this post was submitted on 12 Oct 2023
837 points (98.5% liked)

Lemmy.World Announcements

29063 readers
3 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news 🐘

Outages πŸ”₯

https://status.lemmy.world/

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to info@lemmy.world e-mail.

Report contact

Donations πŸ’—

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 1 year ago
MODERATORS
837
Phishing Mails (lemmy.world)
submitted 1 year ago* (last edited 1 year ago) by lwadmin@lemmy.world to c/lemmyworld@lemmy.world
 

This will be a quick post. We have received a phishing mail to our info@lemmy.world mail address telling that they are "lemmy.world Security Team", telling that they will "disconnect" your account from our instance. This is ofc, not us. Do not fall for it! The attached image is how the mail looks like.

~Lemmy World Team.

top 50 comments
sorted by: hot top controversial new old
[–] NOT_RICK@lemmy.world 98 points 1 year ago (4 children)

Hello, it is I, John Security. Please respond to this message with your name and SSN or the FBI will arrest you for unpaid back taxes. Also, do you have any iTunes or Google play gift cards laying around?

[–] jordanlund@lemmy.world 36 points 1 year ago (1 children)

Don't forget! Lemmy automatically detects and blocks sensitive information so it's totally safe to enter your SSN:

###-##-####

See! It works!

[–] NOT_RICK@lemmy.world 29 points 1 year ago (2 children)
[–] FMT99@lemmy.world 23 points 1 year ago

Yes, that looks like ####### to me

load more comments (1 replies)
load more comments (3 replies)
[–] TheGoldenGod@lemmy.world 93 points 1 year ago (1 children)

Jesus. Phishing emails like this have become so commonplace I actually miss the old Viagra spam emails in l33tspeak.

[–] SpaceNoodle@lemmy.world 36 points 1 year ago (2 children)

My spam folder is still chock full of those.

[–] BeanEater@lemmy.world 16 points 1 year ago (2 children)

When’s the last time you checked your spam folder, 2003? I legitimately haven’t seen the 1337sp34k spam in 20 years. Lately it’s been Africans leaving me money at the embassy that I have to go pick up

[–] echodot@feddit.uk 15 points 1 year ago (1 children)

For some reason I seem to be getting a lot of spam emails in French. And all of the links are pretending to be French Canadian postal service websites.

I don't know why because I'm neither French nor Canadian. Nor have I ever been to Canada.

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)
[–] Annoyed_Crabby@monyet.cc 66 points 1 year ago (2 children)

How do you guys know it's not you guys?

Joke aside, i wonder why they wanna phish for user account in lemmy? Unlike the exploit like a few months ago that specifically target admin, this one seems like it target anyone, it so random.

[–] ChaoticNeutralCzech@feddit.de 25 points 1 year ago (1 children)

To exploit password reuse.

load more comments (1 replies)
[–] echodot@feddit.uk 15 points 1 year ago

Awesome because of the way it's written it's practically guaranteed that admins will know it's a scam.

[–] dependencyInjection@sh.itjust.works 58 points 1 year ago (3 children)

Isn’t it a waste of time trying these scams on lemmy.

I could be wrong here but I would argue the vast majority of users are somewhat tech proficient since it’s not reached mass adoption and the user base is well, just us nerds?

[–] Bitrot@lemmy.sdf.org 55 points 1 year ago (2 children)

Tech folks still fall for phishing. It takes a momentary lapse, failure to caffeinate, it happens.

Lemmy is currently full of newly registered domains with weird suffixes, the kind that traditionally have been a phishing indicator. Lemmy.world is going to be harder to phish than some of the other ones where you have to read closely.

[–] dependencyInjection@sh.itjust.works 13 points 1 year ago (1 children)

I guess hubris can be a factor too.

[–] sudo@lemmy.today 9 points 1 year ago

I'm not "ignoring your emails" and "never responding", I'm just security conscious

load more comments (1 replies)
[–] SgtAStrawberry@lemmy.world 30 points 1 year ago (3 children)

Well one of the best scam hunters on YouTube lost his account to a scam. So not really a waste of time, trying Lemmy.

[–] RubberElectrons@lemmy.world 9 points 1 year ago (4 children)

That sounds so crazy, who was it? What happened?

[–] czech@kbin.social 10 points 1 year ago

Looks like he was tricked into deleting his own channel by someone masquerading as YouTube support. https://futurism.com/the-byte/youtube-channel-hunts-scammers-gets-scammed

load more comments (3 replies)
load more comments (2 replies)
[–] affiliate@lemmy.world 15 points 1 year ago (2 children)

i click every link that shows up in my email, keeps life interesting

load more comments (2 replies)
[–] FlyingSquid@lemmy.world 53 points 1 year ago (2 children)

I got an almost believable phishing text yesterday from a 'collection agency' that wanted me to download a PDF and go to their website. It looked very official and I'm having some debt issues, but it didn't tell me who it was representing or what I owed or anything like that, so I could tell it was phishing. But a less-savvy person could have totally been fooled by it because it looked very real.

[–] henfredemars@infosec.pub 21 points 1 year ago

I got a spam message that was surprisingly well written until I realized wait a minute, if this is true, why do you need me to tell you who I am?

[–] SnipingNinja@slrpnk.net 16 points 1 year ago

It's especially bad if you are half asleep and panic click on something, especially with session hijacking

[–] Clbull@lemmy.world 38 points 1 year ago (12 children)

Why would they target Lemmy users?

Your typical Lemming (for lack of a better term) is not technologically inept and would generally not fall for a phishing scam. They'd earn a lot more money from targeting Redditors.

software devs and other highly technical IT roles fail phishing tests at my company

[–] skullgiver@popplesburger.hilciferous.nl 21 points 1 year ago* (last edited 11 months ago)

[This comment has been deleted by an automated system]

load more comments (10 replies)
[–] affiliate@lemmy.world 36 points 1 year ago

how do you know it’s not from the secret second mod team?

[–] zepheriths@lemmy.world 34 points 1 year ago (1 children)

That's absolutely hilarious. It's like people don't know how Lemmy works

[–] DudeDudenson@lemmings.world 13 points 1 year ago

That's exactly how run of the mill phishing scams work. They prey on the people stupid or senile enough to not see anything wrong with this email and avoid wasting time on the people that easily spot the scam

[–] ShitOnABrick@lemmy.world 29 points 1 year ago (1 children)
[–] quinten@lemmy.world 13 points 1 year ago
[–] dreadedsemi@lemmy.world 29 points 1 year ago (5 children)

It's weird that they target Lemmy, what would they get? Access to account that shitposts? Only important accounts are admin, even communities are small here

[–] Dave@lemmy.nz 34 points 1 year ago (1 children)

My guess is they did not. It doesn't appear to be targeting Lemmy, it's just a generic spam email.

Note the email was received at the info@lemmy.world address. The email most likely got the info@lemmy.world email address, took the domain from it, lemmy.world, and put this in their spam generator. The email doesn't even make sense, because it says they need to install an app for their mail but it's a custom domain.

If you imagine most of the emails on their spam list are @gmail.com or @outlook.com, etc, then the email looks like it is coming from the gmail.com security team or the outlook.com security team. The email no longer makes sense when you have a custom domain.

load more comments (1 replies)
[–] HKayn@dormi.zone 23 points 1 year ago

It's not targeted at Lemmy. This phishing mail simply assumes that lemmy.world is an email provider, and that info@lemmy.world is a registered email account there.

load more comments (3 replies)
[–] obinice@lemmy.world 21 points 1 year ago (2 children)

Why are these sorts of things always written by somebody who can clearly barely speak English?

[–] bananabenana@lemmy.world 51 points 1 year ago (3 children)

I read that this was to weed out savvy people. People who aren't skeptical of poorly written emails or messages are their target audience. Could be wrong though.

[–] Spuddaccino@reddthat.com 24 points 1 year ago

I think it's mostly an unintended benefit. These scams are usually run out of countries with English as a second language, so you get some grammatical errors in translation. It does increase the conversion rate, though, so they don't bother spending extra money getting a native English speaker to copy edit.

[–] Chariotwheel@kbin.social 17 points 1 year ago

Yes, exactly this. You want people who can't see behind the simple facade. Because they are more likely to be easily fooled. You don't want to work someone who is very sceptical or just moderately sceptical. In that time you could work through a bunch of people that can't see behind this and pull out money from them.

Scammers want easy marks. Why wouldn't someone make it easier for themselves by naturally filtering out people that can't be easily fooled?

[–] echodot@feddit.uk 13 points 1 year ago

I'm sure that's some of it, but also I think a lot of it is this is the kind of crap you do get if you run Chinese through Google translate and just copy paste the output.

It's almost fine but then it falls apart and doesn't really make sense.

[–] Koen967@feddit.nl 16 points 1 year ago (1 children)

What is unclear? All you have to do is resolve the Lemmy world app on Android and install the errors on your iPhone mail.

[–] echodot@feddit.uk 9 points 1 year ago

Yeah I'm not actually quite sure I understand what the issue they are pretending is.

[–] cole@lemdro.id 18 points 1 year ago (2 children)

I've gotten an email like this before for lemdro.id. I think it's a generic phishing email since the community links look like email addresses (and actually often are)

load more comments (2 replies)
[–] slazer2au@lemmy.world 18 points 1 year ago

Do you have plans to enable DMARC, DKIM, and SPF to make the emais more likely to be flagged as spam by email filters?

[–] CrayonRosary@lemmy.world 14 points 1 year ago (1 children)

Such good English, too. How could you not trust that?

[–] Papanca@lemmy.world 13 points 1 year ago (1 children)

At least, it doesn't say 'kindly'

load more comments (1 replies)
[–] MicrowaveOvens@lemmy.world 11 points 1 year ago (2 children)

Hey, quick question. I'm assuming these emails are automated, so how do they know your account's email? Is this part of a leak or are they sending email via "send notification to email" option in lemmy?

load more comments (2 replies)
[–] nodimetotie@lemmy.world 10 points 1 year ago

I wonder what they thought of when they wrote "Security Team." I just think of security guards.

load more comments
view more: next β€Ί