I just got this email. Would somebody really fall for this?
I note the link in the email is a TinyURL link. I wonder how many legitimate bank notifications use TinyURL?
Answer: 0
Really scumbags?
- Thread starter Digerati
- Start date
I just got this email. Would somebody really fall for this?
I note the link in the email is a TinyURL link. I wonder how many legitimate bank notifications use TinyURL?
Answer: 0
BrianDrab
Emeritus
Unfortunately yes, people will fall for it. I handle the Security Awareness training for our company and can tell you that I'm shocked at what people fall for.
The link is only one part of it. The scumbags apparently used a very poor translation software. The wording doesn't even make sense.
Sysnative Windows Update
Inactive
- Oct 9, 2014
- 741
You'd be amazed at the amount I get in my GMail spam folder, but yes, people fall for these unfortunately 
At my work users usually ignore legit e-mails that we send to them but will make sure to click in every link of phishing e-mails with spelling errors and other obvious clues! :huh:
We had to change the e-mail notification about the user password that is about to expire to not include any link and only mention the service that users must use to change the password and a phone number in case they need help.
That's really what I was getting at. It seems to me, even the most newbie of newbies has heard enough about scams to recognize all that poor grammar as being suspicious - and would not fall for the click-bait.Corrine's said:
I have had similar emails about auto loans being past due - which is pretty tricky since I paid off all my loans long ago.
As for this US Bank email, I don't, and never have had any accounts with US Bank.
I know people are gullible (especially the elderly
) and I know bad guys count on that, but to Corrine's point, I really do wonder how many click on it. Of course, if they send these to 1,000,000 email accounts and only .1% click, that's still a 1000 suckers... err... victims.I keep saying, it really is all about education, education, education.
I just went through an ordeal with my bank.
I get a text message every time I log on to the bank site. About a month ago, I started getting logon text messages each day (1 per day) even though I had not logged on. I changed my password; it stopped for a few days, then started again.
The bank was of no help. Finally it stopped. Who knows what actually happened.
@ digerati - I do believe that many will fall for the email you received, unfortunately.
I get a text message every time I log on to the bank site. About a month ago, I started getting logon text messages each day (1 per day) even though I had not logged on. I changed my password; it stopped for a few days, then started again.
The bank was of no help. Finally it stopped. Who knows what actually happened.
@ digerati - I do believe that many will fall for the email you received, unfortunately.
Identifying such emails is something I pound into everyone I know. My kids, grandkids, clients and neighbors. I have also visited several seniors since they seem most gullible/trusting and are often taken advantage of. Looking out for obvious grammar and spelling errors is the first sign I tell them to look for.
I tell them to read the email out loud - the same trick I taught my kids when they were creating school or work papers. When you read it out loud, it forces your brain to not get ahead of itself and autocorrect what it sees. If there is bad grammar, or missing words or the like, it will not "sound" right when read out loud.
That said, I tell them don't bother with any email from their banks, insurance, or credit card companies - even if it reads out loud right. If they get an email, delete it, then call them up on the phone, or visit the bank by entering its regular web address in their browser to access their accounts. If the email was real and/or important, they will be able to see from there what it is about.
I tell them to read the email out loud - the same trick I taught my kids when they were creating school or work papers. When you read it out loud, it forces your brain to not get ahead of itself and autocorrect what it sees. If there is bad grammar, or missing words or the like, it will not "sound" right when read out loud.
That said, I tell them don't bother with any email from their banks, insurance, or credit card companies - even if it reads out loud right. If they get an email, delete it, then call them up on the phone, or visit the bank by entering its regular web address in their browser to access their accounts. If the email was real and/or important, they will be able to see from there what it is about.
Deejay100six
Sysnative Staff
I got a text message on my phone a while ago. It was a 'final request' from the Driver and Vehicle Licensing Agency at Swansea.
Apparently, they had been 'trying to contact me' and I should 'click below for more details'. :grin1:
The url looked very authentic, except no 's' on the end of http.........for a government website? :lol:
First of all, I googled the mobile number and got lots of hits including a comment;
Strange thing is, I still have the text on my phone but the number has changed to one for which there is no trace. :huh:
I don't expect it will be coincidence that I had visited the dvla website several times in the last few days prior to the message. :eek4:
Apparently, they had been 'trying to contact me' and I should 'click below for more details'. :grin1:
The url looked very authentic, except no 's' on the end of http.........for a government website? :lol:
First of all, I googled the mobile number and got lots of hits including a comment;
Strange thing is, I still have the text on my phone but the number has changed to one for which there is no trace. :huh:
I don't expect it will be coincidence that I had visited the dvla website several times in the last few days prior to the message. :eek4:
I got an email from "Chase" Bank today. I'm not a customer; there is no Chase Bank in my state!
The link in the email leads to a bitly url (and who knows what that is). I wanted to forward the email to the fraud dept. so they could shut down the site. Hah! All I could find was, "call us". Since I'm not a customer and have no desire to sit on hold on a Sat. morning explaining about a bogus email, I dumped the email.
At least other companies make it easy to forward an email to the fraud dept. I do that when possible.
The link in the email leads to a bitly url (and who knows what that is). I wanted to forward the email to the fraud dept. so they could shut down the site. Hah! All I could find was, "call us". Since I'm not a customer and have no desire to sit on hold on a Sat. morning explaining about a bogus email, I dumped the email.
At least other companies make it easy to forward an email to the fraud dept. I do that when possible.
This is a great guide on reporting and flagging phishing emails Decent Security
This can happen legitimately too if you have credit card hosted by Chase. And that can just be a store card too - not a regular Visa, MasterCard, American Express, etc. from a bank you have an account with.
I found this out a couple years ago with CitiBank. I suddenly got a notice welcoming me to their bank. Come to find out my Sears card I had for nearly 40 years - but hadn't used in nearly 20 years - was turned over by Sears to CitiBank and turned into a "Citi SearsCard Platinum MasterCard"! There are no CitiBank locations in my state either.
There are revealers for such shortened URLs. You can use GetLinkInfo for TinyURL, bit.ly and others. The address in that USBank email I got really went to
Code:
https://minute-personality.000webhostapp.com/bb/us/Banks, with the exception of one, don't know my email address. The one that does, addresses me by name not "Dear Customer". I also, do not click any links in the few emails I might receive from them. I always go to the bank site or the phone (copper wired land line) and log in to get information.
If an email has a shortened url, I don't waste time trying to figure it out. Legitimate companies don't shorten urls because they have nothing to hide.
The only time I go to a shortened url is from the newspaper. We get a Sunday tech column and Steve Alexander who writes it Minneapolis Star Tribune, always shortens urls.
If an email has a shortened url, I don't waste time trying to figure it out. Legitimate companies don't shorten urls because they have nothing to hide.
The only time I go to a shortened url is from the newspaper. We get a Sunday tech column and Steve Alexander who writes it Minneapolis Star Tribune, always shortens urls.
I think some might when using Twitter. But that does not affect me.
BrianDrab
Emeritus
Honestly I've never thought about this. I may give this a shot and implemenet in my training. Thanks for the tip!
You are welcome. I don't know who taught me this but it really works. Even with things like forum posts where our typing fingers often have minds of their own. Read it back silently and that void between the ears auto-corrects by automatically adding in missing words, skipping over double words, obvious misspellings or other grammatical errors like missing periods. Reading it out loud forces your mind to slow down so you can actually see and hear what you actually wrote and you will pick up most, if not all of your mistakes.
When you need to make a good impression and your paper must be perfect, for resumes or CVs when job hunting, as examples, reading it out loud is essential. It may slow down your over all progress, but sometimes it is more important to get it right than to be hasty.
For example, if you had read your reply out loud before submitting, you likely would have picked up your "implemenet" misspelling!
BrianDrab
Emeritus
:thud:
Not sure about that part...For example, if you had read your reply out loud before submitting, you likely would have picked up your "implemenet" misspelling!
Yuo’re Albe to Raed Tihs – But Only Up To A Point - Everything After Z by Dictionary.com
Has Sysnative Forums helped you? Please consider donating to help us support the site!