Phishing Expeditions keep getting better & better . . .

britechguy

britechguy

Well-Known Member
Reaction score
4,028
Location
Staunton, VA
Found in my inbox, sans the big red comment and redactions. The generic subject line should be enough to raise suspicions on its own. The "revert to this message" is the second big red flag. That being said, the rest looks pretty good. I had no idea where John Deere's corporate locations were until I checked, just for fun:


1701905904477.png
 
HCHTech said:
I wonder if the usage of John Deere is related to your bucolic surroundings
Click to expand...

That certainly could be part of the calculus. The Shenandoah Valley is still "big in agriculture/farming" and you see a lot of John Deere, Mahindra, and other ag equipment brands here.
 
Latest gem:
--------------------------
Honored Respected and team ,

By subscribing, you guarantee that we will always provide excellent content, special features, and a flawless user experience. I appreciate your help.

Shipping Code: LJPSAD6U52EW
Product Code: 50079
Transaction Date: February 28, 2024


Quality and excellence are our commitments. Thank you.

With sincere gratitude and ongoing best wishes,
Zoraida Cavan
Cackson St, Rancho Cucamonga, California 87673

Adapt this message as necessary. We are here to help you!
-----------------

Of course, it had a false bill attached.
 
A client of mine went through this ... the scammers purchased a domain that looked similar to theirs except they changed a u to a v.

My client wasn't targeted. THEIR client was. What ended up happening is my clients client was compromised and they grabbed a signature for the CFO of my client. Registered the domain .. something like they registered bvngalo.com when my client is actually bungalo.com

They grabbed my clients signature, created an email called CFO@bvngalo.com, pasted and pasted the signature.

That cost my clients client like $30k-$40k.

My client was all upset because he thought it was his fault ... after checking ... it wasn't us, it was them.
 
thecomputerguy said:
A client of mine went through this ... the scammers purchased a domain that looked similar to theirs except they changed a u to a v.

My client wasn't targeted. THEIR client was. What ended up happening is my clients client was compromised and they grabbed a signature for the CFO of my client. Registered the domain .. something like they registered bvngalo.com when my client is actually bungalo.com

They grabbed my clients signature, created an email called CFO@bvngalo.com, pasted and pasted the signature.

That cost my clients client like $30k-$40k.

My client was all upset because he thought it was his fault ... after checking ... it wasn't us, it was them.
Click to expand...
Had the exact same thing happen to a customer. One of their customers had a domain created that was almost exactly the same. In that case the original was, for example, boxcorporation.com. The scammers created boxcorp.com. Of course free email with the hosting company. I'm sure the CC used was a stolen number. Once I identified the registrar and hosting I sent emails out to each advising about the scamming. They killed the DNS entries in a matter of hours. Our customer caught on almost immediately since it was a change of payment situation. Don't think anyone lost any money in that situation.
 
You must log in or register to reply here.

Similar threads

HCHTech
Hosted Exchange, can receive but not send
Replies
10
Views
5K
nlinecomputers
nlinecomputers
calldrdave
Thankful for RepairShopr!
Replies
2
Views
2K
HCHTech
HCHTech
Kitten Kong
  • Sticky
Questions and Answers relating to Microsoft Licencing Guidelines.
Replies
3
Views
12K
Rosco
Rosco
dominexsus
What else can i do to grow this business?
2
Replies
33
Views
8K
Seatek
Seatek
Back
Top