This Community is intended for posts about the Lemmy.world server by the admins.
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Any support requests are best sent to info@lemmy.world e-mail.
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
This will be a quick post. We have received a phishing mail to our info@lemmy.world mail address telling that they are "lemmy.world Security Team", telling that they will "disconnect" your account from our instance. This is ofc, not us. Do not fall for it! The attached image is how the mail looks like.
~Lemmy World Team.
Hello, it is I, John Security. Please respond to this message with your name and SSN or the FBI will arrest you for unpaid back taxes. Also, do you have any iTunes or Google play gift cards laying around?
Don't forget! Lemmy automatically detects and blocks sensitive information so it's totally safe to enter your SSN:
###-##-####
See! It works!
Mr McAfee noooo.
Arnold Michael Scott 419-06-1111
I have $5000 in iTunes and $6,000,000 in Google play gift cards, why do you ask?
Jesus. Phishing emails like this have become so commonplace I actually miss the old Viagra spam emails in l33tspeak.
My spam folder is still chock full of those.
Whenβs the last time you checked your spam folder, 2003? I legitimately havenβt seen the 1337sp34k spam in 20 years. Lately itβs been Africans leaving me money at the embassy that I have to go pick up
For some reason I seem to be getting a lot of spam emails in French. And all of the links are pretending to be French Canadian postal service websites.
I don't know why because I'm neither French nor Canadian. Nor have I ever been to Canada.
How do you guys know it's not you guys?
Joke aside, i wonder why they wanna phish for user account in lemmy? Unlike the exploit like a few months ago that specifically target admin, this one seems like it target anyone, it so random.
Awesome because of the way it's written it's practically guaranteed that admins will know it's a scam.
Isnβt it a waste of time trying these scams on lemmy.
I could be wrong here but I would argue the vast majority of users are somewhat tech proficient since itβs not reached mass adoption and the user base is well, just us nerds?
Tech folks still fall for phishing. It takes a momentary lapse, failure to caffeinate, it happens.
Lemmy is currently full of newly registered domains with weird suffixes, the kind that traditionally have been a phishing indicator. Lemmy.world is going to be harder to phish than some of the other ones where you have to read closely.
I guess hubris can be a factor too.
I'm not "ignoring your emails" and "never responding", I'm just security conscious
Well one of the best scam hunters on YouTube lost his account to a scam. So not really a waste of time, trying Lemmy.
That sounds so crazy, who was it? What happened?
I was curious too so I googled it:
Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel
From what I read, some scammer tricked him by impersonating YouTube Support and telling him he would lose all his adsense revenue, which prompted Browning to fall for it.
i click every link that shows up in my email, keeps life interesting
I got an almost believable phishing text yesterday from a 'collection agency' that wanted me to download a PDF and go to their website. It looked very official and I'm having some debt issues, but it didn't tell me who it was representing or what I owed or anything like that, so I could tell it was phishing. But a less-savvy person could have totally been fooled by it because it looked very real.
I got a spam message that was surprisingly well written until I realized wait a minute, if this is true, why do you need me to tell you who I am?
It's especially bad if you are half asleep and panic click on something, especially with session hijacking
Why would they target Lemmy users?
Your typical Lemming (for lack of a better term) is not technologically inept and would generally not fall for a phishing scam. They'd earn a lot more money from targeting Redditors.
software devs and other highly technical IT roles fail phishing tests at my company
Your typical Lemming (for lack of a better term)
idk i like "lemming"
Probably overreach of an automated system
how do you know itβs not from the secret second mod team?
That's absolutely hilarious. It's like people don't know how Lemmy works
That's exactly how run of the mill phishing scams work. They prey on the people stupid or senile enough to not see anything wrong with this email and avoid wasting time on the people that easily spot the scam
RESOLVE ISSUE NOW
OR ELSE!!
Why are these sorts of things always written by somebody who can clearly barely speak English?
What is unclear? All you have to do is resolve the Lemmy world app on Android and install the errors on your iPhone mail.
Yeah I'm not actually quite sure I understand what the issue they are pretending is.
I've gotten an email like this before for lemdro.id. I think it's a generic phishing email since the community links look like email addresses (and actually often are)
Such good English, too. How could you not trust that?
Hey, quick question. I'm assuming these emails are automated, so how do they know your account's email? Is this part of a leak or are they sending email via "send notification to email" option in lemmy?
I wonder what they thought of when they wrote "Security Team." I just think of security guards.
Thanks for the heads up!
