Phishing Trip

Fandango

Last night I received an email from Google telling me that someone in Moscow, Russia had signed into my gmail account.“Holy shit,” I said to my wife, and, in a bit of a panic and without thinking, I clicked on the blue “Not me !” button. And then I immediately logged into Google and changed my gmail password. Phew! Thank you, Google, for protecting my gmail account from hackers.

This morning I went back and looked more closely at the email from Google. I noticed that the alleged location of the sign-in was “Moscow Russian.” Not Russia, but Russian! Suddenly the hairs on the back of my neck stood up.

So I went to my Sent Mail folder to see who my “Not me” response was sent to.I have a sneaking suspicion that my “Not me” response recipients — chsup3, doopmail, eddie_evans_pb, geekjohnnie, and ishancock — are not part of the security team at Google.

Dammit. I’m apparently the victim of email spoofing (the creation of email messages with a forged sender address) and/or phishing (a fraudulent attempt to obtain sensitive information or data). Now I’m going to have to spend all day changing all of my passwords and monitoring all of my online accounts for any signs of fraudulent activity.

Fuck you, 2020!

42 thoughts on “Phishing Trip

  1. relaxitsallwrite October 25, 2020 / 9:41 am

    Firstly, clever post title πŸ™‚ Secondly, holy crap!! Good thing you noticed that. I’m sure 98% of people wouldn’t. I thank you for sharing because this post will likely save a ton of people from this scam!!!

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 5:47 pm

      That’s what I should have done. πŸ€¦πŸΌβ€β™‚οΈ

      Liked by 1 person

      Reply
  3. Mister Bump UK October 25, 2020 / 9:57 am

    What information did it send to these people? Was it sensitive?
    I just think that if clicking the link resulted in an email, it was unlikely to have contacted them using any other means. I’d have thought anything which trawled for passwords would need some kind of “privileged” access. If in doubt, ask Apple.

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 6:15 pm

      I don’t know what info it sent them, but I’m getting some weird emails since last night.

      Liked by 1 person

      Reply
      • Mister Bump UK October 25, 2020 / 11:44 pm

        When you hit that button, I’m guessing that the only thing it did was to add your address to an email list someplace. It sounds like all you did was to confirm that your address existed.

        Liked by 1 person

        Reply
  4. Liz October 25, 2020 / 10:42 am

    Yes, you are wise to change all your passwords again after realising your mistake with this. I hope you sorted all this before they had time to do anything.
    My goodness, it will certainly make me wary of emails more than I do already. But I never click on the email when I have had some like that in the past, whether Gmail or anywhere else for that matter, but used my own saved link and gone there myself.
    They want screwing that do these kind of things to people.

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 10:18 pm

      Fortunately I think I caught it in time before any real damage was done. But it was a hassle.

      Liked by 1 person

      Reply
      • Liz October 25, 2020 / 10:54 pm

        That’s good you caught it in time. Yes, definitely a load of hassle.

        Liked by 1 person

        Reply
  6. Vic Crain October 25, 2020 / 11:06 am

    At least you went back and checked, instead of learning the hard way!

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 10:20 pm

      True. I shouldn’t have clicked before investigating, but I think I minimized the damage.

      Like

      Reply
  7. Vic Crain October 25, 2020 / 11:08 am

    Reblogged this on CRAIN'S COMMENTS and commented:
    This is a crucial lesson in online security. Always check the url of the source of a message before you do anything with it!

    Liked by 2 people

    Reply
  8. Irene October 25, 2020 / 11:27 am

    Could you report those emails to the real Google? Two of them are even gmail accounts.

    Liked by 2 people

    Reply
    • Fandango October 25, 2020 / 10:23 pm

      I did report them to Google. Hopefully they will take some action.

      Liked by 1 person

      Reply
  9. Ian Kay October 25, 2020 / 11:45 am

    Have you got lots of different email accounts, with different mail providers? It saves a lot of work when this happens. Spread the risk.

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 10:25 pm

      Just two. My personal gmail email account and an outlook email account for this blog.

      Liked by 1 person

      Reply
      • Ian Kay October 26, 2020 / 3:46 am

        It worth considering a few more, like keeping separate one just for online banking, one for bills and utilities, another for online shopping, one for reliable online subscriptions and another for less reliable websites, and so on.

        Liked by 1 person

        Reply
  10. Paula Light October 25, 2020 / 12:36 pm

    Ugh! How annoying 😑

    Liked by 1 person

    Reply
  12. Sadje October 25, 2020 / 6:22 pm

    I get these emails regularly but on my Hotmail address. The first time I panicked too but now I just delete them and report them for phishing. My Gmail account hasn’t had such issues till date.

    Liked by 1 person

    Reply
  13. XingfuMama October 25, 2020 / 6:53 pm

    Thanks for the heads up. It is always good to know about the schemes floating around. I hope you have good fortune in closing down any illicit use.

    Liked by 1 person

    Reply
    • Fandango October 25, 2020 / 10:37 pm

      It took a while to change all those passwords, but I don’t think any real damage was done.

      Like

      Reply
  16. Stine Writing October 26, 2020 / 7:45 am

    I guess my situation turned out to be good, probably, but I got a new phone and everything transferred over except one note that I had in my secure folder that had a bunch of stuff but also my passwords. I have been resetting them one by one as I need to.

    Liked by 1 person

    Reply
  17. meowmeowkitty October 29, 2020 / 10:39 am

    You just taught me something useful if you get a mail saying someone signed in your account first see if the location is proper it should be Russia not Russian similarly it should be America not American Thanku I am 13 yrs old hacker and post blogs related to learn hacking

    Liked by 1 person

    Reply
    • Fandango October 29, 2020 / 10:44 am

      You’re a hacker? Shame on you. Why do you want to make others miserable?

      Like

      Reply
      • meowmeowkitty October 29, 2020 / 10:49 am

        I am a ethical hacker not like those bad hackers and 2nd thing is I don’t a shit abouting hacking I am learning

        Liked by 1 person

        Reply
        • Fandango October 29, 2020 / 12:36 pm

          β€œAn ethical hacker” sounds like an oxymoron, like β€œan honest thief.”

          Like

          Reply
          • meowmeowkitty October 29, 2020 / 7:04 pm

            I am not a theiffff I think defence is more important then attacking. So I am a gopd hacker, white hat hacker..

            Liked by 1 person

            Reply
  18. leigha66 November 2, 2020 / 1:02 pm

    It seems every week I get a new phishing scam email. They are endless.

    Liked by 1 person

    Reply

Leave a comment