GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test coppercourier.com/story/g…
πŸ‘︎ 36k
πŸ“°︎ r/technology
πŸ’¬︎
πŸ‘€︎ u/holyfruits
πŸ“…︎ Dec 24 2020
🚨︎ report
GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test. coppercourier.com/story/g…
πŸ‘︎ 19k
πŸ“°︎ r/nottheonion
πŸ’¬︎
πŸ‘€︎ u/sab340
πŸ“…︎ Dec 24 2020
🚨︎ report
GoDaddy sent an email to their employees offering them a $650 holiday bonus. Two days later, they sent another email saying "You failed our recent phishing test.". What an awful way to toy with people's feelings...
πŸ‘︎ 7k
πŸ“°︎ r/ABoringDystopia
πŸ’¬︎
πŸ‘€︎ u/ThePiachu
πŸ“…︎ Dec 24 2020
🚨︎ report
Be careful of other players phishing in co-op!

I'm on ps4 and accidentally left co-op turned on after an incredibly failed attempt at Lord Cryo Regisvine the Impossible during the event.

So I decided to go get some weekly BP challenges done.

About 10 minutes later someone with a character name like BotNingBuilds comes in and immediately starts bragging about his "best" Ning build.

I'm over here watching him get his ass clapped at WL7 and his awesome 59 damage per attack.

He kept asking me to ask him about his "awesome" build.

He tried directing me to a website. This is a classic phishing tactic.

For you younger players out there, NEVER go to websites that someone might suggest unless you know it's legit.

The scam would probably be:

  1. Enter co-op.

  2. Look up host user ID.

  3. Plug your website which requires registration.

  4. Cross reference the registration with Mihoyo account.

  5. Steal account.

Just wanted to warn everyone about phishing!

Have a happy New Year!

πŸ‘︎ 1k
πŸ“°︎ r/Genshin_Impact
πŸ’¬︎
πŸ‘€︎ u/Bonemonster
πŸ“…︎ Jan 01 2021
🚨︎ report
Por fin suspendieron la cuenta a la pΓ‘gina Phishing imssgob.org despuΓ©s de meses de reportes.

Originalmente me di cuenta de la existencia de esa pΓ‘gina en este post, lo que hacΓ­a era que copiaba a la pΓ‘gina real del IMSS http://imss.gob.mx (tal cual, no tiene https esa pΓ‘gina) con un aΓ±adido donde remataban automΓ³viles a veces con mΓ‘s de un 40% de descuento de su precio de lista, te pedΓ­an llenar un formulario hecho en 123formbuilder y si es similar a otras estafas similares te pedΓ­an un adelanto para despuΓ©s desaparecer y/o amenazarte.

Total, me puse revisar los datos del sitio y vi que ademΓ‘s del formulario en lΓ­nea que afortunadamente pude contactara 123formbuilder por chat por lo que suspendieron su cuenta y perdieron la informaciΓ³n. AdemΓ‘s del formulario vi que usaban a godaddy tanto para registro de dominio como para hosting.

A partir de ahΓ­ fue estar mandando correos y llenando el formulario de reporte de abuso de Godaddy casi cada mes, para solo recibir el mensaje genΓ©rico de que lo revisarΓ­an y entrar otra vez al sitio solo para ver que sigue arriba. Incluso intentaron rehacer el formulario usando nuevamente a 123formbuilder, pero como lo estaba monitoreando rΓ‘pidamente reportΓ© nuevamente la cuenta y nuevamente la suspendieron, pero el sitio continuaba abierta sin nada que pudiera hacer.

Afortunadamente hace unos dΓ­as un usuario de /r/opensource me dijo que se pueden hacer reportes directamente al ICANN (la mΓ‘xima autoridad en cuanto a dominios se refiere) por lo que me di a la tarea de googlear investigar y encontrΓ© este nuevo formularo ahora directamente del ICANN

https://icannportal.force.com/compliance/s/abuse-domain

Es un formulario para cuando compaΓ±ias de registro de dominio ignoran reportes de abuso, no para hacer el primer reporte.

LlenΓ© el formulario el pasado dΓ­a 27 y adjuntΓ© evidencia de todos los reportes que hice hacia Godaddy y ahora poco mΓ‘s de una semana despuΓ©s por fin puedo decir que la pΓ‘gina ya no estΓ‘ disponible, si entras en este momento a https://www.imssgob.org lo ΓΊnico que se muestra es que la cuenta estΓ‘ suspendida.

Voy a seguir monitoreando un par de meses esa pΓ‘gina para ver si no es solo una suspensiΓ³n temporal ya que no he tenido retroalimentaciΓ³n ni de Godaddy ni del ICANN pero pues al menos ya no se muestra toda la informaciΓ³n falsa.

πŸ‘︎ 248
πŸ“°︎ r/mexico
πŸ’¬︎
πŸ‘€︎ u/-Argih
πŸ“…︎ Jan 05 2021
🚨︎ report
Beware: Bitcoiner Loses $50K Life Savings to Ledger Phishing Scam coinfomania.com/bitcoiner…
πŸ‘︎ 278
πŸ“°︎ r/CryptoCurrency
πŸ’¬︎
πŸ‘€︎ u/robis87
πŸ“…︎ Dec 09 2020
🚨︎ report
Very sophisticated Steam phishing scam with "legit" SSL and everything.
πŸ‘︎ 816
πŸ“°︎ r/Scams
πŸ’¬︎
πŸ‘€︎ u/Autocanon
πŸ“…︎ Dec 21 2020
🚨︎ report
Phishing email I’d imagine? Any way to track down origin?
πŸ‘︎ 576
πŸ“°︎ r/HowToHack
πŸ’¬︎
πŸ‘€︎ u/SMsVeryOwn
πŸ“…︎ Dec 07 2020
🚨︎ report
GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test.
πŸ‘︎ 983
πŸ’¬︎
πŸ‘€︎ u/PretzelsThirst
πŸ“…︎ Dec 24 2020
🚨︎ report
GoDaddy Phishing Training Fail

I thought this was incredibly insensitive and upon examination a failure on how to properly setup a phishing test.

Yes, I understand phishing training is terribly important, and when done correctly it shows the weaknesses in your organization so you can correct it.

  1. Time of year - GD laid off a significant portion of their workforce, and of those remaining who's spouses have not been so lucky gave a glimmer of hope for a small bump to be dashed later.
  2. GD used their OWN domain name. Not a spelling mistake, or a badly worded email, but a near perfect TRUE email that is clean, from a trusted domain and confirmed by their filtering system.

We are actively doing Phishing training and testing with clients, but we did warn them weeks ago about certain types of email due to the pandemic. Multiple employees of ours are going through some tough times due to spouses, home life, schooling, children's behavior, but this was a poorly timed and executed test. Personally, $650 bonus as a true apology is needed because even though it might not seem much to the company, the talent that is now going to walk is going to cost so much more. Going forward I would participate in the ABSOLUTE minimum and require everything to be in physical printed writing or USPS because you no longer trust the company.

Lesson: Be aware, be sensitive, but also do the test properly.

https://coppercourier.com/story/godaddy-employees-holiday-bonus-secruity-test/

πŸ‘︎ 75
πŸ“°︎ r/msp
πŸ’¬︎
πŸ‘€︎ u/Next-Step-In-Life
πŸ“…︎ Dec 28 2020
🚨︎ report
Why do email clients not have a protocol where you can add anti-phishing codes to each website you sign up to, so that the spam filter can catch phishing emails without correct codes?

I had this idea. I'd like to know why it's not been implemented yet.

So when you sign up to a website like Paypal.com for example you should be generated a random anti-phishing code. When you confirm your email address, the website sends this code to you in the email. Your email client then detects the anti-phishing code in the emails and says 'would you like to import anti-phishing code', you say 'yes, I would love to'; and then the email client adds it to a database of email addresses paired with anti-phishing codes.

Every legitimate email from Paypal will include the text "Anti-phishing code: Xh7mnO22sXiWk92k" for example, and when scammers email to say that 'You have been locked out from your Paypal account, please log in within 12 hours', the email client can check for the anti-phishing code, find it's not there or it's wrong, and send that email to junk.

I want to confirm that emails that contain the correct code would still need to be checked in the usual way; an email shouldn't just get green-lit purely because it contains the correct code, but those without the correct code should end up in junk.

Would this be feasible?

πŸ‘︎ 95
πŸ“°︎ r/computerscience
πŸ’¬︎
πŸ‘€︎ u/alfiestoppani
πŸ“…︎ Jan 05 2021
🚨︎ report
The silliest thing has taken our β€œusers who fall for phishing attempts” count down to zero.

After years of training, reminders, examples and such that users have basically ignored, the IT department stumbled on a trick that seems to work. About 9 months ago a user submitted a ticket questioning a suspicious email, and IT replied telling them β€œgood job, you get a star!”. An email was sent out to the entire company letting everyone know about the phishing attempt and that the user had been awarded a star (the emoji of a star, nothing else). Since then, users have been reporting every phishing attempt, bragging about how many stars they’ve gotten, debating about how stars should be able to be traded for pay raises or at least Schrute Bucks. It is literally just an emoji in an email, but everyone tries to get them.

πŸ‘︎ 8k
πŸ“°︎ r/sysadmin
πŸ’¬︎
πŸ‘€︎ u/mustaffaofberne
πŸ“…︎ Oct 07 2020
🚨︎ report
Yet another reason not to go with GoDaddy - GoDaddy sent an email to employees announcing a surprise holiday bonus. It was really a phishing email test, and those who failed were invited to get more security training

https://www.businessinsider.com/godaddy-disguised-a-phishing-email-test-as-holiday-bonus-announcement-2020-12

πŸ‘︎ 76
πŸ“°︎ r/webhosting
πŸ’¬︎
πŸ‘€︎ u/AzerTrex
πŸ“…︎ Dec 25 2020
🚨︎ report
Another scrote trying to doxx me. I ain’t clicking that link I know what phishing is 🀒🀒🀒
πŸ‘︎ 103
πŸ“°︎ r/Trufemcels
πŸ’¬︎
πŸ“…︎ Dec 27 2020
🚨︎ report
GoDaddy uses fake holiday bonus notification to test employees on email phishing thehill.com/policy/techno…
πŸ‘︎ 139
πŸ“°︎ r/technology
πŸ’¬︎
πŸ‘€︎ u/Zhana-Aul
πŸ“…︎ Dec 24 2020
🚨︎ report
Just got this text from a random number. If you are going to try to pull a phishing scam on me at least spell "Amazon" correctly
πŸ‘︎ 69
πŸ“°︎ r/amazonprime
πŸ’¬︎
πŸ‘€︎ u/SHMEEEEEEEEEP
πŸ“…︎ Jan 05 2021
🚨︎ report
GoDaddy phishing 'test' teased employees with a fake holiday bonus engadget.com/godaddy-sent…
πŸ‘︎ 137
πŸ“°︎ r/technology
πŸ’¬︎
πŸ‘€︎ u/AliTVBG
πŸ“…︎ Dec 24 2020
🚨︎ report
I just bought the Ledger two weeks ago. Now I am receiving a bunch of phishing emails I never got before from senders posing to be from Ledger.

I know there was a database breach a long time ago, but I just bought the Ledger X. Is there an inside employee leaking these emails? How can my email have been compromised within two weeks?

πŸ‘︎ 48
πŸ“°︎ r/ledgerwallet
πŸ’¬︎
πŸ‘€︎ u/Starpluck_
πŸ“…︎ Dec 14 2020
🚨︎ report
New Ledger phishing email in the wild, this one is using Google Docs and impersonating the website. Be safe!

I was one of the clients that was part of the Ledger leaks.

I did a little search here in the sub it seems this one isn't documented yet, so I'm expose it here just in case.

This email is trying to impersonate Ledger by saying a new transaction was made in your Ledger Wallet. Here's the email body (I'm blanking part of the URL for obvious reasons): Cm7J10L.png (621Γ—216) (imgur.com)

Once you open the Google Docs link, this is what you'll see: KPaFpWl.png (606Γ—731) (imgur.com)

And once you click "cancel", it redirects you to a fake ledger website: D2RzItM.png (1025Γ—721) (imgur.com)

Once you select the ledger device, it'll ask you to connect and authorize the device: JwRgyAx.png (1118Γ—732) (imgur.com)

I don't really know the method the scam will use to rob you, but I suppose after it connects to your wallet it'll either throw an error and ask for your wallet seed or it'll try to make transactions to transfer as much crypto as possible.

The fake website is very well done and I could see people falling for this, specially people that aren't very techsavy. If you know people that had anything to do with the script kiddies over Ledger be sure to let them know the company fucked up and that they probably will get these kind of emails for a long time.

EDIT: just to confirm how smart these guys are, they even went as far as creating a valid ssl certificate for the phishing website CvZle7U.png (934Γ—548) (imgur.com). For some reason the media, at least here in my country decided to tech the masses just looking for a valid certificate (aka "take a look a the small green lock in the browser") is enough to know if a website is fake or not, this clearly shows it's not enough as anyone can create a valid website.

The email that send the email was [email protected]

πŸ‘︎ 73
πŸ“°︎ r/CryptoCurrency
πŸ’¬︎
πŸ‘€︎ u/spurdosparade
πŸ“…︎ Dec 28 2020
🚨︎ report
20+ Identical Fake Live Streams on Facebook scamming/phishing victims v.redd.it/kw4w70dol1761
πŸ‘︎ 282
πŸ“°︎ r/Scams
πŸ’¬︎
πŸ‘€︎ u/c0ncept
πŸ“…︎ Dec 24 2020
🚨︎ report
Ottawa Public Health contact tracing protocol very similar to known telephone phishing scams

I received a phone call yesterday from someone identifying themselves as a nurse working for Ottawa Public Health (OPH). She was reaching out to me because I was in contact with someone that had tested positive for COVID-19. She stated she was doing contact tracing and in order to close my case, she would need my full name, date of birth and home address. My first reaction was this must be another one of these telephone phishing scams under the guise of COVID-19. When I refused to give my personal information, she threatened me with a fine. She then gave me the telephone number for OPH COVID-19 hotline where I could call them directly. I tried calling earlier only to have an automated message asking me to leave my name and phone number so a nurse can call me back.

Very concerning OPH expects Ottawans to just divulge personal information over the telephone from cold calls, no questions asked and to just blindly trust whoever is calling. Instead they should give a call back number where someone actually answers so citizens can ensure it's legitimate call.

This unfortunately is reinforcing Ottawans to just divulge personal information over the phone and it's a dangerous precedent. Stay safe out there.

πŸ‘︎ 396
πŸ“°︎ r/ottawa
πŸ’¬︎
πŸ‘€︎ u/TI-IC
πŸ“…︎ Nov 19 2020
🚨︎ report
My company sends all employees fake phishing emails to test and train us on how to spot them. We need the same thing for our parents and fake news! If they click the link then they get tested more.
πŸ‘︎ 3k
πŸ“°︎ r/CrazyIdeas
πŸ’¬︎
πŸ‘€︎ u/GetSecure
πŸ“…︎ Nov 12 2020
🚨︎ report
GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test. coppercourier.com/story/g…
πŸ‘︎ 66
πŸ“°︎ r/phoenix
πŸ’¬︎
πŸ‘€︎ u/homincruz
πŸ“…︎ Dec 25 2020
🚨︎ report
Phishing email to look out for. Never seen this one before
πŸ‘︎ 37
πŸ“°︎ r/ledgerwalletleak
πŸ’¬︎
πŸ‘€︎ u/Reddddeye
πŸ“…︎ Dec 30 2020
🚨︎ report
More phishing. I was actually convinced until I noticed a spelling error. Of course I wasn’t going to click on the link but I definitely logged into my wallet to make sure it was all there πŸ˜” reddit.com/gallery/kmhyex
πŸ‘︎ 29
πŸ“°︎ r/ledgerwalletleak
πŸ’¬︎
πŸ‘€︎ u/minorthreatmikey
πŸ“…︎ Dec 29 2020
🚨︎ report
Watch out for phishing attacks targeted to Sunrise customers. Ignore these messages!
πŸ‘︎ 299
πŸ“°︎ r/Switzerland
πŸ’¬︎
πŸ‘€︎ u/panpso
πŸ“…︎ Dec 12 2020
🚨︎ report
Ledger leak phishing is now extended to Trezor. Please be careful and don't fall for it.
πŸ‘︎ 163
πŸ“°︎ r/ethtrader
πŸ’¬︎
πŸ‘€︎ u/stationfits
πŸ“…︎ Dec 13 2020
🚨︎ report
Not only is it a phishing Monero site, it's a miner!
πŸ‘︎ 94
πŸ“°︎ r/Monero
πŸ’¬︎
πŸ‘€︎ u/Ingeniouz
πŸ“…︎ Dec 23 2020
🚨︎ report
GoDaddy tells employees they’re getting a bonus; turns out to be a phishing test. coppercourier.com/story/g…
πŸ‘︎ 107
πŸ“°︎ r/antiwork
πŸ’¬︎
πŸ‘€︎ u/RedGoldSickle
πŸ“…︎ Dec 26 2020
🚨︎ report
[Warning] HMRC Rebate Text - Phishing Scam - DO NOT full in the form you will be led to from this text
πŸ‘︎ 42
πŸ“°︎ r/Britain
πŸ’¬︎
πŸ‘€︎ u/d2Dreamer
πŸ“…︎ Jan 05 2021
🚨︎ report
GoDaddy phishing 'test' teased employees with a fake holiday bonus engadget.com/godaddy-sent…
πŸ‘︎ 40
πŸ“°︎ r/cybersecurity
πŸ’¬︎
πŸ‘€︎ u/f474m0r64n4
πŸ“…︎ Dec 25 2020
🚨︎ report
BEWARE: Bitcoiner Loses $50K Life Savings to Ledger Phishing Scam coinfomania.com/bitcoiner…
πŸ‘︎ 57
πŸ“°︎ r/Bitcoin
πŸ’¬︎
πŸ‘€︎ u/wmredditor
πŸ“…︎ Dec 09 2020
🚨︎ report
⚠️ BEWARE New level of phishing campaigns just detected! The phishing campaigns just got more sophisticated!

A bit of context. I use unique email addresses (not the simple '+' trick, but a more complex setup), even for different orders, therefore I have a pretty advanced tracking setup of where things come from. So I am pretty sure this is coming exclusively from Ledger.

While Ledger is busy with their new Black Friday offer, today I received another phishing email. This time it was much more elaborated concept and different approach. It was not coming from Ledger and it didn't even have any ledger connection/association. It was looking like just as any other newsletter email that you might have signed up and forgot.

The sender name was Cointelegraph, and I'm pretty sure that I never signed up to their newsletter, so I got immediately sus. Analyzing further the email, the sender is the Cointelegraph [email protected]. As you can see, a governmental domain. MDHS is the Mississippi Department of Human Services (domain SPF, DKIM, DMARC all PASS).

Obviously, the Mississippi Department of Human Services doesn't send emails in name of Cointelegraph. This is obviously a malicious attempt.

You'd think that's all? Of course not. After diving (again) in the spam filters, I just realized that some days ago I received the same phishing methodology but from another "crypto website" with much less authority, this has been blocked by the spam filters on the contrary of the fake Cointelegraph email.

What are the attackers trying to achieve? The options are two:

  1. Enumerating active addresses in order to understand which emails are active and which not. Running mass attacks is expensive, the smaller the list of recipients is, the better they can use their funds.
  2. Phish users to install malicious software by deceiving them in believing that they are in the real Cointelegraph website and propose you a .

What you should do? AKA (email) basic security tips:

- DO NOT OPEN THIS EMAILS. This emails contain some tracking magic that will reveal the attacker if your email is active or not.

- Disable the image loading in the emails by default (If you use gmail, check this). This will prevent the loading of the tackers in case you open the email.

- Always check the sender name and the sender domain.

- Do not click on the links. Links also will track you and mark your email address as active.

- The most important! NEVER EVER put your passphrase anywhere else beside

... keep reading on reddit ➑

πŸ‘︎ 126
πŸ“°︎ r/ledgerwallet
πŸ’¬︎
πŸ‘€︎ u/sue_ledger
πŸ“…︎ Nov 24 2020
🚨︎ report
Seems like a cruel test: GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test. coppercourier.com/story/g…
πŸ‘︎ 108
πŸ“°︎ r/darknetdiaries
πŸ’¬︎
πŸ‘€︎ u/ppmolina
πŸ“…︎ Dec 25 2020
🚨︎ report
Reporting phishing streams does work (stream taken down minutes after report)
πŸ‘︎ 182
πŸ“°︎ r/runescape
πŸ’¬︎
πŸ‘€︎ u/Rexij
πŸ“…︎ Dec 13 2020
🚨︎ report
The second most watched Dota stream on youtube is pretending to be topson. Looping old gameplay and linking to a phishing site.
πŸ‘︎ 204
πŸ“°︎ r/DotA2
πŸ’¬︎
πŸ‘€︎ u/lolloboy140
πŸ“…︎ Dec 16 2020
🚨︎ report
Watch out for this Ledger phishing attempt!

This is the best one I’ve seen minus the end where they say to update your seed:

It is from email address:

[email protected]

Email looks like ledger as well

Dear X,

We regret to inform you that Ledger has experienced a security breach affecting approximately 57,000 of our customers and that the wallet associated with your e-mail address is within those affected by the breach.

Namely, on Wednesday, December 23th 2020, our forensics team has found several of the Ledger Live administrative servers to be infected with malware.

At this moment, it’s technically impossible to conclusively assess the severity and the scope of the data breach. Due to these circumstances, we must assume that your cryptocurrency assets are at risk of being stolen.

If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please update your 24-Words Phrase and follow the instructions to set up a new PIN for your wallet.

Button here saying β€œupdate now” linking to ledger-supports.com/myEmailAddress

Sincerly, Ledger

People who got the emails of their customers definitely are taking advantage of scamming you now since they know exactly who to target.

πŸ‘︎ 23
πŸ“°︎ r/Bitcoin
πŸ’¬︎
πŸ‘€︎ u/Bison-Silly
πŸ“…︎ Dec 28 2020
🚨︎ report
Phishing on Instagram ads, stay vigilant. imgur.com/a/kc1iqtf
πŸ‘︎ 236
πŸ“°︎ r/singapore
πŸ’¬︎
πŸ‘€︎ u/_nazomeku
πŸ“…︎ Dec 05 2020
🚨︎ report
"BEWARE: Bitcoiner Loses $50K Life Savings to Ledger Phishing Scam" coinfomania.com/bitcoiner…
πŸ‘︎ 61
πŸ“°︎ r/Buttcoin
πŸ’¬︎
πŸ“…︎ Dec 10 2020
🚨︎ report
List of E-Mail addresses that sent phishing attempts

If you want to add addresses to this list, comment below with screenshots. I do not want to add addresses without proof, that they were involved. (Though, if the address is clearly shit and has the word "ledger" in it, I think this is proof enough...)

Please also CTRL+F the address before posting it, to avoid duplicates.

Collecting the addresses in such way does not help a lot, but I think: it's better to have more information than to dismiss it. Nobody gets hurt if we collect this information. It might help at some point, who knows.

πŸ‘︎ 15
πŸ“°︎ r/ledgerwalletleak
πŸ’¬︎
πŸ‘€︎ u/Yakikikekakokuke
πŸ“…︎ Dec 22 2020
🚨︎ report
After going onto my Amazon account to follow some returns instructions, I got a phishing e-mail urging me to take action. I've deleted the mails, but how did they know I'd been using Amazon?

Is there likely to be something nasty in my computer? Should I be changing all sorts of passwords, other than the Amazon one which I've already done? I don't think it's a coincidence, since the mails came very shortly after I'd used the website, and I don't use it often.

πŸ‘︎ 10
πŸ“°︎ r/AskUK
πŸ’¬︎
πŸ‘€︎ u/RuinedSplendour
πŸ“…︎ Jan 02 2021
🚨︎ report
Phishing scammed

Hi all.

I lost significant ammount of NANO due to phishing scam attack through my Exodus wallet.

I know it was all my mistake and I shouldn't give anybody my 12 words passphrase, but it is too late for that now.

Can anybody here help me anyhow return my funds? Can transaction be reverted anyhow if I put evidences that it was a fraud.

Please help.

πŸ‘︎ 5
πŸ“°︎ r/nanocurrency
πŸ’¬︎
πŸ‘€︎ u/coin6236
πŸ“…︎ Jan 07 2021
🚨︎ report
Don't Lose Your XRP - Phishing Email Example
πŸ‘︎ 153
πŸ“°︎ r/Ripple
πŸ’¬︎
πŸ‘€︎ u/PaddySizemore
πŸ“…︎ Nov 30 2020
🚨︎ report
Phishing attempt to look out for

Yesterday, I received an email from "[email protected]" stating that there was a data breach, for a second there, I believed it and clicked the link to download the new update for Ledger Live "ledger-live-desktop-2.18.0-win"

The site is identical, a true mirror of the original site.

I downloaded the app and clicked it to run but windows popped up with a warning about it, I thought this is weird since when I first downloaded the app from the true ledger site, I did not receive a pop-up warning.

So I went to the original site of the ledger> downloads> ledger live and clicked download but it showed it was the "ledger-live-desktop-2.17.1-win" version. That was when I realized I almost got scammed.

On the ledger true website, there is a warning in orange about phishing, on the copy site there is none.
The copy site has two different letters in the address bar:
The "g" has a point on it and the "e" has a point under it, you might miss it because it looks like spots/specs of dirt on your screen. (picture attached)

Be careful.

https://preview.redd.it/7pyg4z8fke361.jpg?width=498&format=pjpg&auto=webp&s=62b3ba52425b90f0d80a0190a09f5120c9f9e13c

πŸ‘︎ 39
πŸ“°︎ r/ledgerwallet
πŸ’¬︎
πŸ‘€︎ u/Omarittos
πŸ“…︎ Dec 05 2020
🚨︎ report
YSK That you can report the phishing attempts sent via SMS to your phone

Why YSK: By reporting or actually forwarding these messages to the number 7726 they will respond asking for the senders # that it was sent on. A small way to help some unsuspecting person from being scammed.

πŸ‘︎ 76
πŸ“°︎ r/YouShouldKnow
πŸ’¬︎
πŸ‘€︎ u/Archteryx
πŸ“…︎ Dec 29 2020
🚨︎ report
Why is it that Microsoft in all their power can't figure out that this email is a SPAM or Phishing attack???
πŸ‘︎ 63
πŸ“°︎ r/facepalm
πŸ’¬︎
πŸ‘€︎ u/ciscokid12345
πŸ“…︎ Dec 29 2020
🚨︎ report
Nieuwe fraude: bankkaart phishing per brief
πŸ‘︎ 59
πŸ“°︎ r/Belgium2
πŸ’¬︎
πŸ‘€︎ u/Nonkel_Bob
πŸ“…︎ Dec 23 2020
🚨︎ report
test users with reporting phishing emails

at my old company we had an outlook plugin called phishme. when a phishing email was sent out, its up to the user to click on it to report it as 'phishing'. Old company also had a learning course in place like every other month to test their acknowledgement on never providing passwords, always locking pc when you walk away from your desk etc....there is a deadline for these courses and when you miss it, it gets reported to your lead and it can be noted down in your performance review etc...

at my new job, we are needing to put something similar in place BUT they do not have the budget to reward the user for correctly reporting the email as phishing.

we need something in place where the user correctly clicked on the phishme button as well as notifying us that the user also opened up the email.

what do you guys have in place? and do the users get any reward in correctly reporting a phishing email.

πŸ‘︎ 7
πŸ“°︎ r/sysadmin
πŸ’¬︎
πŸ‘€︎ u/whatadiva
πŸ“…︎ Jan 07 2021
🚨︎ report
Holy hell. Anyone else spend all day fighting off a massive malware storm and deluges of phishing attacks? What the heck was with today?

Was it just us? I'm sitting here drinking away my problems now. Maybe I shouldn't have watched both political town hall broadcasts AFTER today's shit show, but we were hit harder today than I've ever experienced. A MASSIVE surge of spear phishing and just tons of malware emails. We only had ONE user get popped (phishing) but were able to immediately lock them down.

As far as malware, it was an insane amount of W97M/Downldr.IE.gen!Eldorado emails. .doc files, zip, and for everyone else tons of either .html attachments or clever links. Dude the email subjects and body's were SO FUCKING relavant. The payload attachments were named so perfectly. What a shit show.

I spent all day contacting company's IT departments letting them know they've been compromised and are bombarding our email servers. Again, thankfully all malware was caught. Only a couple stupid people fell for clicking on links.

πŸ‘︎ 722
πŸ“°︎ r/sysadmin
πŸ’¬︎
πŸ‘€︎ u/likwidtek
πŸ“…︎ Oct 16 2020
🚨︎ report
Phishing warning! Not real Metamask! Google is allowing a phisher to buy sponsored ads on their search results.
πŸ‘︎ 151
πŸ“°︎ r/ethtrader
πŸ’¬︎
πŸ‘€︎ u/ProudBitcoiner
πŸ“…︎ Dec 03 2020
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.