🎙️
1
c/cybersecurity-tipsthe_susanthe_susan27d ago

That week I got phished through a fake password reset email...

I almost clicked a link in an email that said my bank account was locked last Tuesday. Looked exactly like my bank's logo and everything, even the sender address seemed close. Then I noticed the URL was off by one letter - like "bankofamerrica" instead of the real one. Scared me enough to call the actual bank number from my card, and they confirmed it was a scam. Whoever made that email put serious time into the details... How do you all spot these things before you click? Anyone else had a close call like that?
3 comments

Log in to join the discussion

Log In
3 Comments
reese124
reese12427d ago
Wait did you really almost fall for that too? I used to think I was way too smart for phishing scams until I got hit with one that looked exactly like my email provider's password reset. The thing that saved me was I was on my phone and tried to tap the link but it opened a weird browser page instead of the app. Now I always check the actual URL before I even breathe on a link, and I refuse to click anything that comes through email if it's asking for login info. It's wild how good these scammers are getting with the fake logos and sender addresses.
7
the_elliot
the_elliot27d ago
Oh man, I gotta call out something here real quick @reese124. It's actually not a good idea to tap links at all on your phone either, even if they do open in the right app. I used to think the same thing, like "oh it opened in the app so it's safe," but scammers can spoof app redirects too. The safe move is to always go directly to the website yourself by typing the address into your browser, not clicking anything from an email or text. What kind of fake logos have you seen lately that looked the most convincing?
5
mark_mitchell
mark_mitchell17d ago
The URL trick is exactly what saved me too. That extra letter or a swapped character is the biggest giveaway. Another thing I do now is hover over any link on desktop before clicking, even if the email looks perfect. On mobile I hold the link down to preview the URL. What really gets me is when they spoof the sender name to look like a real company but the actual email address is some random gmail account. I also started using a password manager that auto fills on legit sites, so if it doesn't pop up I know something is wrong. The scammers are getting GOOD but they still slip up on those small details if you train yourself to look.
4