r/phishing

Got an Email from a colleague for an event invite, I clicked the link and it’s a scam

I clicked the link for the invitation, purportedly from punch bowl. It took me to a “security verification” page, vuxur.vu, which seemed suspicious, and then it asked me to type in my Gmail password. Fortunately I didn’t do that, and I just changed my Gmail password to be safe, but is there a chance more of my info has been compromised just from clicking the link?

reddit.com
u/0nBBDecay — 9 hours ago

Off topic I got a SSA scam? I am very confused.

I got an email from SSA and I don't know. I think this is a scam, looks like I had this email with ID.gov but it did not even pass the verification thing. The email is do-reply@gov.

Yeah, but I did not apply for benefits, and I called the idgov person; they are open 24/7 on the phone to help make a password change, and I got into that account. The account looks like it did not even pass the two-factor verification; it's linked to my phone, and no application benefits were done. So she told me the account was not hacked or fraudulent. It's asking you to have a passport or Driver's ID to complete the account and such, and it was linked to my phone being 2 step verification. I deleted the ID.gov account just now. I did not see any applications done, either. Maybe it was my old account from way back. I think someone spoofed the ID.gov email to send it to my other email address. But I will give SSA a call to make sure everything is gone, and tell them I have been spoofed and I did not apply for any benefits. I wish I could post a screenshot of my other email on what it looks like. I have my main email to ID.me and I don't see any benefits applied. Thank you for the help.

reddit.com
u/Putrid_Factor_2660 — 2 days ago

Screenshotted a phishing email about flowers

Okay so i just got a spam email about receiving flowers and i knew it was a scam but i wanted to show my friend so i screenshotred it and then my phone vibrated twice and now i cant get it out of my head that they somehow hacked me feom the screenshot. Is that possible??? Im so sorry to ask this here, im not educated much on this topic and dude i am STRESSED 💔

reddit.com
u/Thisisjust- — 2 days ago

Endless texts to "Crsca" (me)about google account/photos being deleted. Can I stop these?

Hello,

I am getting texts several times a day for over a month that "I must take action" by clicking a link to save my Google photos. My storage is full, and I already tried to stop photos from backing up there and was looking for ways to clear them without deleting from my devices, which is probably how they snagged my number, if that's even possible. I've never responded, just reported and blocked, but they continue to come from endlessly different numbers. Any solution to dtop this? And what is with the Crsca instead of my name (not that I want them to have my name)? Thanks.

reddit.com
u/Ainsel72l — 4 days ago

Real PayPal link or Phishing?

Got this text after I made a purchase, the transaction did happen with that amount but when I go to the PayPal app and website it doesn’t say anything about failed payment

u/Emory123456 — 4 days ago

Phishing site ? Is my laptop safe?

I stupidly logged into a site Use.ai as I thought it was Chat (clearly not). All it needs is an email and it sort of ‘signs you up’. I didn’t enter any payment details or anything.

I then did get an email too here .. and did click the link - which basically just seems to redirect to their website .

I have also used their delete account page to delete but I still keep getting marketing emails.

Main question is - could I have any malware or anything from this ?

Thank you !!

u/NeverLetMeGo1901 — 4 days ago

Keep getting calls from unknown foreign numbers - help?

For the last week, I have been getting missed calls from different foreign countries. Attached is a screenshot below, but this has been going on every single day from all different European countries. If I answer it clicks off straight away. I have turned on the iPhone feature which silenced calls from unknown numbers, but they’re still appearing as missed calls. I can’t block them because they’re different everytime. My number has clearly leaked somewhere, what are my options? Thanks in advance - starting to worry about this a bit.

u/Monabakes — 5 days ago

Help Deciding if it’s a phish ?

I’m not sure if this is considered close enough to a phishing scam to post here, but I recently downloaded an app called HeyCash and when I went to redeem the reward it sent me an e-card instead of a physical copy, even though I selected physical card. Is there any way to know if it’s safe to click on the redemption link ?

u/Queen_spider154 — 5 days ago

Received offers from Spotify but I think these are scams/phishings!!

Hi - maybe some of you know this tactic if legit or not. I have been offered two roles in Spotify, one is Social Media Manager and the recent one is Chief Marketing Officer.

They sent it through my personal email and it does seem so legit, I ask for some questions and they responded to have a short connect via scheduling link, which already made me doubted its legitimacy. I never clicked it and proceeded to block and report instead.

Anybody experienced this type of phishing/scam?
Thanks

u/Annual_Sky1261 — 5 days ago

Weird mail received 2 years ago

Hi Reddit people, I post here because I have a an interrogation, 2 years ago I received a mail that I always find weird. I know that English isn't my first language but for me it doesn't make sense

If someone understand what it can be or any questions about that I will try to respond my best

Thanks :)

Thanks :)

u/Due-Mood-7264 — 5 days ago

Phishing Email in focused inbox

Had this really weird email in my focused box, i opened the email but I didn't click on any of the files as I know not to touch them.

Anyone else received an email like this?

(I have no idea where my email is getting leaked from)

u/Beaugerking — 5 days ago

Paperless Post scam was sending from my account

My husband opened a paperless post scam email in our shared email account a few weeks ago. He didn't fall for the prompts asking for login info, and we thought everything was fine but just today it sent out a whole batch of phishing emails to other people from our account. Just thought I'd share some details here:

I cannot see all the sent emails. I found one in my sent file, and one in my trash file, but based on responses I'm getting back and slightly varied text, I know that e-mails went out that I am not able to find.

I wanted to warn our contacts. I wasted a bunch of time trying to send emails directly from our account, but then realized that I actually needed to send to every address we have had contact with (some 2500), and that emails with even 50 recipients were getting caught in others' spam filters. So, I ended up going to an email marketing platform - I used Campaign Monitor. I should have done that in the first place - would have saved myself some time and gotten to a few more people before they opened the scam email. It was quick and easy, though I did have to bump up to a paid monthly account for $47 to send that many. (Penance.) Once I had the addresses in there a quick search for "unsubscribe" and "contact" in the addresses helped weed out addresses that were not actual people and got me below a price threshold.

And, if this happens to you, definitely your first step should be to send out a text or email to elderly relatives who are guaranteed to open this nice invite they got from you and enter all their personal data into it. I got to my uncle too late. :(

reddit.com
u/Cautious_Trainer4351 — 6 days ago

Suspicious WhatsApp message after booking.com reservation

A few months ago I made a reservation for a stay in Japan through booking.com.

The trip is coming up soon, and today I received this message on WhatsApp.

What makes it very suspicious is the name "HR Consultants", the fact that the phone number is from Pakistan, and the fact that they would not contact me directly via booking.com.

But I'm wondering how they got the information about my reservation, as the name of the place and the dates are correct.

u/Boring_Snail — 7 days ago

How does this phishing / URL manipulation work?

The last days I saw several phishing attempts with an URL like the following:

Careful, active phishing website, no hyperlink

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?state=test@test.com&scope=openid&prompt=none&client_id=8c73402b-669c-4bfd-9fcb-911cdd1b0430

This resolves into

Careful, active phishing website, no hyperlink

https://account.compliance.vu/configurations.html?reviews=test@test.com

Sadly, I don't know enough about OAuth to understand how this is done with these parameters:

state=test@test.com
scope=openid
prompt=none
client_id=8c73402b-669c-4bfd-9fcb-911cdd1b0430

I can imagine the client_id being where some kind of injection takes place, but I would like someone else's opinion.

reddit.com
u/YellowOnline — 5 days ago

Gmail got hacked and sent out Paperless post invites

Friends started telling me they got a "Special Dinner" Paperless post/Partiful invite from my email. There's no trace of the sent emails from my Gmail account or Paperless post/Partiful. I immediately reset all my passwords and added MFA to all my accounts. Is there anything else I should do to protect myself?

reddit.com
u/ceomom88 — 6 days ago

When do I decide to change my number, or what can I do?

Became a victim of either a company being hacked or selling my data that I was looking at a loan. Now my phone is blowing up with fake loan offer robo calls. I haven’t answered any of them thanks to call screening but I think that the call screening has let them know it’s an active number. What should I do?

u/Independent_Bike_141 — 7 days ago

Someone is trying to send verification codes to services that I don't know through SMS

I checked my accounts that I care about and they seem to be fine. No unknown sessions, no weird activity otherwise.

Should I just wait it out or change my passwords just in case? Is my phone number compromised?

u/StupitVoltMain — 8 days ago

Phishing scam in DM's from Reddit user

Phishing scam in my DM's from a Reddit user called: Powderpuffpowwow

Basically saying they mistakenly reported my profile to Reddit and I have 2 hrs to reach out to the admin/moderator to save my account, but through a Discord account.

I have reported this to Reddit.com/forms as well. But just wanted to give you a heads up.

*I think I'm more offended that they are using the Powerpuff girls brand for this crap, honestly, the audacity.

**and honestly it's a little bit inception of you to phish me phish

Stay vigilant harry

u/RuiBanjo — 9 days ago