Request for PSA: Tell Us About Common Phish/Scams
 

A friend just got phish/scammed, he thinks. He was waiting for an early morning Lyft to the airport for his trip to Chile, Lyft (supposedly) texted that he'd get a verification code tested to him and asking for it, he complied, and then realized something wasn't right and has been frantically changing passwords at the airport while about to fly out of the country for 3 weeks. Ugh.

So this has me thinking - can those of you who are savvy to this stuff warn the rest of us about the common phish/scam schemes that are out there? Call it a PSA.

Never click a link that is emailed or texted to you. Only if a trusted friend has told you he is sending a link for you.

Go to the web site directly and log in normally. Then look for what the link was about.

What Glen said. However frustrating it is dealing with different requirements for passwords, it’s better than the alternative.

While I’m convinced that the breech was in the State Unemployment Office and no in the OP, it’s disconcerting to get notices in the mail that unemployment benefits have been applied for in my name and approved. Then a debit card showing up a few days later.


Sent from my iPhone using Tapatalk

As well always use MFA on every site you log into.

That was smishing, SMS phishing, tough when you are expecting a text, but you should respond with another method such as calling or via their website.

We run phishing tests for our clients and some of the emails are nearly impossible to tell they are fake, bad guys are really good now. Smishing is for the lazy hackers.

NEVER click on attachments.

As a contracted employee of a major energy Corp working on cybersecurity mitigation for them, I get sent phish e-mails a lot. If I don't catch it and fall for it, I'm "couched and counseled" and given only one more chance to fail and out the door.
Haven't got tricked yet, they are very deceptive.

Reality is every mouse click counts.

A local restaurant got a text message saying that there account had been hacked.
Apparently looked very official. The text recommended they transfer funds into a
new account, by text. They did and got scammed for $ 85,000.00. Money's gone.
Never transfer by text to anything remotely similar. If there is a question, pull your
bank statement out and call the banks listed phone number for information.

My Son is cybersecurity for a major shipping container corporation. He was in New Jersey all of last week and now this week working with DHS and Marshalls on ransomware that popped up on the one year anniversary of the Ukraine invasion. They thought it was Russia but turned out to be China.

He is constantly sending out "test emails" and counseling those employees that click on them.

It's fools like this that make it so easy for scammers to separate people from their money :rolleyes:

"There's a sucker born every minute" - P.T. Barnum

What do you all think about using an authentication app for MFA, instead of SMS? Recommended one? iPhone, iOS, and Win 10 user.

We use Office 365 and Outlook as our email. Microsoft Authenticater app is required on my iPhone to set things up or make changes to the account. It is sort of a pain in the butt to go through the steps just to change an account setting. I can't see how a hacker could change my email when I have several hoops to jump through as administrator.

And long passwords. Annoyingly long complex passwords with lots of upper and lower case and numbers and symbols.

I got this email today and thought I'd post it.
Go here for more info - https://www.ssa.gov/scam/
http://forums.pelicanparts.com/uploa...1678294617.jpg

Deepfakes only need a few photos or seconds to be able to impersonate another person.

https://www.makeuseof.com/how-to-use-deepfakes-how-they-can-be-misused/
Deepfakes can also be used in identity theft. This is a very common form of cybercrime that malicious actors use to steal data and funds and is now made more accessible in certain situations using deepfakes.

https://metro.co.uk/2022/10/21/deepfake-porn-takes-seconds-to-make-but-can-wreck-lives-17605029/
Kate believes that she was targeted due to the incredible work she had achieved two years earlier with her hugely successful #NotYourPorn movement, which was successful in the removal of 10 million non-consenual and child pornogrophy videos on adult platform Pornhub.

Just got a call from someone claiming to be with Customs, "Are you expecting any packages from Mexico?"

"No"

"We intercepted a suspicious package addressed to you"

No idea what that is all about.

Come on, we know you ordered some human feet from Mexico on the sly. Transplants are transplants, and now they won't have to worry about tan lines from socks. (that's probably not PC).

texts purportedly from FEDEX and UPS........ "undeliverable packages".

ALWAYS bull cuka!

NO BANK OR GOVERNMENT agency ever contacts you by text or email or a phone call.

And if they do........ well still, ignore it, every single time.

I got a phone call scam that the caller ID identifying it as from the local sheriff’s dept. That said I had outstanding warrants and I had to buy gift card at Walgreens to settle it out they will come arrest me. I started laughing and told them to bring it and bring the full SWAT unit as I wool make it look like Waco raid.

Are you kidding me! I’m not clicking on that link!😂

All your base are belong to us unless you go buy Walgreens gift cards and read the numbers to me over the phone right now after clicking this link.

http://FBI.sendmemoney&letmeintoyourcomputerinNigeria.com

Posted a car for sale on Facebook Marketplace this morning (first time doing so).

Within an hour I get a PM asking if it's still available.

Me: Yes

buyer: What's your phone number so we can discuss?

Me: xxx-xxx-xxx (I gave them my cell number)

I notice it's now a group message with someone else added

Them: I sent you a code to prove your real. Reply with a screenshot of the code.

I get some weird google code popup on my cell.

Them: hello, please reply
Them: please

I blocked and reported them