    I also got one from Wells Fargo, and due to all the publicity they are getting lately, they are the last bank I would ever consider doing business with. I have never in all my 71 years had anything to do with Wells Fargo.

    I’ve listened to many tales of Wells Fargo.

    • #19
    • April 30, 2020, at 4:50 PM PDT
    • 3 likes
  20. RushBabe49 Thatcher

    You would not believe what just hit my inbox at a separate email address I use for my business survey. This is about as funny as it gets! Ooooh, I’m just quaking in my boots!

    YourmpasswordLisYxxxxx,MICneedtyouri100L%OattentionzforlthevtheqnextWTwenty-fourVhrs,BorVIlwillMcertainlyDmakeYsureayoutthatRyouWliveFoutSofIembarrassmentbforNthelrestfofhyourKexistence.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Helloethere,fyouSdoOnotdknowhmelpersonally.sYetKIhknowfnearlyYanythingsconcerningVyou.mAlliofjyournfacebookccontactylist,KphoneicontactsGalongWwithxallstheHvirtualUactivityvinJyourNcomputerYfromLpastn184zdays.z
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Including,XyourUmasturbationGvideo,WwhichvbringslmebtoftheamaincreasonTwhyuIjamUwritingSthislmailPtonyou.e
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WellrtheTlastWtimeyyouDwentgtolseeethejsexuallyugraphicgwebpages,umyAmalwarejwasNactivatedginsideWyourYcomputerNsystemIwhichDendedEupQrecordingDaebeautifulEfootagenofOyourLmasturbationVplayLbystriggeringcyourowebMcamera.w
    (youZgotaaxincrediblynweirdepreferenceIbyfthefwayulol)B
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IPhavejtheufullFrecording.ZIfYyouYthinkQIQamVfoolingJaround,xjustTreplyE‘proof’dandfICwillUbeSforwardingUtheXrecordingjrandomlyztoU11ppeopleRyoudknow.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItScouldKendDupubeingnyourcfriend,GcoOworkers,iboss,uparentsP(Ifdon’tdknow!dMyzsystembwillWrandomlympickCthewcontacts).
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WillTyouDbecablectoblookLintoIanyone’sceyestagaintafterfit?VIequestionMthat…
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    However,titldoesJnotXneedrtoJbeSthathway.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItwouldKlikektogmakegyouEaU1htime,Enonjnegotiablejoffer.y
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Getp0.3KBTCyandzsendTitutoBtheldownLbelowCadd ress:

    1MiKWwKnDCLo8unzjKMBeRVHXBd8a17**Pji
    [CASE-SENSITIVEsowcopyH&Spasteqit,wandqremovel**Gfrom it]
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    (IfWyoumdoBnotwunderstandyhow,blookupkhowztoqacquirexBTC.xDoJnotVwasteGmytvaluablentime)
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IfayouxsendpthisRparticularX‘donation’V(let’sZcallUthiscthat?).GAftervthat,JITwillfdisappearIandwnevergeverKmakeRcontactHwithzyoupagain.WIUwillkeliminatezeverythingoILhavelinRrelationftooyou.IYouMmayZcontinueNlivinggyourqordinarywdayxtoGdayrliferwithmzeroHconcerns.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    You’veG24nhoursAtoBdoDso.UYourHtimeqwillPbeginwasTsoonSyouugoFthroughJthisQmail.GIlhaveganKuniqueyprogramicodevthatmwillbalertSmegonceqyouhseerthisUmailDsogdon’tntryetoEactPsmart.

    • #20
    • April 30, 2020, at 5:00 PM PDT
    • 5 likes
  21. Basil Fawlty Member
    Basil Fawlty Joined in the first year of Ricochet Ricochet Charter Member

    RushBabe49 (View Comment):

    You would not believe what just hit my inbox at a separate email address I use for my business survey. This is about as funny as it gets! Ooooh, I’m just quaking in my boots!

    YourmpasswordLisYxxxxx,MICneedtyouri100L%OattentionzforlthevtheqnextWTwenty-fourVhrs,BorVIlwillMcertainlyDmakeYsureayoutthatRyouWliveFoutSofIembarrassmentbforNthelrestfofhyourKexistence.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Helloethere,fyouSdoOnotdknowhmelpersonally.sYetKIhknowfnearlyYanythingsconcerningVyou.mAlliofjyournfacebookccontactylist,KphoneicontactsGalongWwithxallstheHvirtualUactivityvinJyourNcomputerYfromLpastn184zdays.z
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Including,XyourUmasturbationGvideo,WwhichvbringslmebtoftheamaincreasonTwhyuIjamUwritingSthislmailPtonyou.e
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WellrtheTlastWtimeyyouDwentgtolseeethejsexuallyugraphicgwebpages,umyAmalwarejwasNactivatedginsideWyourYcomputerNsystemIwhichDendedEupQrecordingDaebeautifulEfootagenofOyourLmasturbationVplayLbystriggeringcyourowebMcamera.w
    (youZgotaaxincrediblynweirdepreferenceIbyfthefwayulol)B
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IPhavejtheufullFrecording.ZIfYyouYthinkQIQamVfoolingJaround,xjustTreplyE‘proof’dandfICwillUbeSforwardingUtheXrecordingjrandomlyztoU11ppeopleRyoudknow.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItScouldKendDupubeingnyourcfriend,GcoOworkers,iboss,uparentsP(Ifdon’tdknow!dMyzsystembwillWrandomlympickCthewcontacts).
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WillTyouDbecablectoblookLintoIanyone’sceyestagaintafterfit?VIequestionMthat…
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    However,titldoesJnotXneedrtoJbeSthathway.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItwouldKlikektogmakegyouEaU1htime,Enonjnegotiablejoffer.y
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Getp0.3KBTCyandzsendTitutoBtheldownLbelowCadd ress:

    1MiKWwKnDCLo8unzjKMBeRVHXBd8a17**Pji
    [CASE-SENSITIVEsowcopyH&Spasteqit,wandqremovel**Gfrom it]
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    (IfWyoumdoBnotwunderstandyhow,blookupkhowztoqacquirexBTC.xDoJnotVwasteGmytvaluablentime)
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IfayouxsendpthisRparticularX‘donation’V(let’sZcallUthiscthat?).GAftervthat,JITwillfdisappearIandwnevergeverKmakeRcontactHwithzyoupagain.WIUwillkeliminatezeverythingoILhavelinRrelationftooyou.IYouMmayZcontinueNlivinggyourqordinarywdayxtoGdayrliferwithmzeroHconcerns.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    You’veG24nhoursAtoBdoDso.UYourHtimeqwillPbeginwasTsoonSyouugoFthroughJthisQmail.GIlhaveganKuniqueyprogramicodevthatmwillbalertSmegonceqyouhseerthisUmailDsogdon’tntryetoEactPsmart.

    Seems legit.

    • #21
    • April 30, 2020, at 5:07 PM PDT
    • 4 likes
  22. Jack Shepherd Coolidge

    DrewInWisconsin is done with t&hellip; (View Comment):

    I got one from Wells Fargo yesterday about problematic transactions on my account.

    Which would have got my attention if I actually banked with Wells Fargo.

    Hey, I’ve never chosen to bank with Wells Fargo. Yet somehow I still ended up with a checking account there in 1996.

    • #22
    • April 30, 2020, at 6:32 PM PDT
    • 4 likes
  23. Nick H Coolidge

    Another cybersecurity tip: Sign up for alerts at https://haveibeenpwned.com/ to see if your email or account information has shown up in any recent data breaches. Sometimes companies aren’t very forthcoming about when they’ve been hacked (I can’t imagine why) so you might not know that you need to be changing your passwords.

    • #23
    • April 30, 2020, at 8:04 PM PDT
    • 5 likes
  24. RightAngles Member

    RushBabe49 (View Comment):

    You would not believe what just hit my inbox at a separate email address I use for my business survey. This is about as funny as it gets! Ooooh, I’m just quaking in my boots!

    YourmpasswordLisYxxxxx,MICneedtyouri100L%OattentionzforlthevtheqnextWTwenty-fourVhrs,BorVIlwillMcertainlyDmakeYsureayoutthatRyouWliveFoutSofIembarrassmentbforNthelrestfofhyourKexistence.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Helloethere,fyouSdoOnotdknowhmelpersonally.sYetKIhknowfnearlyYanythingsconcerningVyou.mAlliofjyournfacebookccontactylist,KphoneicontactsGalongWwithxallstheHvirtualUactivityvinJyourNcomputerYfromLpastn184zdays.z
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Including,XyourUmasturbationGvideo,WwhichvbringslmebtoftheamaincreasonTwhyuIjamUwritingSthislmailPtonyou.e
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WellrtheTlastWtimeyyouDwentgtolseeethejsexuallyugraphicgwebpages,umyAmalwarejwasNactivatedginsideWyourYcomputerNsystemIwhichDendedEupQrecordingDaebeautifulEfootagenofOyourLmasturbationVplayLbystriggeringcyourowebMcamera.w
    (youZgotaaxincrediblynweirdepreferenceIbyfthefwayulol)B
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IPhavejtheufullFrecording.ZIfYyouYthinkQIQamVfoolingJaround,xjustTreplyE‘proof’dandfICwillUbeSforwardingUtheXrecordingjrandomlyztoU11ppeopleRyoudknow.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItScouldKendDupubeingnyourcfriend,GcoOworkers,iboss,uparentsP(Ifdon’tdknow!dMyzsystembwillWrandomlympickCthewcontacts).
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    WillTyouDbecablectoblookLintoIanyone’sceyestagaintafterfit?VIequestionMthat…
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    However,titldoesJnotXneedrtoJbeSthathway.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    ItwouldKlikektogmakegyouEaU1htime,Enonjnegotiablejoffer.y
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    Getp0.3KBTCyandzsendTitutoBtheldownLbelowCadd ress:

    1MiKWwKnDCLo8unzjKMBeRVHXBd8a17**Pji
    [CASE-SENSITIVEsowcopyH&Spasteqit,wandqremovel**Gfrom it]
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    (IfWyoumdoBnotwunderstandyhow,blookupkhowztoqacquirexBTC.xDoJnotVwasteGmytvaluablentime)
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    IfayouxsendpthisRparticularX‘donation’V(let’sZcallUthiscthat?).GAftervthat,JITwillfdisappearIandwnevergeverKmakeRcontactHwithzyoupagain.WIUwillkeliminatezeverythingoILhavelinRrelationftooyou.IYouMmayZcontinueNlivinggyourqordinarywdayxtoGdayrliferwithmzeroHconcerns.
    survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl survey-ismww 2ndFidl
    You’veG24nhoursAtoBdoDso.UYourHtimeqwillPbeginwasTsoonSyouugoFthroughJthisQmail.GIlhaveganKuniqueyprogramicodevthatmwillbalertSmegonceqyouhseerthisUmailDsogdon’tntryetoEactPsmart.

    OMG Hahahaha!

    • #24
    • April 30, 2020, at 8:36 PM PDT
    • 1 like
  25. RightAngles Member

    I got the most generous email from an actual princess! In Nigeria! She said her husband (the Prince) had to flee the country in haste, and that she will wire his entire $3 million fortune to me tomorrow! All she needs is for me to wire her $3,000 today so that she can flee and join him in hiding so they won’t be killed.

    People are so nice!

    • #25
    • April 30, 2020, at 8:39 PM PDT
    • 7 likes
  26. Stad Thatcher

    RightAngles (View Comment):

    I got the most generous email from an actual princess! In Nigeria! She said her husband (the Prince) had to flee the country in haste, and that she will wire his entire $3 million fortune to me tomorrow! All she needs is for me to wire her $3,000 today so that she can flee and join him in hiding so they won’t be killed.

    People are so nice!

    Clearly a phony e-mail scam. If it was real the Princess would say, “Wire me $3000 today so I can flee into hiding so only my husband gets killed.”

    • #26
    • May 1, 2020, at 6:29 AM PDT
    • 6 likes
  27. Full Size Tabby Member

    Related to tip (“error”) #5 in the OP, I have often noticed that in a phishing or scam email, an entire block of text plus the logo is an active link, rather than just the specific blue underlined text as though to get the logo to look legitimate the scammers had to make the logo and the text as a single graphic. Or they do it because even if the reader is trying to avoid the apparent link in the text the reader may still click somewhere else on the page and accomplish the scammer’s objective. 

    • #27
    • May 1, 2020, at 7:37 AM PDT
    • 5 likes
  28. Randy Weivoda Moderator
    Randy Weivoda Joined in the first year of Ricochet Ricochet Charter Member

    Basil Fawlty (View Comment):

    RushBabe49 (View Comment):

    I also got one from Wells Fargo, and due to all the publicity they are getting lately, they are the last bank I would ever consider doing business with. I have never in all my 71 years had anything to do with Wells Fargo.

    I’ve listened to many tales of Wells Fargo.

    I’ve never had an account there, but have dealt with them when one of their customers wrote some bad checks to my parents’ company. Talk about difficult to deal with. I have never hated a bank before, but they taught me to hate Wells Fargo. My parents’ business now has a sign over the front desk saying we won’t accept checks drawn from Wells Fargo. Every customer who has asked about the sign has their own stories about Wells Fargo.

    • #28
    • May 1, 2020, at 10:55 AM PDT
    • 3 likes
  29. Henry Racette Contributor

    Great post, Hank. I think you hit all the points, and in particular #5: whenever anything of value is involved, check the website link before clicking on it.

    I also have received the Nigerian Prince email. It’s a scam: the last one I got promised me 20% of 18 million, but by the time it was all said and done I got less than $800,000 deposited to my account. I considered complaining about it to the Better Business Bureau, but I’m a soft touch, and they told me such a sob story that I completely caved: now half the late Prince’s family is sleeping on my sofa.

    • #29
    • May 1, 2020, at 11:44 AM PDT
    • 6 likes
  30. TBA Coolidge
    TBA

    Stad (View Comment):

    RightAngles (View Comment):

    I got the most generous email from an actual princess! In Nigeria! She said her husband (the Prince) had to flee the country in haste, and that she will wire his entire $3 million fortune to me tomorrow! All she needs is for me to wire her $3,000 today so that she can flee and join him in hiding so they won’t be killed.

    People are so nice!

    Clearly a phony e-mail scam. If it was real the Princess would say, “Wire me $3000 today so I can flee into hiding so only my husband gets killed.”

    Also, I have been assured by my grand daughter that real princesses sign off with ‘MWAH!’ 

    • #30
    • May 1, 2020, at 4:13 PM PDT
    • 4 likes