Groups | Search | Server Info | Keyboard shortcuts | Login | Register
Groups > sci.electronics.design > #725935
| From | Joerg <news@analogconsultants.com> |
|---|---|
| Newsgroups | sci.electronics.design |
| Subject | Re: Phishing |
| Date | 2024-09-09 13:58 -0700 |
| Message-ID | <lk95rrF37u6U1@mid.individual.net> (permalink) |
| References | <vbcvp4$eoqp$1@dont-email.me> <lk3ko1F881iU1@mid.individual.net> <vbijfn$1igia$1@dont-email.me> |
On 9/7/24 3:18 PM, Don Y wrote: > On 9/7/2024 11:35 AM, Joerg wrote: >> On 9/5/24 12:11 PM, Don Y wrote: >>> I'm checking my "deflected" incoming mail to see if anything that >>> *should* have been allowed through was mistakenly diverted >>> (false positive). >>> >>> I see a fair number of phishing attempts on my "public" accounts. >>> But, all are trivially identified as such. >>> >>> So, how is it that folks (organizations) are so often deceived >>> by these things? Are users just lazy? Would it be more helpful >>> to have mail clients make it HARDER to activate an embedded >>> URL or "potentially compromised" attachment? >>> >>> Or, will the stupidity of users adapt, accordingly? >> >> I am generally stunned how naive people can be. "But it came from a >> PG&E address and had a PG&E link in there!" ... "There is a customer >> service number on your paper statements. Did you call them about that >> past due accusation?" ... "Ahm, well, no". > > I see it more as laziness. They know there are ways to check > <whatever> but don't want to be "bothered" to do those things. > > "Didn't you check up on the 'company' before committing to that $20,000 > swimming pool he was eager to sell you?" > > "But, he had a *truck* with the company's name on it!" > > (Wow, imagine how hard that would be to accomplish! <rollseyes>) > >> When it comes to politics and elections it's even worse. "But he had >> such a nice smile!". Don't get me started ... > > I had *one* email slip through my (first version) of my filters. > It was to a "non-public" account that I use so had to pass *just* > my WhiteList (content is "trusted" from WhiteListed senders). > > It was a solicitation for money for a "friend" -- who was > suspiciously not near his phone (yet ALWAYS sends mail FROM his > phone!). That, coupled with the ambiguous/impersonal plea > (e.g., not using my real name to address me) threw up flags. > > The "Reply-To" address (something I hadn't checked in previous > filter designs, relying, instead, on the "From" address) cinched it: > Instead of "Ray" it was "RRay". > > I replied: "Sure! I'll drop it off on my way out to shopping!" > > Of course, this put the emailer in a bit of a panic as I would now > be in direct contact with the person he was impersonating and, as > such, could alert him to the ongoing scam. > > Too late to prevent his ex-wife from sending $400 to "him"... > > Maybe she will have learned her lesson? > Mine was a phone call. Heavy Indian accent, "This is the Windows company. We would like to help you solve a problem we have detected with your Windows"... me "Oh yeah, you are right, there are at least nine windows here that really need cleaning. Do you use Windex for that?" -- Regards, Joerg http://www.analogconsultants.com/
Back to sci.electronics.design | Previous | Next — Previous in thread | Next in thread | Find similar
Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-05 12:11 -0700
Re: Phishing john larkin <jl@650pot.com> - 2024-09-05 15:11 -0700
Re: Phishing legg <legg@nospam.magma.ca> - 2024-09-07 09:18 -0400
Re: Phishing john larkin <jlarkin_highland_tech> - 2024-09-07 07:26 -0700
Re: Phishing "Edward Rawde" <invalid@invalid.invalid> - 2024-09-05 19:56 -0400
Re: Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-06 11:51 -0700
Re: Phishing "Edward Rawde" <invalid@invalid.invalid> - 2024-09-06 19:59 -0400
Re: Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-06 17:26 -0700
Re: Phishing "Edward Rawde" <invalid@invalid.invalid> - 2024-09-06 20:41 -0400
Re: Phishing Joerg <news@analogconsultants.com> - 2024-09-07 11:35 -0700
Re: Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-07 15:18 -0700
Re: Phishing Joerg <news@analogconsultants.com> - 2024-09-09 13:58 -0700
Re: Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-09 14:41 -0700
Re: Phishing Joerg <news@analogconsultants.com> - 2024-09-09 14:50 -0700
Re: Phishing Don Y <blockedofcourse@foo.invalid> - 2024-09-09 16:31 -0700
Re: Phishing ehsjr <ehsjr@verizon.net> - 2024-09-09 18:30 -0400
Re: Phishing john larkin <jlarkin_highland_tech> - 2024-09-07 17:04 -0700
Re: Phishing Jasen Betts <usenet@revmaps.no-ip.org> - 2024-09-09 05:01 +0000
Re: Phishing Joerg <news@analogconsultants.com> - 2024-09-09 14:50 -0700
Re: Phishing john larkin <jl@650pot.com> - 2024-09-09 16:08 -0700
csiph-web