My classmate just fell for a phishing email from "PayPal."

She was talking about her payment being declined to her friend.

It peaked my attention when she said after logging in, she was lead to a blank page.

I asked if I could see it and it was definitely a phishing email

I will admit, it's one of the most professional phishing email I've ever seen, but the grammar wasn't very professional and the PayPal logo wasn't completely accurate.

Why do these idiots fall for everything?

Dev: *Recieves email from manager with several typos/grammar mistakes asking to open attachment with strange name and click on tinyurl style link*

Dev: *Flags as phishing*

Manager: Hey how come you didn’t action my email?

Dev: That was actually from you?

Manager: Yes.

Dev: …

Got a phishing email with name-pw sent as get parameters so i did what ever respectable human would have

How do I un-idiot my users when it comes to clicking on dodgy email-links??

Got a forwarded email just there from a user who said;

Good afternoon,
Is the below ok to open?
I just tried but got a popup saying I've been blocked from opening it.
I'm not sure who it is coming from and I am not waiting on anything but as it says its from dropbox and is important, i know it's okay.
Can you unblock the link ASAP please?
This is really impeding my work-day as I need to know what it is and act accordingly.
Regards... user.

The Original email came from a random jumble of letters with a subject line of 'important dropbox program' - not only does it look dodgy but its english is horrible! It said;

"Hi tu my freind,

You tu still read a pending verrry important document sent by one of your own contact to be vieweddd.

Install "Highly Confidential english.pdf" by clickinggg here

*insert link leading to something called 'viral-update-trojan.exe'*"

I mean, seriously... help!!! 😢
We have sent emails explaining how to hover over links and to not to click them if it looks wrong.
No one does it.
We hired a company to send fake phishing emails to train users in what to do.
It made no difference!
We now make people 'verify' their email addresses when opening any sort of link to try get them to actually look at what they're opening.
We also strip emails of original attachments and create 'safe' html copies as we can't trust them to look at what they're opening.
Everyone complains about it but Jesus Christ, this is why!!!

Its so exhausting!! What is wrong with people!!! Argh!!! 😤

I’m almost sure it’s a phishing email...

We had a short power outage this morning. 30 min later I got an "urgent" call that someone's "computer" was not working in another branch of our company.

Not one person in that branch could figure this out so after them repeatedly messaging and calling me for around an hour I decided to come over.

I found out that the power wall plug to the monitor has a switch on it which this person accidentally kicked...

I fixed his problem in around 20 seconds. This same employee was one that somehow had his email account previously "hacked" and 8000 phishing emails were sent from his account in 1 hour.

I honestly think it is amazing people like this can even use a computer at all...

Corporate: Phishing Emails are serious. We need you guys to take this awareness training. Please report if you get any suspicious email.

*Sends the awareness training in a format that screams Phishing

Everybody: Wait... is this a test?

The company I work for have this obsession of sending phishing emails to employees. If you report the email you get a message saying good job. If you fail, and you open it you have to have a meeting with your boss and stuff. They do this multible times a week.

So now we have this situation where a lot of important emails get deleted as collateral damage, as the employees are parnoid of opening them. Fantastic system with no flaws at all.🤔🤔

OK I can't deal with this user anymore.

This morning I get a text. "My laptop isn't getting emails anymore I'm not sure if this is why?" And attached is a screenshot of an email purporting to be from "The <company name> Team". Which isn't even close to the sort of language our small business uses in emails. This email says that his O365 password will soon be expiring and he needs to download the attached (.htm) file so he can keep his password. Never mind the fact that the grammar is awful, the "from" address is cheesy and our O365 passwords don't expire. He went ahead and, in his words, "Tried several of his passwords but none of them worked." This is the second time in less than a year that he's done this and I thought we were very clear that these emails are never real, but I'll deal with that later.

I quickly log into the O365 admin portal and reset his password to a randomly-generated one. I set this to be permanent since this isn't actually a password he should ever be needing to type. I call him up and explain to him that it was a phishing email and he essentially just gave some random people his credentials so I needed to reset them. I then help him log into Outlook on his PC with the new password. Once he's in, he says "so how do I reset this temporary password?" I tell him that no, this is his permanent password now and he doesn't need to remember it because he shouldn't ever need to be typing it anyway. He says "No no no that won't work I can't remember this." (I smile and nod to myself at this point -- THAT'S THE IDEA). But I tell him when he is in the office we will store the password in a password manager in case he ever needs to get to it. Long pause follows. "Can't I just set it back to what it was so I can remember it?"

Red flags in your first week of your software engineering job 🚩

You do the first few days not speaking to anyone.
You can't get into the building and no one turns up until mid day.
The receptionist thinks you're too well dressed to work in this building, thinks you're a spy and calls security on you.
You are eating alone during lunch time in the cafeteria
You have bring your own material for making coffee for yourself

When you try to read the onboarding docs and there aren't any.
You have to write the onboarding docs.

You don't have team mates.
When you ask another team how things are going and they just laugh and cry.😂😭

There's no computer for you, and not even an "it's delayed" excuse. They weren't expecting you.
Your are given a TI PC, because "that's all we have", even though there's no software for it, and it's not quite IBM compatible.
You don't have local admin rights on your computer.💀
You have to buy a laptop yourself to be able to do your job.

It's the end of the week and you still don't have your environment set up and running.
You look at the codebase and there are no automated tests.
You have to request access every time you need to install something through a company tool that looks like it was made in 2001.

Various tasks can only be performed by one single person and they are either out sick or on vacation.
You have to keep track of your time in 6 minute increments, assigned to projects you don't know, by project numbers everyone has memorised (and therefore aren't written down).
You have to fill in timesheets and it takes you 30 minutes each day to fill them in because the system is so clunky.🤮

Your first email is a phishing test from the IT department in another country and timezone, but it has useful information in it, like how to login to the VPN.
Your second email is not a phishing test, but has similar information as the first one. (You ignore it.)
Your name is spelled wrong in every system, in a different way. 2 departments decide that it's too much trouble, and they never fix the spelling as long as you work there. One of them fixes it after you leave, and annoys you for a month because you haven't filled out the customer survey.

High quality phishing email.

Email: "we have carried out a phishing test company wide"

Me: Nice!

Email: "results are here"

Me: wow, already done? Didn't even see the email. I must've subconciously discarded it! Damn, I'm good!!

Email: "the test was carried out yesterday"

Me: *was OOO y-day*

Me: fuck

My job sends out emails with things like "You won a prize!" In the subject line with embarrassingly vague reasons to click the links in the email. If you do, the links take you to a site where they slap your wrists for clicking an unknown link and teach you about the dangers of phishing.

It's fake spam. Ironically enough, though, it's the ONLY spam I ever get. It's more annoying than real spam because it never gets blocked by the system like an actual phishing attack would...

It is driving me crazy having to delete these stupid messages every day and they're clogging up my otherwise clean inbox! I don't even know who to contact about this bullshit because they're so "haha we got you!" about it, there's no department claiming responsibility. They're creating their own spam trying to prevent spam. What the hell?

My university alerts all student and staff any time a phishing email is reported. I've yet to attend one class, and I've received a few dozen emails alerting you of phishing emails being sent. It's sad people can't notice the pattern of the emails, and realize right away "Hey this is a bullshit email" and not rely on the alerts.

It's the 21st century; basic computer competency is a necessity.

This is the last part of the series
(3 of 3) Credentials everywhere; like literally.

I worked for a company that made an authentication system. In a way it was ahead of it's time as it was an attempt at single sign on before we had industry standards but it was not something that had not been done before.

This security system targeted 3rd party websites. Here is where it went wrong. There was a "save" implementation where users where redirected to the authentication system and back.

However for fear of being to hard to implement they made a second method that simply required the third party site to put up a login form on their site and push the input on to the endpoint of the authentication system. This method was provided with sample code and the only solution that was ever pushed.

So users where trained to leave their credentials wherever they saw the products logo; awesome candidates for phishing. Most of the sites didn't have TLS/SSL. And the system stored the password as pain text right next to the email and birth date making the incompetence complete.

The reason for plain text password was so people could recover there password. Like just call the company convincingly frustrated and you can get them to send you the password.

Oh no, someone hacked my PayPal account, and it seems... PayPal’s too, they can’t spell properly anymore 😰

So some asshole keeps sending phishing emails to every student and prof in our university and the IT department is too pathetic to block it. They all come from the same email and contain the same text yet they cant filter it and just send warnings not to click it.

Im getting sick of recieving 5 of these a day, i scanned and viewed the page and its just a simple form copying the outlook login page with a redirect to the actual page after submission.

Whats the easiest way to write a script that will spam them with thousands of fake accounts? How can i fuck with these guys?

The most annoying hack I've had to deal with was back when I did IT support, actually. Level 1 call center tech at the time. Apparently someone fell for a phishing email and gave out his outlook credentials. The phisher used that email account to send out another phishing email to roughly 1800 employees.

Security Operations noticed, because this guy's job didn't generally involve sending out mass-communication emails. They investigated, figured out what had happened, and opted for the nuclear option: they reset the password for EVERY SINGLE ACCOUNT that received the email. All 1800 of them. Over the weekend.

I walked into the call center Monday morning and checked the call stats, then did a double-take. There were over 300 people waiting in the queue. I almost left and called in sick. Turns out it wasn't that bad though. Annoying to reset so many passwords and having no downtime due to the full queue, but on the other hand my stats were better that day than any other, since every call was a 5-minute password reset.

There is a new phishing site going around called "rogstrike.com" that is being spread by Steam DMs.

Infected asks victim to "vote for their team" and in order to do that, you need to login with steam. The steam login part is sketchy af, litterally spawns a fake new window in the same tab. Doesn't matter what OS you use, it's always Win 10 styled. Lol.

I reported on twitter and via email, i'll see what they will do.

I'm the only one who keep receiving phishing emails about not existing Netflix subscriptions from evident scam email addresses on a daily basis?
I tend to have more of those than newsletters I never subscribed to.

Come on, man, at least try harder to steal my data or money.

Meme quoting one of our employees who sent in a ticket asking if something was a "phishing technique without the use of email."

got this hilarious phishing email today. check the sender's email

Why is it always THIS freaking user??? Yes, this is the same one from my previous rant. ALWAYS emails me with a subject line composed of whatever random, vaguely-related-to-the-topic words happen to be jiggling around in his arsehole at the time of writing, vomited out in no particular order. Email body full of typos, wildly incorrect punctuation, and the actual content is completely nonsensical. Accompanied by a screenshot which is always cropped down so small as to be useless. And from what I can gather from this latest one, it looks like he's fallen for yet another phishing email. I SWEAR if that's what happened again......

So I just got a mail from a bank.
The email address ended with .gmbh

If people want to make phishing emails then please use at least a fucking viable email address

All mail clients are intentionally made not to show sender email address, but rather their chosen name to then launder money on anti-phishing trainings.

A couple of weeks ago my work email got hacked, I found out because he/she was sending phishing mails to yahoo emailaddresses, but they couldn't be delivered because they were marked as phishing.

I've immediately changed my password and turned on two-factor authentication, shared my story with my boss and now we use two-factor authentication for every service where it is possible.

Second phishing victim of the year.
F*ck our email service provider, the service sucks so much. The deny list DOESN'T EVEN WORK. I'm so fed up with this.

Got a phishing email with a link to a website hosted by wix. The only thing on the site was a form and submit button so I’m sure it’s for collecting credentials. I was able to report them and wix shut it down which was nice. But I was thinking, if someone were to ddos the web server, what action would wix do? Would they let the requests keep coming and increase the customers bill? Or would they just shut down the server?

Me: This spam email looks a little weirder than normal.
Phishing team: Its just spam don't waste our time.

*15 min later*

Phishing team: Nevermind. Its trying to take your log in info off your account. Thanks

...Jerks

I just experienced a new level of wut at my job. Web Engineering has a Google group email. This morning someone at work sent us an email about canceling a work order (and he didn’t know how to cancel it)…for a plumbing issue 😑Wrong engineering department, my dude. And you can cancel your work order by going to the request system where you submitted it or the email receipt of you request, which was certainly not to this Google group email. You have the work order number, so you must have an email somewhere about your request. And how’d he get this email?? I’m seriously wondering if this is a weird phishing attempt.

My name is Sharron Maggie , and I’m a graduate of Stanford University. After finishing my degree, I faced immense challenges in finding a sustainable job that would allow me to pay off my student loans and live the life I desired. In my search for financial stability, I stumbled upon cryptocurrency trading, specifically Bitcoin. I invested hoping to turn my situation around, and I watched my assets soar to an impressive $500,000.

However, my journey took a dark turn when I received an email that appeared to be from my crypto exchange, prompting me to verify my account. I clicked the link and entered my information, only to realize minutes later that it was a phishing scam. In an instant, my account was drained of all its funds. Feeling desperate and devastated, I turned to a friend who had faced similar challenges, and he recommended Trust Geeks Hack Expert. Skeptical but with nothing to lose, I decided to contact them. From the first interaction, their team was incredibly responsive and professional, assuring me they had successfully handled cases like mine.

Trust Geeks Hack Expert immediately began securing my accounts and tracing the transactions. They worked with cybersecurity experts to freeze any fraudulent transfers and managed to recover a significant portion of my assets. Their expertise was impressive, and they took the time to educate me about the importance of strong, unique passwords and enabling two-factor authentication. What stood out to me was their holistic approach to the recovery process. Trust Geeks Hack Expert not only focused on retrieving my funds but also guided me in enhancing my online security to prevent future attacks. They taught me to recognize phishing scams and reinforced the need for robust security practices.

This experience was a harsh but valuable lesson in online security. It made me more vigilant about my digital presence and interactions. Thanks to Trust Geeks Hack Expert, I not only regained most of my assets but also acquired essential knowledge on protecting my investments moving forward. If you ever find yourself in a similar situation, I wholeheartedly recommend reaching out to Trust Geeks Hack Expert.

(CONTACT SERVICE )
E ma il ---> Trustgeekshackexpert [At] fast service . com
Tele gram ID ---> Trustgeekshackexpert
Web site ----> https :// trustgeekshackexpert. com/

BITCOIN FRAUD-RECOVER STOLEN ASSETS HIRE TECHNOCRATE RECOVERY

I decided to explore the world of cryptocurrency, intrigued by the possibilities it offered. With every hard-earned dollar I saved, I ventured into Bitcoin, investing a substantial amount that eventually totaled $370,000. I was excited about the prospect of growing my savings and ensuring my children would have a stable future. But, as fate would have it, disaster struck when I lost access to my Bitcoin wallet. It happened in a flash. I was multitasking—baking, icing cupcakes, and managing customer orders—when I accidentally clicked on a phishing link disguised as an update for my cryptocurrency app. In an instant, my wallet was compromised, and I was locked out. The realization hit me hard: my investment, my dreams, and my family’s future were hanging by a thread. Feeling utterly devastated and betrayed by my own oversight, I knew I had to act fast. I shared my predicament with a close friend who had been through a similar experience, and they recommended TECHNOCRATE RECOVERY. Skeptical but desperate, I reached out to their team. From the moment I contacted them, I felt an overwhelming sense of support. The professionals at TECHNOCRATE RECOVERY Tool were compassionate and knowledgeable, assuring me that they could help me navigate this overwhelming situation. Their team sprang into action, utilizing advanced technology to track the transactions that led to my locked assets. Within days, they uncovered critical information that would lead to the recovery of my funds. Finally, after what felt like an eternity, I received the news I had been praying for: my Bitcoin had been successfully recovered. Thanks to their incredible work, I can continue focusing on my bakery and my family, knowing I have the tools to navigate the digital world securely.

CONTACT BELOW INFO FOR HELP.

Inbox Email: t echnocratrecovery@contractor. net

(E MAIL:TRUSTGEEKSHACKEXPERT @ FASTSERVICE . COM )
( TELE GRAM ID: TRUST GEEKS HACK EXPERT)

As an Italian investor, I approached my cryptocurrency investments with the precision and caution our culture is known for, gradually building a retirement portfolio of €75,000 in Bitcoin over the years. Unfortunately, even the most meticulous plans can be undermined by sophisticated scams. One day, I received a phishing email that looked identical to communications from my wallet provider. Believing it to be genuine, I entered my login details, only to realize moments later that my account had been completely drained. The loss was devastating; all my careful planning seemed to vanish in an instant, leaving me with immense disappointment— not just for myself but also for my family, who had supported me throughout this journey. In my desperation, I sought advice from a colleague in the cryptocurrency industry. He recommended (TRUST GEEKS HACK EXPERT), expressing confidence in their specialized expertise in fund recovery. Though initially skeptical, I felt I had no choice but to reach out. I contacted(TRUST GEEKS HACK EXPERT), and their team was remarkably professional and empathetic. They acted swiftly, employing advanced blockchain technology and investigative techniques to track the fraudulent transactions. Their expertise inspired renewed hope, and it was reassuring to have such knowledgeable support in my recovery efforts. The waiting period was tense, but they kept me informed every step of the way. After several nerve-wracking days, I received the call I had been hoping for: my funds had been successfully recovered. The relief was indescribable— (TRUST GEEKS HACK EXPERT) had not only restored my retirement plan but also renewed my trust in the cryptocurrency industry. For anyone facing a similar situation, reach out to (TRUST GEEKS HACK EXPERT), Their dedication can truly make a difference in recovering what you thought was lost.

(W H A T S A P P +1 7 1 9 4 9 2 2 6 9 3 )

I am still in awe of the exceptional service I received from Tech Cyber Force Recovery, a renowned team of experts specializing in recovering lost Bitcoin and USDT. Like many others, I was a victim of a phishing scam that left me with a devastating loss of 3.5 BTC and 10,000 USD. The thought of never being able to recover my hard-earned investments was overwhelming, and I had almost given up hope.

That was when I stumbled upon Tech Cyber Force Recovery while searching for a solution online. I must admit, I was skeptical at first, but the numerous positive reviews and testimonials from satisfied clients convinced me to take a chance.

 I contacted their team, and their professionalism and expertise shone through from the initial consultation to the final recovery. The Tech Cyber Force Recovery team guided me through a series of steps, explaining each process in detail and keeping me updated on their progress. Their dedication and perseverance were impressive, and it was evident that they had a deep understanding of the complexities involved in crypto recovery.

Within two weeks, Tech Cyber Force Recovery successfully recovered 95% of my lost Bitcoin and USDT. I was overjoyed and relieved to have my investments back, and I couldn't thank them enough for their exceptional service. What sets Tech Cyber Force Recovery apart is its commitment to delivering results and its willingness to go the extra mile.

They are not just a team of experts but a beacon of hope for those who have lost their cryptocurrency investments. If you're a victim of a similar scam or have lost your cryptocurrency due to any other reason, I highly recommend reaching out to Tech Cyber Force Recovery. They will work tirelessly to recover your lost assets and restore your faith in the crypto community. In conclusion, I would like to express my gratitude to Tech Cyber Force Recovery for their outstanding service.

TEXT OR CALL  + (156)(172)(636)97    

EMAIL contact(@)techcyberforcerecovery(.)info    

WEBSITE  https(://)techcyberforcerecovery(.)info

HIRE AN AUTHORIZED HACKER TO RECOVER LOST/STOLEN BITCOIN & USDT; VISIT CYBER CONSTABLE INTELLIGENCE
I've always been a lawyer with a keen eye for opportunities to help people get their lives back together and also invest in myself, and I couldn’t ignore the buzz around Bitcoin. In 2018, I took the plunge, investing $12,000 in this promising digital currency. Over the years, my investment flourished, growing to an astonishing $750,000. This newfound wealth brought a sense of financial security, enabling me to clear my mortgage, secure my children's education, and indulge in a few well-deserved luxuries. However, my euphoria was short-lived. An urgent email, seemingly from my trusted trading platform, rattled my world. It claimed suspicious activity on my account and requested immediate verification. Without hesitation, I complied, only to discover moments later that my Bitcoin wallet had been ruthlessly emptied. In a state of disbelief and desperation, I scoured online forums for a glimmer of hope. There, amidst the chaos, I found a beacon of light—a recommendation for CYBER CONSTABLE INTELLIGENCE on WhatsApp: +1 (252) 378-7611 With trembling hands, I reached out to them, praying for a miracle. Their response was swift and reassuring. With expert precision, they embarked on the arduous task of tracing the nefarious activity that had stripped me of my wealth. Days felt like eternity, but their relentless efforts bore fruit. Most of my funds were miraculously recovered, breathing life back into my shattered dreams. Yet, CYBER CONSTABLE INTELLIGENCE assistance extended beyond mere retrieval. They became my guardians of digital security, imparting invaluable wisdom to fortify my defenses against future threats. Two-factor authentication, robust password management, and vigilant scrutiny of phishing attempts became my digital armor, thanks to their guidance. This ordeal, though harrowing, became a transformative journey of resilience and redemption. Through adversity, I emerged not only with restored funds but also with a newfound sense of empowerment. CYBER CONSTABLE INTELLIGENCE had not only salvaged my financial future but had equipped me with the tools to safeguard it. In hindsight, the loss was a painful yet necessary lesson—an awakening to the dangers lurking in the digital realm. But with the unwavering support of CYBER CONSTABLE INTELLIGENCE, I reclaimed control of my destiny. Their expertise, compassion, and unwavering dedication turned despair into triumph, proving that even in the darkest of times, there is always a glimmer of hope.
Reach Out to them on Via E m a i l: support (@) cyber constable intelligence. com

DIGITAL TECH GUARD RECOVERY, THE SOLUTION FOR LOST OR STOLEN BITCOIN

A Hard Lesson in Trust: My Fight Against a Bitcoin Scam

WhatsApp: +1 (443) 859 - 2886

contact @ digital tech guard . com

Telegram: @ digital tech guard recovery . com

Brazilians are known for their precision and caution, yet even the most meticulous among us can fall victim to sophisticated scams. I had diligently accumulated R$ 240,000 worth of Bitcoin as part of my retirement plan, carefully nurturing my investment for years. However, everything changed when I received a phishing email that looked identical to my wallet provider's legitimate website. Without a moment's hesitation, I entered my login details, trusting that I was interacting with a secure source. Within minutes, I realized my grave mistake. My account was wiped clean, and I was left staring at the screen in disbelief. I felt utterly devastated, as if all my hard work and careful planning had vanished in an instant. The weight of my failure pressed heavily on my shoulders, and I was crushed by the thought of letting down not only myself but also my family, who had supported my investment journey. In my desperation, I reached out to a colleague who worked in the Finance field. She recommended DIGITAL TECH GUARD RECOVERY, sharing glowing reviews she had heard about their expertise in recovering stolen funds. At that moment, I felt like I had no other options left. The prospect of recovery seemed slim, but I decided to take a leap of faith and contacted them. I reached out, the team at DIGITAL TECH GUARD RECOVERY was understanding and professional. They listened to my story, assuring me that I wasn't alone in this unfortunate situation. They explained their process, detailing how they could help trace the stolen funds and potentially recover them. Their knowledge and empathy instilled a glimmer of hope in me. As they worked on my case, I received regular updates. The team was diligent, employing various methods to track the stolen Bitcoin. Days turned into weeks, but I remained in contact with them, feeling supported throughout the entire process. Eventually, their efforts bore fruit. While I didn’t recover the full amount, I managed to regain a substantial portion of my investment. The experience taught me a valuable lesson about vigilance in the digital age and the importance of seeking help when facing daunting challenges. Though my trust was shaken, I found solace in the fact that support exists in the cryptocurrency community.