Local governments are big targets. Our IT Director clues us into how sophisticated hackers are getting. They know who deals with finances and critical systems. And they are constantly pinging the firewall.
Not long ago, a coworker got an invoice from a vendor he deals with all the time. Clicked on it and realized it was malicious. They were able to isolate it because he immediately unplugged his computer from the wall and network. But there are stories of localities being completely taken down by such things. And the virus lies dormant for months before activating. That way once they corrupt the system, all the backups are likely corrupt too.
Barbara Corcoran was able to get her $$ back. Others should only be so lucky.
My DH’s company also sends out periodic test phishing emails (I think form HR but not sure who initiates them as he isn’t home at the moment). He’s apparently been pretty good at catching them. But not everyone has. They hear back when they screw up.
When I was still working, I got one of those emails. It looked legit and it told me to click on a link to confirm something or other. When I did, I got a VERY BIG message from our IT department shaming me. I really learned my lesson from that. I’ve been very very careful since then.
I’m on the Board of Directors of our state’s structural engineering association. The names and email addresses of the Directors are on our website. I got an email supposedly from the group’s President, asking me to process a payment for a vendor. I thought it was legitimate until he asked me to wire it. Yeah, right!
Telephone calls also. I got a call at work today from my medical insurance asking me if I have medicare or medicaid. I had them repeat it. Apparently trying to scam some senior citizens. I asked them if they meant to call the Prosecutors Office (which is where I work). They hung up on me before I even finished the sentence.
Were you able to forward the message? I get those frequently. I used to just forward it to Apple. Now, they got so sophisticated and I can’t forward it without modifying the origin address. I tell Apple what I changed so that they can reconstruct.
They’re getting more clever, and sometimes these emails are legitimate. Unless you have a trained eye, it’s hard for the average person to tell the difference between a fake web address and a real one. If you’ve already clicked on it, then just put in a ridiculous username and password–something you know is made-up. If it “logs you in” it’s a sure bet the website is phony. If it says “invalid password,” then change that to another ridiculous username and password. If it won’t log you in, then chances are, the website is real. Call the company first to confirm.
@deb922 Do you mind sharing what email you use? Mine is Microsoft and it wouldn’t deliver without modification. It comes back as “undeliverable”. Yes, reportphishjing is where I forward. It never gets there unless I change a few things in the sender’s address.
Thought of this thread when I received a messages saying they detected fraudulent activity related to my paypal account. I don’t think I have a paypal account, so I find this odd. This is the e-mail address it came from message-431_east@post.co. I assume it’s bogus.
Side issue: Not sure how it happened, but one of DH’s credit cards got compromised yesterday. Fortunately the company caught it and texted me (no he did not buy gas at a Pilot gas station in Yuma, Arizona yesterday). Not sure how they got it since he last used it Feb. 17 at a local costco gas station (don’t think there was a skimmer on the machine, as there was also an attendant walking around, but who knows) He did pay for a 5K on line through some company called “enmotive event” a few days before that. Well good news is they didn’t allow the charge and the card is now cancelled. Replacement will arrive tomorrow. No harm done. Just a tad worrisome and unsettling.
Thanks for this guys. Had someone from Vietnam make repeated attempts to get into my main email account. As it is my main account, I knew there had been no false attempts to open it which needed the enclosed “verification code,” to be entered by the link provided in the email.
I could not find a way to report the email as a phishing email, differentiated from being a spam email, though.
I get several of those apple phishing emails a week. They are relentless! Imagine what they could do if they used that energy for good.
I don’t know about sending them straight to hell, but I’d be up for them getting their hands slammed in the pearly gates
