Holiday Giveaway - Day 2 | OpenText Cybersecurity Community

+6

mmaner
New Voice
64 replies
2 years ago
December 2, 2022

TylerM wrote:

@mmaner

That's so awesome! Thanks guys, I really appreciate it :).

+6

mmaner
New Voice
64 replies
2 years ago
December 2, 2022

This is the only one I've seen recently that didn't immediately make Spidey sense tingle :). Is simple, and therefore more effective.

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

mmaner wrote:

This is the only one I've seen recently that didn't immediately make Spidey sense tingle :). Is simple, and therefore more effective.

Playing on people’s Christmas positivity and hoping their guard will be down no doubt!

Cheeky Munkey IT

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

I usually delete them all but this one from last year i did keep because I found it 1) utterly rubbish to point of being funny and 2) totally irrelevant as I don’t even pay tax on my vehicle! 🤣

Cheeky Munkey IT

+6

mmaner
New Voice
64 replies
2 years ago
December 2, 2022

MunkeyMan wrote:

mmaner wrote:

This is the only one I've seen recently that didn't immediately make Spidey sense tingle :). Is simple, and therefore more effective.

Playing on people’s Christmas positivity and hoping their guard will be down no doubt!

True story. These groups have zero limits, which means out mitigation techniques have to allow for that.

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

I also liked the ones that did the rounds this year in Twitter with “celebrities” giving bitcoin away...I mean how naive can some people be?

Cheeky Munkey IT

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

mmaner wrote:

MunkeyMan wrote:

mmaner wrote:

This is the only one I've seen recently that didn't immediately make Spidey sense tingle :). Is simple, and therefore more effective.

Playing on people’s Christmas positivity and hoping their guard will be down no doubt!

True story. These groups have zero limits, which means out mitigation techniques have to allow for that.

Yeah nothing surprises me anymore. Its also the charity themed scams that really make my blood boil!

Cheeky Munkey IT

+6

mmaner
New Voice
64 replies
2 years ago
December 2, 2022

I find that most people are far too trusting when it comes to computers, they just feel inherently protected. Its like “a computer can’t lie right?” :).

One of my favorite quotes…

“Nor would anybody suspect. If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor.”
― Robert A. Heinlein, The Moon Is a Harsh Mistress

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

mmaner wrote:

I find that most people are far too trusting when it comes to computers, they just feel inherently protected. Its like “a computer can’t lie right?” :).

One of my favorite quotes…

“Nor would anybody suspect. If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor.”
― Robert A. Heinlein, The Moon Is a Harsh Mistress

It’s true, but really crappy that we have to be such a cynical society these days.

Cheeky Munkey IT

+6

mmaner
New Voice
64 replies
2 years ago
December 2, 2022

MunkeyMan wrote:

It’s true, but really crappy that we have to be such a cynical society these days.

Yeah it is, I agree 100%.

+63

TripleHelix
Moderator
9033 replies
2 years ago
December 2, 2022

Look at the email address. It should be Rogers.com

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station" ¯\_(ツ)_/¯

+6

kleinmat4103
Popular Voice
512 replies
2 years ago
December 2, 2022

I know I’ve seen better ones than this, but generally don’t really hang on to phish emails.

This one I saw recently gave me a little chuckle. I am totally going to email them to take me off the list. lol

+54

Jasper_The_Rasper
Moderator
11562 replies
2 years ago
December 2, 2022

This is a common one which I got but they always crop up all the time. But why would the Australia Post send me anything when I am in the UK?

But always watch out for seemingly harmless survey ones, the surveys just harvest all your presonal information. Facebook for example is full of them.

+4

MunkeyMan
New Voice
304 replies
2 years ago
December 2, 2022

Jasper_The_Rasper wrote:

This is a common one which I got but they always crop up all the time. But why would the Australia Post send me anything when I am in the UK?

But always watch out for seemingly harmless survey ones, the surveys just harvest all your presonal information. Facebook for example is full of them.

Yeah! The amount of relatives that share these sort of posts on Facebook is ridiculous. I am forever messaging family members to let them know that their Aldi or Center Parcs freebies are fraudulent and they ain’t winning anything!

Cheeky Munkey IT

L

LLoganBMG
New Member
1 reply
2 years ago
December 2, 2022

I don’t receive too many phishing attempts. Perhaps we have our email filtering set too tightly?

The best ones I’ve seen are always copies of valid emails from PayPal, Amazon, or Microsoft from obviously fake email addresses and with links changed to unrelated addresses.

Rodney18
New Member
60 replies
2 years ago
December 2, 2022

Here is one from a customer

ProTruckDriver
Moderator
7838 replies
2 years ago
December 2, 2022

Jasper_The_Rasper wrote:

This is a common one which I got but they always crop up all the time. But why would the Australia Post send me anything when I am in the UK?

But always watch out for seemingly harmless survey ones, the surveys just harvest all your presonal information. Facebook for example is full of them.

I don’t do any type of Survey PERIOD! 😉

Late 2015 ~ 5K ~ 27 inch iMac ~ macOS Catalina 10.15.7 ~ Clone & Backup with: SuperDuper - Time Machine & iCloud. PWM: RoboForm. 👁¿👁 Spam Annihilater 👁¿👁

+6

kleinmat4103
Popular Voice
512 replies
2 years ago
December 2, 2022

ProTruckDriver wrote:

Jasper_The_Rasper wrote:

This is a common one which I got but they always crop up all the time. But why would the Australia Post send me anything when I am in the UK?

But always watch out for seemingly harmless survey ones, the surveys just harvest all your presonal information. Facebook for example is full of them.

I don’t do any type of Survey PERIOD! 😉

Oh yeah. Have definitely seen some like that PayPal one. They can be pretty deceptive if you don’t know what to look for.

+63

TripleHelix
Moderator
9033 replies
2 years ago
December 3, 2022

I got a Paypal one and yea right $399.00 for Norton 360 Renewal.

And another in the Spam Folder and it matches the email address above??

4.2.2 Automatically rejected mail

Yahoo/Trash

Mail Delivery Subsystem <postmaster@hostedemail.com>

To:athena+srs=18bxj=4a=paypal.com=service@metasglass.onmicrosoft.com

Fri, Dec 2 at 9:28 a.m.

Your message to <kpieratt@nctv.com> was automatically rejected:

Quota exceeded (mailbox for user is full)

Original message headers follow:

Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2041.outbound.protection.outlook.com [40.107.220.41])

by imf26.b.hostedemail.com (Postfix) with ESMTP id 0BF6010CCE2D4

for <kpieratt@nctv.com>; Fri, 2 Dec 2022 14:28:00 +0000 (UTC)

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;

b=IPOMClR9DX3oqaoo9vMqZDhYOmgOz2eeszwjMp8Z34psm6v8ZMhKjJjZe1VKsVN00a66QX0RCOwnBhg8GJw3aujpDWhF2ekuShw1+3Gj7rfZ4dS9HVz1ai/Yh/3Y83PFTpbqrb+sycWZPfQNp0beWt/vcN5lTpfk+Q9wrAO0i7ShMso0AHPU3uS8a9kTHicPLssYAloEIaAHUZgpYstdVp4Vq/jmre4gBXWL8QhZlx9mCpjBy/jcAv4GYbCqokZJqqiFENUnxeia3Rg1Pf1X+kj1EytuClCH5m26S2VXPjXVAxoan5B2BMkH8StIGAEI8rj9EYkw3TnZ7WeqgnnPhQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector9901;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=zA1+rsBvhwfqUWCcjDqj6TMcbuIWYPAgvcaOmuyz6hQ=;

b=OZuYM7Crl2maT3RdED4PXwFw0i3HCuq6EqbP7m3Suf7rAQwc90Yugcr2dyVGxNCsliLxsYmQ/jNeYLmv66HW7ZIMc3eEJP1L7U80xLZcaPg450TS2YYrAqbavRC1+528CR4n/27ndslZAfaqNasglSwuc5+EaQrFhfxKP+uziJDIq2QAR+CanpMZNpN8dGG1lsSTZ5p1a+mrCkaBKu61/7QA5la5I8bn3qT9D3bAOnoD3LPN1TiNNRXIRBMAaxIbIk5Co3wTYdyHZ5NS7ydmoxTx86Lh6drFdu1f5u0tziFKi4c5wdeE1pPAPn2bTvtrX97hUJGR9uK9kMrz+AKIrA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is

173.0.84.227) smtp.rcpttodomain=metasglass.onmicrosoft.com

smtp.mailfrom=paypal.com; dmarc=pass (p=reject sp=reject pct=100) action=none

header.from=paypal.com; dkim=pass (signature was verified)

header.d=paypal.com; arc=none (0)

Resent-From: <NancySam@MetasGlass.onmicrosoft.com>

Received: from PH0PR07MB8525.namprd07.prod.outlook.com (2603:10b6:510:9d::15)

by DM6PR07MB5737.namprd07.prod.outlook.com (2603:10b6:5:33::21) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.10; Fri, 2 Dec

2022 14:27:55 +0000

Received: from MW4PR03CA0185.namprd03.prod.outlook.com (2603:10b6:303:b8::10)

by PH0PR07MB8525.namprd07.prod.outlook.com (2603:10b6:510:9d::15) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.8; Fri, 2 Dec

2022 14:27:50 +0000

Received: from MW2NAM12FT023.eop-nam12.prod.protection.outlook.com

(2603:10b6:303:b8:cafe::ba) by MW4PR03CA0185.outlook.office365.com

(2603:10b6:303:b8::10) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.10 via Frontend

Transport; Fri, 2 Dec 2022 14:27:50 +0000

Received-SPF: Pass (protection.outlook.com: domain of paypal.com designates

173.0.84.227 as permitted sender) receiver=protection.outlook.com;

client-ip=173.0.84.227; helo=mx2.slc.paypal.com; pr=C

Received: from mx2.slc.paypal.com (173.0.84.227) by

MW2NAM12FT023.mail.protection.outlook.com (10.13.180.90) with Microsoft SMTP

Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

15.20.5901.8 via Frontend Transport; Fri, 2 Dec 2022 14:27:50 +0000

DKIM-Signature: v=1; a=rsa-sha256; d=paypal.com; s=pp-dkim1; c=relaxed/relaxed;

q=dns/txt; i=@paypal.com; t=1669991269;

h=From:From:Subject:Date:To:MIME-Version:Content-Type;

bh=zA1+rsBvhwfqUWCcjDqj6TMcbuIWYPAgvcaOmuyz6hQ=;

b=e+78MvGYz1n1nm4YHhOrLrDDlSgTAIAJ1IxIQ/sHHOksaQtCx0yndpOAnzgir5kL

RiA7vSX/QmAIzQtj/D7jurFaam7a8ula9klP/q/X9ON63Bu8kH41ABncPh5ZTGUq

rSK4ng9c5F+9JofETzVkgOl0CYIreg5/68Mphz+MkCyDIKJkZ2++nYHHeL3Wzkjs

+QzY8+gkNTVjTp6lVi7D6aSvlWm2Lzg2K/6V3QQW2a4JDeBeDnIeaLJpP/QGI4fv

n3XIhIORse2fyef6e2uRdGG7qpJENTnOOMvPQKmalS0XGz/wjCfbhJiesVR01ml4

jSQvb2VXl/6pW6FwAl8eEw==;

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset="UTF-8"

Date: Fri, 02 Dec 2022 06:27:49 -0800

Message-ID: <8F.B0.41759.56B0A836@ccg13mail04>

X-PP-REQUESTED-TIME: 1669991261564

X-PP-Email-transmission-Id: 7e141d06-724d-11ed-929b-3cecef4766e7

PP-Correlation-Id: f864187058082

Subject: Reminder: You've still got a money request

X-MaxCode-Template: PPC001017

To: <NancySam@MetasGlass.onmicrosoft.com>

From: "service@paypal.com" <service@paypal.com>

X-Email-Type-Id: PPC001017

MIME-Version: 1.0

X-PP-Priority: 0-none-false

AMQ-Delivery-Message-Id: nullval

X-XPT-XSL-Name: nullval

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 0160ebdf-669a-495b-bde2-72fbf856a17f:0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic:

MW2NAM12FT023:EE_|PH0PR07MB8525:EE_|DM6PR07MB5737:EE_

X-MS-Office365-Filtering-Correlation-Id: d2a10fbb-f72a-40bb-a4dd-08dad4716418

X-LD-Processed: 0160ebdf-669a-495b-bde2-72fbf856a17f,ExtAddr,ExtFwd

X-MS-Exchange-SenderADCheck: 0

X-MS-Exchange-AntiSpam-Relay: 0

X-Microsoft-Antispam: BCL:0;

X-Microsoft-Antispam-Message-Info:

PWD/kx21ZRA3Xfx1Zs5BgjY8rTzzGZbaeXCmMQ8pJ3NZXMg6AxS+0Aag3w/K8j3vc2rdeEPwr6w4h127jEfMmC3ctEgHZQYfFIcmwxSPzZsrDtIMO1W/lRDR4hfy6bsFQNq0dz2iQ9pefITkHfgIEE41qxZ8EKsvsTiIXTe+yR5zKW5ChKFZvlOVzhsB6qCeVZBWCUpyQM1xRYS5frtCBjDKBAnM8Kigbhmj0T9/euvdSn0m+jwdPUJonRGQORxuvvhW3UTs5kQlBoI9AA3oUCGEdQEeHBUEbLTH8otnCQn7mXytgU3pEN1mr4MbQODPUm1RObZ56OsBVDBnDDF3uuZcSyLGJqM+mU5cJG0Exn1eDMATdFewkAfkhftU7CYk4QIxnOaM8oTv3wZOWJqVqcBRHa8cy5wxOoopS8daFcNLud7VYRjCWk7lzgAnRTQyOeTJG2ocg3DqKAKgZWPJexWn1oBW8JK5CJy4Dz5i4MlMVieBd+QUyaax4zwkxpCvEimwYtsEUE64xmsZCYQ623bqGIzQT8eJz9yaqFcEzM2i5eb/fVazEVQFyTp5vahHVsw52X09HmvE7rwjYr4RnzHefxdGzDNkEQwJG0kdOxzETH+eVR8xf0hEMnteAE5RJp5cLGhrtaXoKWXDCWPhYXABA7urrC0IxuIRm1Ar7z2YnrQQBNsKWJiEA1BbfPLRcUGt7+QSAJbzQA/NbnqsBV+eW9xjJpFrKtYOI/ssBt1kSLqBH9kYdqa3WC9QnnlaFU48hjYR7TV/rVEz1MCjYJXko95GTJuQpTevO437QFmU/Goree3IFOPa5cyJNFBO3DkT8D751HgJYu3HysWODe+KXXibKscjhuJa1fxTk/A=

X-Forefront-Antispam-Report:

CIP:173.0.84.227;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mx2.slc.paypal.com;PTR:mx2.slc.paypal.com;CAT:NONE;SFS:;DIR:OUT;SFP:1101;

X-ExternalRecipientOutboundConnectors: 0160ebdf-669a-495b-bde2-72fbf856a17f

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-OriginatorOrg: MetasGlass.onmicrosoft.com

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Dec 2022 14:27:50.0201

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: d2a10fbb-f72a-40bb-a4dd-08dad4716418

X-MS-Exchange-CrossTenant-Id: 0160ebdf-669a-495b-bde2-72fbf856a17f

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-CrossTenant-AuthSource:

MW2NAM12FT023.eop-nam12.prod.protection.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR07MB5737

ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1669991281; a=rsa-sha256;

cv=pass;

b=Fv8EM5Yayft7I7RCRDRb8YHC7+edPr63YHV6J0UqYkRL8qNKuXL1/c8DVPBNSL6rVRnso6

Fqu7d1MRUQ0801nW0cfrbP0qGz3r+UuD91IJ0HKzF2otz2Hht6yA5c/WwkVnzbIQzZ6z3P

JUkV77kaypgLBz/DkWhn6FYZlY1kYFc=

ARC-Authentication-Results: i=2;

imf26.b.hostedemail.com;

dkim=pass header.d=paypal.com header.s=pp-dkim1 header.b=e+78MvGY;

dmarc=pass (policy=reject) header.from=paypal.com;

spf=pass (imf26.b.hostedemail.com: domain of "athena+SRS=18bxj=4A=paypal.com=service@MetasGlass.onmicrosoft.com" designates 40.107.220.41 as permitted sender) smtp.mailfrom="athena+SRS=18bxj=4A=paypal.com=service@MetasGlass.onmicrosoft.com";

arc=pass ("microsoft.com:s=arcselector9901:i=1")

ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;

s=arc-20220608; t=1669991281;

h=from:from:sender:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type:

content-transfer-encoding:content-transfer-encoding:resent-from:

in-reply-to:references:dkim-signature;

bh=zA1+rsBvhwfqUWCcjDqj6TMcbuIWYPAgvcaOmuyz6hQ=;

b=oCz1pD0h8cEvqpHijK6HPeea7HqtlBi1xeydcuAA7Fke4zdOFY3Nw51qKw9v10k5uDd6PX

piqizV2uW70G4AZulDlRyBmKhvfZ9+rXPRpdvaBgihQjn5Ln7WobdA132/p0a7NU2PPXDD

ntdLdVn06HjCtsTb5C8A2seUANHl5YE=

X-Spam-Status: Yes, score=10.30

X-Stat-Signature: j593b6jaxby99pi7xebdigzm7idy7s85

X-Rspamd-Queue-Id: 0BF6010CCE2D4

X-Rspam-User:

X-Rspamd-Server: rspam10

Authentication-Results: imf26.b.hostedemail.com;

dkim=pass header.d=paypal.com header.s=pp-dkim1 header.b=e+78MvGY;

dmarc=pass (policy=reject) header.from=paypal.com;

spf=pass (imf26.b.hostedemail.com: domain of "athena+SRS=18bxj=4A=paypal.com=service@MetasGlass.onmicrosoft.com" designates 40.107.220.41 as permitted sender) smtp.mailfrom="athena+SRS=18bxj=4A=paypal.com=service@MetasGlass.onmicrosoft.com";

arc=pass ("microsoft.com:s=arcselector9901:i=1")

X-HE-Tag: 1669991280-375640

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station" ¯\_(ツ)_/¯

+5

russell.harris
Popular Voice
1832 replies
2 years ago
December 3, 2022

MunkeyMan wrote:

mmaner wrote:

This is the only one I've seen recently that didn't immediately make Spidey sense tingle :). Is simple, and therefore more effective.

Playing on people’s Christmas positivity and hoping their guard will be down no doubt!

Yes, sadly this is a great time of year to scam people.

"The only problem with troubleshooting is that sometimes trouble shoots back!"

+5

russell.harris
Popular Voice
1832 replies
2 years ago
December 3, 2022

Ive started to get a few recently about my “Wallet” and “Apple Pay”.

Does make you think as I use these all the time.

Shame they show a link which is obviously fake though, poor efforts!

"The only problem with troubleshooting is that sometimes trouble shoots back!"

+25

TylerM
Author
Sr. Security Analyst & Community Manager
1271 replies
2 years ago
December 5, 2022

These are all great thanks everyone!

Holiday Giveaway - Day 2

Happy Holidays everyone!

Congratulations!

Today is Day 2 of our Giveaway

22 replies

Reply

Happy Holidays everyone!

Congratulations!

Today is Day 2 of our Giveaway

Reply

Related Topics

Holiday Giveaway - Day 12

Holiday Giveaway - Day 11

12 Days of Holiday Giveaways!

Holiday Giveaway - Day 10

Holiday Giveaway - Day 9

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded