Online Security
 

Someone I know invited me to a party via an online eCard..

“Click on this link to view invitation.”

When I click the link I get this screen, asking me to log in via my email address and my email password. In other words to view the invitation I provide my email address AND my login information.

Yea not going to happen.

http://forums.pelicanparts.com/uploa...1753712114.jpg

I find a link for Help, inform the company I would like to see the invitation without providing personal information. They then proceed to send me the SAME link which requires my email address and password. To make things even more ridiculous they then send a survey “How did our company do in resolving your problem?”

I cannot imagine any sensible person would provide their email address and password to view a party invitation.

Am I all by myself on this one?

so did the message headers show it came from your rriends isp, etc?

did you call your friend and ask about the party?

i would bet it is a fishibg bot ...

I'm not logging in to view an evite or eCard.

That's kind of the point. THe sender has an account, but the receiver just needs the link.

it's a scam.
look closely at the spelling.

the real site is greenenvelope and they don't require you to log in.

It's amazing how sophisticated these scams have become these days. I get them daily, wherein they appear to be from someone in my address book, someone with whom I have exchanged emails. I've long since learned to right click on the incoming address to see who is really behind it.

It is indeed elaborate, I received a return reply from”Customer Service” saying I don’t need to enter my credentials.

If it walks like a duck, quacks like a duck, it’s a duck

it also has ****ty grammar - and i didn't even register that...

"manage your online invitations and greeting card"

the missing plural is a hallmark of south asian [cough cough indian cough cough] scammers.

Good catch. "Greenenvlope" and down further, "greenvelope." I suppose most of you have seen those studies that show misspelled words that have the correct first and last letters and maybe a couple of correct letter combinations like "th" where most see the word immediately.

Aoccdrnig to a rscheearch at Cmabrigde Uinervtisy, it deosn’t mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe.

The above is extreme, of course, but it doesn't take much for one to read words as a whole.

Verified. I contacted the real Paperless Pose Company and they verified it was a phishing attempt.

So did this just look like it came from your buddy, or is your buddy's account/email compromised?

Account was compromised . . .

Do a strong scan of your computer for malware or a virus. With some emails, just clicking a link can load the virus or malware. :(

https://www.zdnet.com/article/4-ways-to-avoid-clicking-on-malicious-links-and-the-phishing-and-scams-behind-them/