I have now received 2 suspicious emails titled “Congratulations. Your order from xxxx was successful.” xxx in my 2 cases was Taco Bell and Kroger. Upon opening, the email says “Congratulations. Click here.”
Of course, I didn’t click, but I’m wondering if this is a case of my credit card misuse or just some sort of other scam. Since I have several credit cards, I haven’t checked them yet.
Is anyone familiar with this scenario?
It’s a scam, blindly sent out to mass audiences, not tied directly to your CC numbers.
I originated that thread, and they’re really not much alike.
All people every day get suspicious emails. Don’t click any links in any emails unless you 100% know who the sender was. And then, probably don’t click the link because they could be forwarding you a scam email.
Not to be a dick, but how is this still even a question in this day and age? Yes, other people have got those emails. Yes, they are phishing, scam-laden emails. Don’t click the links in them.
Example from my work as a cybersecurity consultant:
A person received an email to their personal email account that contained a link to a .jpg. The link wasn’t even masked or anything, it was clear that it was a JPEG file. The subject was along the lines of “Coronavirus update!”
This brainiac copied the entire message from his personal account to his work account and then forwarded it to a bunch of people on our work network :smack:
Now we have to spend hours finding the emails throughout our network and deleting them.
DON’T CLICK LINKS IN YOUR EMAILS!
Yeah, I get that. My main concern was that one of my credit cards was somehow compromised.
How is a jpg file a threat?
In this case, as I understand it, his scam email was coincidentally “from” a businrss where he had a recent CC transaction. Which would raise the suspicion that it was not a random robot.
There have been errors in the various libraries for decoding image files. Both gif and jpeg have had one serious error each. These errors could lead to heap overflow conditions which are a traditional exploit used in some malware.
I.e., one part of the “image” creates a heap overflow with another part containing the exploit code that gets put into the overflow area where it might end up getting executed.
Here’s a mention of a heap overflow in MS’s jpeg library.
Good news: these errors are very rare and once discovered quickly patched.
Bad news: if you have a device with an OS that is no longer supported, tough. Android devices, for example, quite rapidly fall into this category.
OK, I get that - if you are running some ancient unpatched system, that could be a (very theoretical) problem.
But, in that case, wouldn’t an in-line image be just as bad? Does manson’s office have their email client set to not render in-line images? How crippled can you make it and still be useful? I request photos from clients all the time -it’s a necessary part of me doing my job.
Seems like an enormous overreaction to me.
ETA: I’m running OS X, so I’m not concerned about looking at attachments (there are no known exploits currently), so I will often times open up attachments like that to see wha they are, and 100% of the time they are spam selling Viagra or Cialis.
THis is my response from the other thread…it seems more appropriate here.
If you request the files, and you know them, then yes, that’s okay.
Also, my work has html format emails turned on, even though they know the risks. Not my decision.
It’s the links I’d worry about. Got an email talking about “my order” and it had a pdf image that was supposed to be a copy of my invoice. Hovering over it showed it to be an executable file. No one should be clicking anything on their emails without at least hovering.
“Ancient”? What? Holes are found in current systems all the time. There is no way to know if there is currently a exploit-to-be in a brand new system with the latest software. If you think OS X is magic, you are really out of touch. And with phones, many people are finding out that the manufacturer stops doing updates, including security patches in 2 years (and some even less). I’d hardly call that “ancient”.
Right, the difference between an attached image and a hyperlink to an image in an email is important. With the latter, and depending on your email software and it’s settings, if you look at the email, the image could be downloaded. The filename may be unique to your email so they now know you looked at the email and they use/sell your email to other spammers. There’s some special tricks used to track people via email to really build up a lot of knowledge about the user.
With a purely attached (MIME encoded) image, no such problem. As long as that is what it really is. (MS, in it’s infinite wisdom likes to hide extensions by default. And even if you have that turned “off”, it still tries to hide certain ones, esp. .url extensions. So something that looks like “mom.jpg” might really be “mom.jpg.url” and you don’t want to touch that with a 200 meter pole. And MS is not alone in doing stupid stuff like this.) Most users aren’t sophisticated enough to understand and detect such nuances.