PatsFans.com Menu
PatsFans.com - The Hub For New England Patriots Fans
PatsFans.com - The Hub For New England Patriots Fans
Register

OT: PSA For anyone with a Gmail account

Status
Not open for further replies.
Ian

Ian

Just the dude who fixes things here.
Staff member
ADMINISTRATOR
Joined
Jun 17, 2000
Messages
31,247
Reaction score
47,838
Has nothing to do with anything here, but I came across this after hearing about it, and it's apparently a big deal. Please take a moment to read this and don't click on the email they reference should something like this come to your email account:

Watch Out for This Sophisticated Phishing Email That Looks Like It's From Google

Google says it's rolling out a fix for a bug that allowed scammers to send a convincing-looking email to developer Nick Johnson about a subpoena request.
www.pcmag.com

One of my friends got hit with it, and they're locked out of their account. It looks legit when it comes through, so be careful until Google finally fixes this and gets it taken care of.
 
I got a rather looking official text from Easy Pass telling me I owed $.28, the only toll I have taken in the past month is the Newport Bridge and that toll with Easy Pass is $.83.... but have to wonder how many folks fall for this phishing effort???
 
I'm constantly getting hit with emails from Microsoft and other big vendors asking me to reset my password and they are always a scam. Count on it daily...nothing saying I owe but I DO get texts/sms saying I owe SunPass from going through tolls and of course it says to reply to an Outlook or Hotmail email account to get it 'resolved'...never click on anything YOU did not request. Doesn't matter if it comes from grandma, mom, the cat, the neighbor's son's kid....NEVER do it.
 
DarrylS said:
I got a rather looking official text from Easy Pass telling me I owed $.28, the only toll I have taken in the past month is the Newport Bridge and that toll with Easy Pass is $.83.... but have to wonder how many folks fall for this phishing effort???
Click to expand...
I got these texts as well but I used Mass Pike a couple of times prior to that so I almost fell for it. I got the DOT bill in the mail and after I paid it on their site I started getting these texts.
 
I get those texts to pay your toll all the time. Lately they've become much more aggressive and threatening in tone.

Really wish a law enforcement agency would partner with the carriers to crack down on this crap. I have to assume many people are falling for it, or they wouldn't keep sending them.
 
What I do is check the email address of the sender. If the domain's is wrong, it goes to the junk folder. If the domain looks correct, I still don't click on the link, but rather log into that particular account using my browser.
 
raduray said:
What I do is check the email address of the sender. If the domain's is wrong, it goes to the junk folder. If the domain looks correct, I still don't click on the link, but rather log into that particular account using my browser.
Click to expand...
I do the same, but that's apparently the weird thing about this one. It's able to spoof the sent email to look like it came from google.com due to an issue with the authenticator (which they were apparently alerted to a while back and ignored). That's what makes this one challenging because it bypasses Google detecting it as a bogus email and the "from" looks legitimate. Unless you check the header (which is still somewhat convincing), it's tough to spot this based on how it was shown. Fortunately, it looks like Google is finally patching the vulnerability, which it's a little crazy that they didn't do it before now.
 
DarrylS said:
I got a rather looking official text from Easy Pass telling me I owed $.28, the only toll I have taken in the past month is the Newport Bridge and that toll with Easy Pass is $.83.... but have to wonder how many folks fall for this phishing effort???
Click to expand...
i have gotten a few of those lately... those texts are indeed a scam.
 
The best was the illoveyou worm that sent itself to everyone in your contact list. Emails were coming from a known se set so lots of people thought they were legit. Really no reason not to tbh. Honestly kinda surprised that we haven’t heard about similar things going on. I guess there isn’t enough $ in it…
 
PancakeBlockPaul said:
I'm constantly getting hit with emails from Microsoft and other big vendors asking me to reset my password and they are always a scam. Count on it daily...nothing saying I owe but I DO get texts/sms saying I owe SunPass from going through tolls and of course it says to reply to an Outlook or Hotmail email account to get it 'resolved'...never click on anything YOU did not request. Doesn't matter if it comes from grandma, mom, the cat, the neighbor's son's kid....NEVER do it.
Click to expand...
I open whatever my cat sends me without a second thought.
 
Government communications of any importance or significance are pretty much never done just through e-mail or a phone call.

If you get someone claiming to be from any agency, find their real number and call them, if you're worried.
 
BennyBledsoe said:
Government communications of any importance or significance are pretty much never done just through e-mail or a phone call.

If you get someone claiming to be from any agency, find their real number and call them, if you're worried.
Click to expand...
This is really good advice, and the one thing people get tripped up on by government-type scammers.
They'll only contact you through regular mail first, with a number to call in the correspondence if it's something that needs to be addressed quickly.

They will never contact you via text or email first.
The amount they'll contact you by phone first, is incredibly rare, it's not *never*, but it's close to never.
 
TommyD4207 said:
This is really good advice, and the one thing people get tripped up on by government-type scammers.
They'll only contact you through regular mail first, with a number to call in the correspondence if it's something that needs to be addressed quickly.

They will never contact you via text or email first.
The amount they'll contact you by phone first, is incredibly rare, it's not *never*, but it's close to never.
Click to expand...

Yeah, it is the last meaningful use of snail mail. But snail mail is broken...95% of what comes to my house gets recycled without opening or review. And important letters are discovered in magazines, months later.
 
Ian said:
I do the same, but that's apparently the weird thing about this one. It's able to spoof the sent email to look like it came from google.com due to an issue with the authenticator (which they were apparently alerted to a while back and ignored). That's what makes this one challenging because it bypasses Google detecting it as a bogus email and the "from" looks legitimate. Unless you check the header (which is still somewhat convincing), it's tough to spot this based on how it was shown. Fortunately, it looks like Google is finally patching the vulnerability, which it's a little crazy that they didn't do it before now.
Click to expand...
Now you’ve got me wanting to track down examples of that. It’s been ages since I decoded any really interesting email headers.
 
  • Like
Reactions: Ian
jmt57 said:
Really wish a law enforcement agency would partner with the carriers to crack down on this crap. I have to assume many people are falling for it, or they wouldn't keep sending them.
Click to expand...
This stuff could have been so much more bullet proof if decades ago, but it would have involved more messaging under the covers to confirm the sender was who they said it was, and the big players didn't want to pay for that.

In fact the easier they make it to spam the more paying traffic they get, and the harder they make it to spam the more unpaid work they need to do.

Pretty easy choice for the ****head MBA "winners" who make the decisions.

raduray said:
What I do is check the email address of the sender. If the domain's is wrong, it goes to the junk folder. If the domain looks correct, I still don't click on the link, but rather log into that particular account using my browser.
Click to expand...
Well, yeah, but try to teach this to elderly people. Some can manage, but many cannot.
 
BennyBledsoe said:
Government communications of any importance or significance are pretty much never done just through e-mail or a phone call.

If you get someone claiming to be from any agency, find their real number and call them, if you're worried.
Click to expand...

Not just government, but also all types of law enforcement, those claiming legal action, and those urging immediate action on financial matters, and especially your financial institution(s).
 
Status
Not open for further replies.

Similar threads

Ian
ANNOUNCEMENT Google Login Added
2 2K
Ian
Ian
jmt57
  • Locked
Today In Patriots History June 25: Happy Birthday to Vernon Crawford
12 3K
1960Pats
1960Pats
jmt57
  • Locked
Today In Patriots History June 25: Roster Bubble Players
13 2K
1960Pats
1960Pats
Nikolai
  • Locked
Appeal for Help: Wife's Family Desperate to Get Out of Afghanistan (UPDATE 20 FEB: THIRD OPTION COMING ABOUT! FOSTERING HOPE IN DESPAIR)
8 9 10
196 38K
BTTA
BTTA
patfanken
  • Locked
Idle thoughts - a wrap up edition
2
35 7K
pazrul72
pazrul72
Patriots Pro Shop
TRANSCRIPT: Caleb Lomu’s Interview with New England media 4/23
MORSE: Patriots Make a Questionable Selection of Caleb Lomu in the First Round
Patriots Trade Up, Take Utah Tackle in Round 1 of the NFL Draft
TRANSCRIPT: Mike Vrabel Press Conference 4/23
Thursday Patriots Notebook 4/23: Vrabel Set to Miss Day 3 of Draft ‘Seeking Counseling’
MORSE: Final Patriots Mock Draft
Former Patriots Super Bowl MVP Set to Announce Pick During Draft
TRANSCRIPT: Mike Vrabel’s Media Statement on Tuesday 4/21
MORSE: What Will the Patriots Do in the Draft?
MORSE: Patriots Prospects and 30 Visits
Back
Top