(OT) Google: "Somebody knows your password"

Ralf Mardorf silver.bullet at zoho.com
Fri Aug 4 10:37:20 UTC 2017 

On Fri, 4 Aug 2017 17:44:17 +0900, Joel Rees wrote:
>The status bar can also be overridden, of course.

100% of the phishing mails I received were very simple. A mailer would
show the correct URL in the status bar. In my case, Im using Claws, I
anyway do not display HTML, let alone remote content. Those using Claws
with the fancy plugin suffer from more serious issues, than the risk to
receive a phishing mail. This is related to the old webkit's CVEs, let
alone that the old webkit already is dropped by some distros and will be
dropped soon by Debian/Ubuntu, too.

>You should never click a link you get in mail.

I'm doing this all the times and never run into an issue.

>And watch for redirections hidden in the long URLs.

Even if the browser should follow redirections, in the end taking a
look in the browser's address bar shows the truth. I expect a reply,
that the address shown in the address bar could be a fake, but again,
100% of all phishing mails I received at least all of them I
"tested", were not that advanced. Btw. usually phishing mails do not
completely look equal to the mails from the service they imitate and
very often, even if sentence construction and spelling should be without
mistakes, the used wording appeals to be fishy in one or the
other part of the mail.

On Fri, 04 Aug 2017 11:54:20 +0200, Xen wrote:
>I have never experienced a targetted fishing mail on a service I 
>actually used.
>
>90% at least is stuff I don't use.
>
>Or stuff I do use but with a different email address ;-).

+1 so actually 100% are easy to identify as spam/phishing mails. I also
expect the providers of the service I'm using, not to send me private
emails e.g. via a mailing list. If the mail regarding security issues of
your American Express card is available by the FreeBSD questions
mailing list archive and it should be really a mail from American
Express, then the risk seems to be cause by American Express and nobody
else, so better get rid of you American Express card.

More information about the ubuntu-users mailing list