Phishing & Spoofing Alerts - Please Do Not Link Directly
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
You know, with all the meta data the NSA and CSEC are collecting, you'd think they could at least stop the telemarketers. That's gotta be worth some freedom.
newguy
newguy
- IdOp
- Veteran Contributor
- Posts: 3873
- Joined: 16 Feb 2006 11:27
- Location: On the Pacific sea bed, 100 mi off the CA coast.
- Contact:
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
If only all telemarketers could be made to market exclusively to each other!parvus wrote:Apparently the Indian fraud has become so familiar in Canada that Subaru marketers are taking advantage of it, having their spokespeople speak back to the Indian telemarketers to offer a deal on a car ... and saying shall I call you back at a more convenient time, like suppertime.
Quite funny!
What I did with another one of those computer scammers one time, was say "I think you're right, my computer does have a virus. When I turned it on this morning I just got a blank screen. It's really bad." Etc. Kept him on the line for 10 minutes with this stuff then finished with "So, sorry I can't go to your website and download malware."
I was wondering about that CRTC fine. Do they have any kind of jurisdiction in India? Are there some kind of international agreements on that? Or does it just look nice, but they can't make them pay? (Reminds me of the Monty Python quip about "taxing all foreigners living abroad" (in this case, fining)).
- Shakespeare
- Veteran Contributor
- Posts: 23396
- Joined: 15 Feb 2005 23:25
- Location: Calgary, AB
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Just got an e-mail purporting to be from Costco.com [first hint: not .ca] which my sorter (POPfile) classed as spam. I deleted it but looked at the sorter copy. Most likely a phishing attempt to try to get someone to click on the link describing the supposed purchase.
I checked my credit cards online to verify no unknown purchase from Costco was listed.
I checked my credit cards online to verify no unknown purchase from Costco was listed.
Sic transit gloria mundi. Tuesday is usually worse. - Robert A. Heinlein, Starman Jones
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
DW got emails from gmail yesterday and Outlook today. SPAM! Do not open.
For the fun of it...Keith
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Today I got an email that was obviously suspicious. It came with an attachment which of course I did not open. It stated that they were in possession of my bank documents/ Apart from that nothing. I was not asked to do anything. Anyhow I thought to report this to the RCMP. I could not believe it. First I had to register with something called the CAFC. Then having do=ne sop, I had to fill out a form outlining my "complaint". I did not have the ability to forward the suspect attachment???? Then having submitted whatever I could, the message and email address of the sender. I was informed that this was not an investigative destination but a database? WTF?
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I got one from CIBC. Dead giveaway as it was from their CEO. I forwarded it to fraud@cibc.ca
The first line was in CIBC Colours, and the email address was correct.
"Cibc Online Banking
Dear sucker@live.ca,
You have 1 new important message from Cibc Online Banking wich requires your immediate attention.
Use our secured link to log in directly to message center:
Victor Dodig, President and CEO."
Of course, the internet address resolved to
The first line was in CIBC Colours, and the email address was correct.
"Cibc Online Banking
Dear sucker@live.ca,
You have 1 new important message from Cibc Online Banking wich requires your immediate attention.
Use our secured link to log in directly to message center:
Code: Select all
https://www.cibc.com/en/personal-banking-messager-center/sucker@live.ca
Of course, the internet address resolved to
Code: Select all
http://crm1.solvida.lt/astum/vrigerversions.php
Last edited by kcowan on 01 Apr 2016 15:45, edited 1 time in total.
For the fun of it...Keith
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
The content of the message read as follows:
"Dear sipabit,
We obtained such documents from your bank, please view the attached documents.
Yours sincerely,
Petra Dudley
Mexico Key Account Director"
So I did not click on the attachment, but as no bank was indicated I also sent it to the Banking Association who also have no way of receiving a copy of the attachment. The email address oddly enough is Odd that the name is repeated in the email address.
"Dear sipabit,
We obtained such documents from your bank, please view the attached documents.
Yours sincerely,
Petra Dudley
Mexico Key Account Director"
So I did not click on the attachment, but as no bank was indicated I also sent it to the Banking Association who also have no way of receiving a copy of the attachment. The email address oddly enough is
Code: Select all
DudleyPetra3796@lactec.us
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Why odd? Those are throwaways. That one looks like the 3796th email address that the phony person has taken out....Maybe a few hundred thousand more. How about ?
Google lactec.us and what do you see? (Don't click on any links).
Code: Select all
DudleyPetra24967274320572750@lactec.us
Google lactec.us and what do you see? (Don't click on any links).
finiki, the Canadian financial wiki The go-to place to bolster your financial freedom
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Just received an e-mail ostensibly labeled as a receipt for purchase /rental of three movies from "apple i-tunes"
Supposedly billed to my store credit -I don't have an account with them!
There is a link which I am supposed to click on if I dispute the charge.If it was not for the fact that I have NO account with them I might have fallen for it.
Supposedly billed to my store credit -I don't have an account with them!
There is a link which I am supposed to click on if I dispute the charge.If it was not for the fact that I have NO account with them I might have fallen for it.
"I disagree strongly with what you say, but I will defend to the death your right to say it."
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I get one of those supposedly Apple Store ones about once a month.
finiki, the Canadian financial wiki The go-to place to bolster your financial freedom
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Yes but who would be so stupid as to try it on April Fools DayAltaRed wrote:I get one of those supposedly Apple Store ones about once a month.
"I disagree strongly with what you say, but I will defend to the death your right to say it."
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I suppose I was not clear. I got a suspicious email, I tried to report it, and there is no one to whom I can report. What does this say about our level of security in our banks, servers, national police? etc.
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I send it totedster wrote:I suppose I was not clear. I got a suspicious email, I tried to report it, and there is no one to whom I can report. What does this say about our level of security in our banks, servers, national police? etc.
info@antifraudcentre.ca unless I have a more relevant destination.
For the fun of it...Keith
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I sent it to them, thanks.
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
It's a waste of time to report these to any agency. Think about it, has it slowed them down any? Years ago I used to fwd them to RBC? I think as they're the only ones who ever sent an automated thank you.
The best solution is to report them to your email provider. GMail knows about all of them and I never even see them. The reason to check your spam folder and make sure they're all marked correctly is to improve their algorithm for phishing, spam and legit emails. I used to get french emails marked as spam, but it's since improved.
newguy
The best solution is to report them to your email provider. GMail knows about all of them and I never even see them. The reason to check your spam folder and make sure they're all marked correctly is to improve their algorithm for phishing, spam and legit emails. I used to get french emails marked as spam, but it's since improved.
newguy
- Bylo Selhi
- Veteran Contributor
- Posts: 29494
- Joined: 16 Feb 2005 10:36
- Location: Waterloo, ON
- Contact:
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
+1newguy wrote:It's a waste of time to report these to any agency.
In this case ignore-ance (as opposed to ignorance) is bliss.
The best solution is to learn how to recognize this kind of stuff and ignore it. Don't even open it unless the sender seems familiar. And if you do, don't click on anything. I don't understand why people find this so difficult to do. Do they really think someone they don't know is trying to give then something. Really? People need to be educated about that?The best solution is to report them to your email provider.
Even if you do recognize the sender—after all if a bank phisher sends out e-mails to as many e-mail addresses with Canadian domains as it can—chances are about 1 in 5 that you have an account with that bank. So even if you think that e-mail might be legit, still don't click on anything in that e-mail. Login to that bank's website using your normal procedure and see if the action the e-mail wanted you to take is really required. But again, no bank or other legitimate enterprise is going to ask you to click on an e-mail link and start typing personal information.
Another reason to check the spam folder is that sometimes a legitimate e-mail gets classified as spam by error. This is most common when you first register for something and get a confirmation e-mail. In those cases you know you just registered so the chances a phishing e-mail from the same organization arrives at the same time is highly unlikely.GMail knows about all of them and I never even see them. The reason to check your spam folder and make sure they're all marked correctly is to improve their algorithm for phishing, spam and legit emails.
Sedulously eschew obfuscatory hyperverbosity and prolixity.
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
It's the one thing you/we can do to help others who can't recognize it. The email provider will put an alert or place it in the spam folder if enough people report it.Bylo Selhi wrote:The best solution is to learn how to recognize this kind of stuff and ignore it.The best solution is to report them to your email provider.
Actually this is by design. Someone could probably make an email that would initially trick even you. The point is to screen out the intelligent and make sure only complete idiots respond to the email. That way they waste less time trying to fleece someone who will get suspicious.I don't understand why people find this so difficult to do. Do they really think someone they don't know is trying to give then something. Really? People need to be educated about that?
So if you want to help the less fortunate/intelligent with their finances you can report phishing emails.... next is doing something about lotteries
newguy
- Bylo Selhi
- Veteran Contributor
- Posts: 29494
- Joined: 16 Feb 2005 10:36
- Location: Waterloo, ON
- Contact:
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
You can be sure that 1,000s of others have already reported this. (Cue the, "yabbut if everyone did what you propose then [insert some major calamity] will happen..." )newguy wrote:It's the one thing you/we can do to help others who can't recognize it. The email provider will put an alert or place it in the spam folder if enough people report it.Bylo Selhi wrote:The best solution is to learn how to recognize this kind of stuff and ignore it.The best solution is to report them to your email provider.
Moreover if your e-mail software allows it, move the e-mail, unopened, to your Spam folder. Major e-mail programs like Gmail will recognize this and add it to their database. If they're web-based like Gmail, Yahoo and Hotmail, that will automatically propagate the warning to all users of that system. Here are examples of what Gmail reports 99% of the time when I open something in my Spam folder (purely out of curiosity):
• "Be careful with this message. Similar messages were used to steal people's personal information. Unless you trust the sender, don't click links or reply with personal information."
• "Why is this message in Spam? It's similar to messages that were detected by our spam filters."
• "Why is this message in Spam? You previously marked messages from ********@*****.** as spam."
Sedulously eschew obfuscatory hyperverbosity and prolixity.
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
" A verbal contract isn't worth the paper it is written on " Samuel Goldwyn
"The light at the end of the tunnel may be a freight train coming your way" Metallica - No Leaf Clover
"The light at the end of the tunnel may be a freight train coming your way" Metallica - No Leaf Clover
pretending to be RBC
This is already a week old, but it took RBC this long to respond when I reported it.
A text message from (365) 888-0958
"Dear RBC customer, a problem occurred during your last connect from a new device. Please follow the link below to verify your informations;"
Followed by a very odd looking link.
RBC's advice is to forward the text message to phishing@rbc.com and then delete it.
That's all.
A text message from (365) 888-0958
"Dear RBC customer, a problem occurred during your last connect from a new device. Please follow the link below to verify your informations;"
Followed by a very odd looking link.
RBC's advice is to forward the text message to phishing@rbc.com and then delete it.
That's all.
- amphitryon
- Contributor
- Posts: 497
- Joined: 27 Mar 2005 21:34
- Location: Toronto
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
New ''CRA attempt'':
Got this today; seems a new batch coming. The ''deposit button'' is naturally active.............
I did report to CRA.
Got this today; seems a new batch coming. The ''deposit button'' is naturally active.............
I did report to CRA.
homo sum, humani nihil a me alienum puto
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
These emails from "Interac" seem to be increasing. We got one saying the co-op was refunding us some money. Pretty easy to detect as we are we are not members of the co-op supposedly refunding us money.
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I'm getting at least one call per day from Visa/ Mastercard services.
The call comes from a local number according to call display but always a different number.
A computer generated voice congratulates me on my excellent payment history and offers me 0% interest.
Press 1 to continue.
The call comes from a local number according to call display but always a different number.
A computer generated voice congratulates me on my excellent payment history and offers me 0% interest.
Press 1 to continue.
"And the days that I keep my gratitude higher than my expectations, well, I have really good days" RW Hubbard
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
I get the same Visa/MC one at least once a day, with a local number, always changing. Bastards!
finiki, the Canadian financial wiki The go-to place to bolster your financial freedom
-
- Veteran Contributor
- Posts: 2240
- Joined: 25 Feb 2007 18:59
Re: Phishing & Spoofing Alerts - Please Do Not Link Directly
Don't those machines ever get tired? It's almost like they can dial all day and all night and never need a break. lol.