I am popular this week. More lottery winnings, messages from potential love matches, and invites to
cam shows than I could ever ask for. Really. Just stop. Naomi, Caroline, and Friend Japan – happily married here and not looking. Not even curious.
The messages that really interested me this week are about money. The potential of a breached account is nothing new to me. I was one of the millions who had to get a new debit card after the TJ Maxx incident in 2007 and have concerns now about Barnes and Noble’s hack. No stores in my area are listed as targets, but I’m waiting to see what happens. No, my ‘scares’ this week involve my ADP and Chase accounts – I have neither.
From: ADP Alert (01A412B4@georgshof.de)
Subject: Transaction Report(s)
Your Transaction Report(s) have been uploaded to the web site:
https://XXXXXXXXXXXXXXXXXX (Note: Looks legit, but that’s not the real ADP login)
Please note that your bank account will be debited within one banking
business day for the amount(s) shown on the report(s).
Please do not respond or reply to this automated e-mail. If you have any
questions or comments, please Contact your ADP Benefits Specialist.
ADP Benefit Services
The second ADP message came from ADPClientServices (ADPClientServices@adp.com) with the subject line “ADP Urgent Notification.” Same email content, same fake link. They’re dialing it in.
The Chase message was interesting in itself. See, the scammer didn’t try hard at all.
From: Chase.Alert 6EAAD0DE6@bacaredwinecpa.com
Subject: Credit card report
This is an Alert to help you manage your credit card account.
As you requested, we are notifying you of any charges over the amount of ($USD) 200.00, as specified in
your Alert settings. A charge of ($USD) 871.65 at UNKNOWN has been authorized on Wed, 10 Oct 2012 19:31:24 -0430.
Do not reply to this Alert.
If you have questions, please call the number on the back of your credit card, or send a secure message from your Inbox on http://XXXXXXXXX (Note: another fake URL that looks legit)
To see all of the Alerts available to you, or to manage your Alert settings, please log on to http://www.Chase.com. (Note: Sometimes scammers use the real institution’s url to instill a false sense of security and others they still point to their fake link.)
The real message behind these typs of emails? Log in using our link so we can stal your info and really steal your money. I say no thanks. I’d rather spend it myself. From my own account. Everyone should know by now to type in the bank’s URL separately before logging in. No clicking links from emails or copying and pasting email links. That’s where the danger is.
I’ll have more goodies to share next time. The holidays are around the corner, so the Ebay and Paypal scammers are coming out of the woodwork.