I fell for a phishing attempt

In a very minor way.

A while ago I signed up for CNN breaking news emails. A few days later I got one, saying “Danica Patrick dead”. Now I know she’s a race car driver, and I would sympathize with those affected, but I didn’t sign up for sports emails. So I click on the email link to CNN to adjust my settings, and I can’t sign in. It says the email address is invalid.

Hmm.

I look around CNN and there’s no mention of the death. I use Thunderbird to access more than one email account, and this account was just for public posting so I’ve used it widely and it gets a lot of spam. Finally I realize that this address wasn’t the one I signed up at CNN with.

I go back to the email. The link to email settings on CNN that I clicked on really does go to CNN, so I was safe. However, other links in the email go to an unrelated site.

To express it in terms of the analogy, I bit on a phishhook, but the barb was broken off. I lucked out because the person setting up the phishing email was sloppy.

I’m vigilant about phishing, but I missed this one. Inconsequential as it was, it still bothered me that I fell for it.

So have you ever fallen for a phishing attempt, trivial (like mine) or serious?

I got one of those same emails, but mine said “Elizabeth Taylor Dead.” and claimed to be from MSNBC. Fortunately, I clicked nothing and typed MSNBC.com into my browser manually. (Dame Taylor is still quite alive, though not doing very well these days)

Does the site it go to end in index2.html?

I finally fell for one of those CNN ones. I think it says something about how low news standards have fallen that none of the completely generic, uninformative news alerts stood out as fake.

I’ve been getting a bunch of the CNN ones, so yesterday I clicked the “unsubscribe” link. This link really went to CNN, which I can easily see because I view all my email in plain text. I was a little confused when it didn’t seem to know that I was getting their emails.

I did fall for a serious phishing scam five or so years ago. I got one of those emails that I needed to update my Paypal info, and I clicked the link and logged in. Then I got redirected to the real Paypal login screen, and I immediately realized my brain fart. So I immediately changed my password, but I felt pretty humiliated, because I think of myself as pretty vigilant about that stuff. In my defense, this was at a time when phishing was new.

Ditto for me for the CNN one. As others have said, the link really went to a CNN website so I think I was safe.

I never signed up for any news feeds - although a week or so after my real beta key from Blizzard arrived I got the phishing email …

I have been doing betas for different companies for years, and I KNOW what a proper notification looks like.

You’ve got to admit that some of those CNN and MSNBC phishing things sound like great stories. Very few of them are believable - Danica Patrick dying is plausible, ‘McCain admits he hates black people’ (I got this one), not so much.

I can’t remember ever falling for a phishing attempt, but as I mentioned in a thread recently, I almost fell for what was basically a Nigerian scam once. I was trying to sell a mattress on Craigslist and it never occurred to me that somebody could pull that type of scam that way. So they said they’d send me a larger money order and I’d have to send some of it back to them. I remember trying to talk them out of this because it seemed needlessly complicated, not to mention time-consuming, but the fact that it was a big scam didn’t cross my mind. I talked to someone about the situation just to voice my irritation and he pointed out that it obviously WAS a scam, and I didn’t lose any money. I did lose some time. The weird part is that the scammers actually called me, although it sounded like a recording. That was a trip.

I got one recently saying something about a bomb threat shutting down Heathrow airport. Knew it was bogus because I had never signed up for any CNN alerts.

I was using my iPhone so I wasn’t afraid of malware; the link went to a Romanian site which had already been shut down.

I recently got the following quite reasonable

BREAKING NEWS: Right To Own Guns Upheld

followed by the somewhat less likely

**Bid Laden support for Gay Marriage

A new video of the al-Quaeda chief was posted on the internet today in which he called for praise and understanding of “our brethren who share the same bed”.**

I don’t remember. I marked the email as junk then immediately deleted it. Then I wished I’d kept it just as a curiosity.

I bit the same way the OP did. Tried to go to CNN to unsubscribe. I’ve been getting from from MSNBC that I’ve just been ignoring. Think I’ll go take another look now.

I’ve been getting them from CNN and MSNBC, They go to my spam folder and since I never signed up for alerts from either one of them, I’ve been deleting them and not opening them. I’ve also gotten a few that said someone has left me a greeting card and give links to retreive it. Again, I’m a lot more suspicious of phishing than when I first used a computer, so I’ve been deleting all of them. Besides, Gmail warns me when I get a suspicious-looking email and Firefox has an anti-phishing feature that literally puts up a red warning when you go to a suspect website, so I’m likely to be safe if I do ever have a brain fart and click on one of those.