Phishing attemps... And they got me!

Started by viper37, June 26, 2019, 03:43:53 PM

Previous topic - Next topic

viper37

Dammit!  How can I be so dumb??

A client sends me a Dropbox file, I was waiting for plans on a new project for this fall.
Didn't bother checking the link, clicked, signed in to my Dropbox... nothing happens.  Try again, nothing happens.  Try to sign with Gmail account, didn't even bother to ask "why Gmail on a MS site??", nothing happens... only then did I realize that wasn't Dropbox  :glare: :grr: :bleeding: :angry: :thumbsdown: :blurgh:

Had to change all my passwords... grrr.

EDIT: wrong forum, I was intending to post this in "Computer affairs".  Do we still have mods here? :P  Can someone please move it?  Thanks.
I don't do meditation.  I drink alcohol to relax, like normal people.

If Microsoft Excel decided to stop working overnight, the world would practically end.

DGuller

Quote from: viper37 on June 26, 2019, 03:43:53 PM
Dammit!  How can I be so dumb??

A client sends me a Dropbox file, I was waiting for plans on a new project for this fall.
Didn't bother checking the link, clicked, signed in to my Dropbox... nothing happens.  Try again, nothing happens.  Try to sign with Gmail account, didn't even bother to ask "why Gmail on a MS site??", nothing happens... only then did I realize that wasn't Dropbox  :glare: :grr: :bleeding: :angry: :thumbsdown: :blurgh:

Had to change all my passwords... grrr.

EDIT: wrong forum, I was intending to post this in "Computer affairs".  Do we still have mods here? :P  Can someone please move it?  Thanks.
That's how I once failed my company's phish test.  The phish e-mail just happened by luck to be close enough to what I was expecting, so my guard was down.  Normally I'm quite paranoid about such stuff, so I was kicking myself for falling for it.  I guess that when you send out enough sophisticated phishes, statistically some of them would just happen to look plausible enough even to people who should know better.

Grey Fox

I work for an American company that has subsidiary that are part of the deterrent procurement chain, I get so many fishing emails. It's making me miss actual emails.
Colonel Caliga is Awesome.

katmai

Quote from: viper37 on June 26, 2019, 03:43:53 PM


EDIT: wrong forum, I was intending to post this in "Computer affairs".  Do we still have mods here? :P  Can someone please move it?  Thanks.
the answer is yes, yes we do.  :ph34r:
Fat, drunk and stupid is no way to go through life, son

Syt

Quote from: DGuller on June 26, 2019, 06:46:01 PM
That's how I once failed my company's phish test.  The phish e-mail just happened by luck to be close enough to what I was expecting, so my guard was down.  Normally I'm quite paranoid about such stuff, so I was kicking myself for falling for it.  I guess that when you send out enough sophisticated phishes, statistically some of them would just happen to look plausible enough even to people who should know better.

Same happened to me once. I was expecting an invoice from one of our regions, and received a file send request via Skype from the right person called "Invoice", at the time when I would be expecting it. I noticed too late that the ending was "exe", not "pdf". A minute later a colleague asks me why I'm sending her an invoice.

Fortunately, I managed to fix the situation myself - shut down Skype, disconnected from the internet, ran a virus scan from a USB stick, then asked a colleague to download the removal tool for me.
I am, somehow, less interested in the weight and convolutions of Einstein's brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops.
—Stephen Jay Gould

Proud owner of 42 Zoupa Points.

Richard Hakluyt

My wife gets these as well. Unlike the ones sent to people as private individuals they are quite sophisticated and easy for people who get hundreds of emails a day to fall for.

In fact I think the phishing is quite sophisticated in both cases, thinking about it. For the private individual they are hoping that the recipient is stupid/ignorant, hence the e-mail is clearly dodgy so that the sceptical are weeded out. Meanwhile the fake invoices/whatever look pretty good and are designed to get past the busy office worker.

katmai

heh, i've had a few that were sent from like heads of development and so i've always know it's a phishing attempt as they would have no reason to contact a lowly contract employee like me. :lol:
Fat, drunk and stupid is no way to go through life, son