Are people really this stupid?
I got an email message from “TAX@irs.gov” today claiming that:
Your federal Tax payment (ID: HF2IRS598523201), recently sent from your checking account was returned by the your financial institution.
For more information, please download notification below. (Security PDF Adobe file)
Are people really stupid enough to click a link on a site based in the UK for an IRS tax issue? Are people really stupid enough to click a link to a PHP file that’s supposed to be a PDF file?
Here’s a copy of the message. If you got one of these, “raise your hand” by posting a comment below. I’m curious.
And spread the word; you have no idea how much it irks me that scammers are preying upon people dumb enough to believe crap like this.
Yet another phishing scam.
Got this one supposedly from American Express today. Pointing to a link in the email message clearly showed that clicking a link would not take me to an American Express website:
Compare the look of that email message with the top of a real one from Amex:
Note that the real one includes my full name and even the last five digits of my credit card number (which I’ve blurred out here). When I point to a link in that message, the URL goes to a page at americanexpress.com.
Don’t be fooled! If you get a message from a bank or credit card company — or any other organization on which you have an account — go directly to that organization’s website by typing in the URL. Do not click a link in an email message. It may take you somewhere you don’t expect or install software that can infect your computer with malware.
Yep. Another one.
Here’s another attempt to get unsuspecting people — in this case, business owners — to open a file that will likely install malware on their computer. This one supposedly comes from firstname.lastname@example.org and has a ZIP file attachment. It was addressed to my Flying M Air business email address and includes a link to my website. Keep in mind that my business email address is quite generic and could have been guessed by the sender.
The complete message is shown below.
Once again I need to remind everyone who might be taken in by emails like this: don’t open any file attachment that you are not expecting, especially if it comes from a person or organization you are not already doing business with.
Another one. Or two.
Another heads up on a phishing scam. This one comes in the form of an email message from “Picasa Library” or “Picasa Photo” that’s marked Urgent.
Pointing to the button in my email message window (see below) clearly shows that the link doesn’t go to Picasa (a photo sharing site) at all. It’s just another scam — another attempt to get you to go to a site and enter login information or download a virus.
It was pretty obvious to me that it was a scam, mostly because I don’t use Picasa and certainly don’t have 76 photos on the site. But if you do use Picasa? And had just uploaded a photo? You might be fooled.
Sloppy work, but I’m sure some people will fall for it.
Have you gotten an email message supposedly from email@example.com (but really from someone else)? A brief email with the ADP logo and an invoice.zip file attachment?
Don’t open it.
Although I don’t think opening the message will cause any harm, the attachment is likely some sort of virus — or contains one when opened — and that can’t be a good thing.
Here’s what the message I got looks like. Note the From field and the typo in the bold, underlined text.
I’ve said it before and I’ll say it again: Don’t open attachments you aren’t expecting, especially from organizations you don’t have some sort of email relationship with. Doing so is just plain stupid.
Coincidentally, I worked for ADP at their corporate headquarters back in the 1980s.