Це відео не доступне.
Перепрошуємо.
Email Scams Are Getting BETTER - What Should We Do?
Вставка
- Опубліковано 17 сер 2024
- Previously in this Scam Awareness series, I've focused on spotting obvious scams. What about when they're not quite so obvious?
Join the Atomic Shrimp official Discord server for FREE early access to videos! - / discord
Atomic Shrimp subreddit: / atomicshrimp
Mike, what happened to the video you published yesterday?
Oh yeah, now that you mention it, that Spanish(ish) omelette video seems to be gone. Maybe he had to take it down to edit a mistake out or something.
It was so delicious, UA-cam ate it
@@akpsyche1299 I would think so
@@akpsyche1299yo, are you the guy at UTD I was talking to about this channel?
I didn't dream it 😂
If these scammers ever stop using the word “kindly” everywhere then I might actually be in trouble 😂
Watch out for when they stop using pigeon English in the email and actually type in real English that’s when you have to really worry and with the like of AI it won’t be long before these email look very professional
A man chooses
A slave obeys
Would you kindly click the link?
@@chriszfrancis Beat me to it. :D
I work in CS and use "kindly" lol
Another problem:
Official emails by official entities (companies, banks etc.) are looking more and more like spam and scam.
More errors, wrong contact data, lots of colourful pictures...
Doesn't make it easier to distinguish between the two.
At my job, they send fake scam emails to employees and anyone who opens or clicks a link from them get sent to scam training. But so many emails that are legit look like scam emails, to the point people don't open important ones. It has caused serious issues for our internal communications.
Yes, this, and they also often have tracking image bugs, and tracking links to e.g. a customer questionnaire, or rate our service with stars or sad and smiley faces. Even major banks and other financial institutions do it, and that is _after_ warning customers on their own websites, and in letters _never_ follow links in emails.
A few months ago I ordered an SSD from the official Samsung UK store. Shortly after getting the confirmation email from Samsung themselves, I received one of the most suspicious emails I've ever gotten. Supposedly from DPD, but the sender was "Samsung Store", weird low resolution logos, odd font formatting - everything looked like it was cobbled together in MS Paint with minimal effort. Even Gmail itself had flagged it as dangerous. I freaked out a little bit, thinking that somehow my shipping and payment information got compromised, but after over an hour of checking everything over and over it turned out that this extremely shady looking email was in fact the real DPD.
That's because more and more employees don't speak much English.
@@danithoAt my job, we have a "Report Phish Attempt" button. If we report a real one by mistake, then the security team tells us that it was real, with no penalty to us
I spotted the Halifax email as a scam within two seconds. No British bank will start off with "I hope this message finds you in good health and high spirits". That is a quintessential scam greeting.
Agreed, it's pretty obviously a scam to most people without question.
I'm in Scotland and bank with Virgin Money, formerly Clydesdale Bank. They are painfully flowery in their emails.
The "Unnecessary embellished" part sticks out to me even as a moderately fluent ESL guy. It pops up often with AI-generated paragraphs as well, which makes me think scammers are getting pretty comfortable with GPT and related tools.
There's nothing wrong with hyperliteracy
@@wolfetteplays8894wrong, no - but abnormal, yes. That's why they call it hyperliteracy and not normal literacy. Big companies like Halifax will avoid overly complex language for inclusivity reasons anyway, so it's still a red flag that the email comes from not-Halifax if the language is very elaborate
One extra bit of advice at the end: be prepared for one of these scams succeeding. It’ll happen eventually, no matter how smart and careful you are, and having a plan for when it does will help you avoid panicking, and keep the breach small.
Very good point
I touched on this a little bit in a previous video ( ua-cam.com/video/Z2tDAqifAXw/v-deo.html ) which contains a breach response plan that was based on one that I used in my former IT career; maybe I'll do a followup video with a breach response plan adapted for the average user
@@AtomicShrimp I remember! I was thinking for people who don't watch every video, but rather just get linked to a single video :)
Very good idea. I think this would be very useful to a lot of people. :) @@AtomicShrimp
I consider every email as a scam and then work my way forward from that.
My mom received a large package from a US pet store yesterday. Before I called the customer service number on the box, I researched the number online to validate that it was indeed the correct number. Ended up talking to their fraud department to report it. I think it was scammers attempt to see if a card is valid, not sure why they would send it to the card holder's address though. Had to contact her bank and credit card numbers to make sure her accounts weren't compromised, turns out that one of them was. Had to cancel the number and issued a new card. Watching these video helped rectify the situation.
The only positive is that a local animal shelter will be getting 65 lb. of dog food that costs close to $100.
Remember Shrimp explaining that in one of the videos.
@@karthikkumar6861 The phone number listed was from a fraudulent front website, white background with only text, 1990's style. It is crazy what scammer are up to. Glad people like Atomic Shrimp are spreading awareness.
@@karthikkumar6861 I may be misremembering, but I think it's something about false reviews. That way they have a verified purchase.
I think it's called Drop Shipping? Scammers buy an item and send it to a random address so they can farm good "Verified Buyer" reviews that they make themselves. It's pretty devious! Always send it back if you get an item addressed to you that you nor someone you know sent to you!
It's common for organized crime and other large organizations to buy a list of 100-10,000 credit card numbers that are paired with names and addresses. These are usually obtained from a genuine business' database or like tax records or something. In order to check that the list is genuine, they "burn" 1%-10% of the list by using it in the way you've experienced, or by doing something else that is more obviously fraudulent and gets cancelled before the consumer would be notified.
As soon as I saw the line "I hope this message finds you in good health and high spirits". As soon as I saw that line I knew it was a scam without looking at anything else. No bank would ever send something like that.
Same here, banks couldn't give a toss about your health and high spirits! 🤣👍
For me, it's the fact that the sentence was in a banner. Like, i would expect the bank would use their official banner with their logo and their slogan.
Then, of course banks don't *actually* care about your feelings and health, but it's easy to pretend like they do ;) it's just words on paper/screen. So the next giveaway is more the use of "I" in that banner, unless it's signed from a personnal advisor, banks would normally always use "We".
@@bleuumscarlett7977 For me it was the words they used. No British English speaker would say that. To me it sounds like something an Indian would say.
@@minuteman4199 _"To me it sounds like something an Indian would say."_
well DUUUH!!! 😁😁😁
I lived in India many years ago, and it was quite normal for people to say "Pray, what is your sweet name?" , in English, when being introduced to me. Flowery language was a lot more common in the workplace, and I guess unless they have lived abroad, they wouldn't realise that it seemed strange to a native speaker.
My number 1 tip is to never go to any links from an email unless its one you have requested yourself at that time such as when you ask to reset a password and they send you an email at that time. If you ever get an email you arent sure of, go to the legit website yourself rather than using a link from the email. I get these emails all the time saying my Netflix is closed or my Apple account is closed or my amazon will be closed, jokes on them, I dont use any of these lol.
👍👍👍
I used to get emails from the "Nigerian Prince". These days, from time to time I get a scam phone call from India. An acquaintance of mine was once scammed into paying a fee in order to receive some "lottery winnings"
Yep, always open the site itself, not from the email. Simple but sound advice
Do you not apply for jobs? I need to be ready to respond to any email regarding scheduling interviews.
@@petelee2477
If you're applying for jobs be prepared for scam job offers (in my experience, they eventually become "send a check" scams). Check domain names (they may look VERY realistic, so be careful with that...like the real domain name may be very close to their spoof), and even call the hr department of the real company if you're concerned.
I got some very believable scam mails. The funny thing about one of them is that with my phone not automatically displaying images in order to use less data, I got a description instead, telling me that the logo's source file was from Wikipedia. 😁
I often tell my family about especially clever scam mails in order to help them recognise scams, so anything I can learn is helpful to several people.
I had a second chat about this with my mum, when she (cleverly) messaged me on Whatsapp, on my current number "How much money do you need?".
She tried to laugh it off as "I knew it wasn't you.", so I really had to push home that she did the right thing by not trusting the "hi mum new phone need money" person's advice to only use the "new" number from now on, and actually checking with me.
I only use Whatsapp to communicate with family, because they refuse to move to something more secure. But soon enough voice synthesis will be good enough and available/low CPU enough that we're all boned anyhow, so sometimes it feels like bothering to be secure is hardly worth the effort. But we do trundle along...
Yes. PayPal is one that is very believable and almost got me.
My grandmother received a realistic-looking email from "PayPal". She called the number in the email but fortunately couldn't understand the scammers' accents. She had me check out the email and I immediately noticed a few spelling mistakes. I then went to PayPal's website and showed her how to find the real PayPal number. There are some scammers who are getting good at crafting emails, if they start hiring native English speakers without accents to work in their call centers it'll be game over for us.
@@artistknownaslisa2850 i get those random paypal docs. Sent to me and a bunch of other ppl. No context, just take this lol
Damn, it's almost like big companies are selling our data and that data ends up at scammers.
After it was revealed my government let russian spies access NATO servers for a decade i have no issues like this. I KNOW they likely sold all my private info themselves for russian cash anyway.
No kidding. One week after I made a facebook account (not by choice but by necessity) which requires a phone number I started receiving calls from unknown numbers... That is the first and only time I've ever received scam call attempts
I’m pretty sure the email text was generated using some form of GPT, probably ChatGPT or Bing Chat.
That explains the flowery language and weird words.
We will see more of this, since this allows scammers to create convincing emails with zero effort.
It doesn't seem like it to me, it looks more like it's from someone whose first language isn't English
@@circuit10 why wouldn’t it be GPT generated? It’s super easy and effective, and you can easily tweak text with it
@@gegdim9307 Because this isn’t ChatGPT’s writing style, see for example the use of “kindly”
@@gegdim9307Because ChatGTP had only gained use and popularity recently, but this exact style of writing has been typical for scams for years before ChatGPT. Unless the scammer specifically told ChatGPT to write a scam email, it would not produce a text like that. You can easily try giving it some prompts yourself to check
@@gegdim9307 Why _would_ it be GPT-generated?
I wanted to tell you that I actually mentioned your channel in a talk i gave to a group of senior citizens about email scams. Namely your video about shame for falling for a good scam and how that prevents people from getting help. I do IT for a living and went far enough along with a scammer claiming to be from my bank that i had to cancel a card immediately. They were aiming for more, but were convincing enough that they got that much before the alarms went off. Thank you for what you do!
Again, great advice, especially the parts about not panicking or being scared, just skeptical, and going to the website you know rather than clicking a link. I hadn't heard the Gmail + trick, so that's awesome, but I did say to have one email account you ONLY use for banking/credit cards and/or have one you use for "junk" when you have to give out an address but don't want to.
Any contact with banks or other institutions that are initiated by other than ME are suspect, and verified by independent means, never through the incoming contact.
@@thisbushnell2012 You are absolutely correct. The worst part is knowing better and still going that far.
You’ve scammed atomic shrimp of content……you owe him a fiver
@@FloatingCroc Fair! I did credit the channel by name!
As someone who used to work in the banking industry, received extensive anti-scam training, and was sporadically targeted with test/probe attacks by the bank’s information security team I can say that this is a great service you are providing for your viewers. Top notch!
working in a bank is a bit different to personal emails, you can ignore your banks emails, they won't do anything. a bank ignores emails and it could cost millions.
Same here, plus I’ve worked for a couple of Insurance companies that do this as well.
I would have been convinced. The time i nearly fell for it, my brother had just had a traffic accident, we were waiting for police report, hospital to ring etc, and a caller rang "we're ringing about the road traffic accident" "yes, the one in Blaenporth?" etc Finally realised it wasn't the police etc (they never did ring!). These 'random fishing attacks' will always be true for someone.
What made it click that it wasn't the police?
You'd think the scammers would wise up to not starting their emails with direct translations of whatever greeting they have in their countries. Is it really so hard to figure out that "Greetings dear brother, I hope this finds you in good spirits and the souls of your beloved family" is not how banks talk to their customers?
Maybe the Bank of Jesus? 😂😂😂😂😂😂
I've been told that this is a way of confirming the target is gullible. If you don't notice poor grammar, bad spelling, or unusual phrasing, you are more likely to fall for the scam.
Even a bank just hoping their customer is in good spirits seems off. Not only because it’s an unusual way to address someone in a business correspondence, but also because in reality the extent a bank actually care about its customers is based only on how much money they have.
@@Sashazurit's almost a universal tell they have, can't help themselves. It's...I think it's like they operate under the assumption that fluent english is enough (sadly it often is) and so they don't think or perhaps understand how other cultures speak and address other members of similar culture.
Best I can think of to explain it is to imagine the situation in reverse. An American trying to scam a foreigner, but not aware of cultural differences in speaking. Overly informal in addressing someone in a situation that calls for strict formality, or vice versa. Using American idioms and expressions translated into the target language.
Imagine tech bro business jargon speak in an email about I dunno...shipping.
Or terminally online lulzor le epic speak in a situation about online banking.
It's operating under the assumption that everyone speaks like you do, so all you have to do is translate the language fluently and successfully.
It's also why their automated 30 response long threads of "wow I invested (×) currency with Mr(s). First name and First name as last name and made (×) more currency." "Wow vague supportive comments about investing with (two first names)" and twenty more "responses" from supposedly random different people either singing the praises of (two first names) or asking the "op" how to get in touch with (two first names). And why it all reads so wooden and stilted.
Because the scammers aren't capable of writing differently to distinguish themselves from themselves, so it not only is them replying to themselves it also reads like it too. If it was just one comment it would still sound forced and scammy spammy, but a chain twenty or thirty responses long just absolutely screams scam and spam. They're like bad liars who think that giving more info and detail = more credible lie, when usually it's the less said the more convincing it is, or at least it's potentially harder to pick apart.
@@Sashazur That doesn't mean that banks don't use warm greetings.
Most dangerous scam mails are those pretending to come from DHL, UPS, Hermes or another service. Especially if you really bought something online a few days before and really expect a delivery.
Oh god I had one of those recently, asking me to pay a tiny sum to receive a package. I then asked my friend if she sent something because it was super convincing and I was a little panicky but nope, just a scam.
Had a bunch of these pretending to be from Amazon very recently.
I had an email amd text from DHL and I am not sure if its a scam, do their emails normally look scammy? Not clicking on the link just to be safe anyway
@@Farimira Assume it is a scam. If it is not, then they will try to call you or send you a letter if it is important.
Alternatively, write to their support about it if you want to be pro-active.
If you recently ordered something you should have a tracking number from the shipper that you can easily check.
At least here in the U.S., a red flag would be the unusually old-fashioned and polite greeting, out of step with modern culture. I've never seen a legitimate corporate e-mail begin with "I hope this message finds you in good health and high spirits". That sounds like something from a 1700s letter written with a quill pen.
Thank you Mike for raising awareness on this topic! At my company, we have recently announced a CEO change and just one day later, some people started to receive emails asking for important and confidential information in the name of the new CEO. Fortunately, the scam didn't succeed, but I was astonished by the reactiveness of these scammers.
Sheesh!
LinkedIn, company websites and social media can make it easier for fraudsters to create believable CEO, mandate and voucher frauds.
Probably an inside job.
It's crazy how fast spear phishing attacks get started
I get more fake courier texts strangely around a time i receive packages to the post office box (not PO box, but the one you open with a code).
So the scammers likely have people inside feeding them information.
It's been useful, thank you. One thing I like to add is, what nearly got me: If you get an email that is possible a scam, but it relates to something that is actually happening to you right now, be extra vigilant. By coincedence, I was getting a scam email about some package that got lost and I need to reclaim it. Thing is, at that point I actually had a missing package from an Amazon order, so I let my guard down for a bit, because I had the issue the scam email mentioned. Luckily, the scam email was so badly written, I caught on fast before doing anything stupid.
Side note: I feel in germany scam mails are more obvious to spot from the grammar alone. Especially mails that are suppossed to sound official like from a Bank are really bad, since I feel the autotranslates really struggle with german formal grammar.
Everyone does. I'm learning German because I have to. It's an absolute nightmare to comprehend.
German is my native tongue (age 5-24 with a two year English break), but after English became my primary language I really struggle with German. I really admire a non-native German speaker being able to speak it fluently.
Scammers from India and Nigeria, especially from the latter, have very bad grammar. In addition to their bad grammar, they often ask or tell you stuff that are customary in their country, but not in Britain, or anywhere in the West. For instance, they ask you if you have already eaten. Furthermore, they often exude a sense of urgency, and get easily irritated and rude if you ask them many questions or do not do as they ask when they ask
I started a new job recently, and they were very serious about in training telling us how to avoid phishing emails. They even said that they send out "fake" phishing emails of their own, and use it to track employees who click on it so they can do better training.
Clever.
One of my employers did that one time, too. I told the story in a reply above.
I tell my customers to be aware of the three scam "keywords" - kindly, verify, and confirm. Every scam email I've ever seen contains at least one of these words.
And urgent. Or important.
I used to work for First Direct, which for those not in the know is a British call-center only part of HSBC. We were always clear during outbound calls that we'd prefer a customer say they're not comfortable and call us back than for them to keep talking with someone they're unsure about - we'd straight up say so. The same goes for email communications. Nothing sent in an email is so urgent that it can't wait a moment for you to log-in your account the slower, safer way.
even though i'm hyper-aware and maintain excellent online practices, these videos always teach me something new. thanks for your hard work (:
definitely analyzing the lexicon of E-AASL was a big brain blast. I can't believe we have to ARG investigate our way into being not homeless every five seconds in this world
A new trick is to add a green box saying for example 'Yahoo has verified this as a trusted sender' at the top of the email
I work in IT at a university and we see lots of reasonably good scam emails, but the sending email address is typically the dead giveaway. Not that people don’t get fooled. It’s like “No, Karen, HR didn’t send you an email from a hotmail address. How’s that PhD working out for you?”
One of my employers ran a phishing exercise once, with a benign hacker hired to run a security text. We were given a list of red flags to look for, then sent an email with some of those present, and a link at the end. I spotted one straight away (a typo in someone's surname, which was explicitly mentioned in the email) and did not click it. Half of my department DID - which I learned about because they were asking each other what to put into the login boxes on the next step out loud. They all had to retake the exercise.
I lost a little faith in the educated portion of humanity that day.
10:53 Polish e-mail provider I use (o2) allows you to create completely custom addresses on its "vanity" domains (most are quite cringeworthy). They also have much bigger space for your e-mails than gmail.
I'm happy with my Proton service, though I do pay for their entire email, VPN, and other extras package. Users can create complete nonsense email addresses, both before and after the "@", that does not even appear to be from Proton.
@@Styphonit will appear, if you look. Also how does the behind the @work? You enter there server in the dns record for mail?
The wording of the email got my scam senses twitching. It was far too personal, convivial and not business like at all.
Yes, the opening greeting was an instant red flag. The wording was indeed ‘flowery’, and archaic.
If I received such an email, I'd immediately say _goodbye to us._
Yeah, it definitely was, but just not broken in the way I have more commonly encountered where it says something like "your account have has been using for illegals buys"
I've once received an e-mail that looked like it came from myself, saying they invaded my account and were demanding money. At first it was a chilling experience, since it really was my email. The thing is, after researching a bit i found out that they can fake the sender, so i ignored it and none of their threats were true
That “I hope this message finds you in good health and high spirits” gives me so much sus vibes lol
Thankfully in my country (Denmark) we have an 'official' email that's regulated by the government (called e-boks) where any official documentation from banks, government entities etc. will be sent to. So you can just ignore every single email you get because they will never reach out for you in this way.
Also to log into official places like banks and even the beforementioned e-boks, you need your username and password as well as a 3rd party authenticator app on your phone.
Of course people can still and do still get scammed but it really narrows down the things you need to be wary of
That's cool!
I drive my niece to school everyday and she and I have been listening to scam baiting videos this week. She gets a kick out of it too. Thanks!
As a former Halifax fraud prevention employee, I can confirm that they'd never send an email with those flowery wordings...
"Don't be scared, be prepared."
From scam videos to cooking pizzas, somehown you make everything you do quite interesting and fun to watch.
Cheers from South America :)
I've recently had a lot of fairly good fake eBay emails, saying I have a new message. I've got a lot of stuff for sale, so it's believable. The main giveaway is that I know what genuine emails look like, and I know that they include the message in the email, which the fake ones don't.
Had a similar thing ages ago with fake Amazon emails. The major giveaway, along with all the minor ones, was that I knew what genuine ones looked like.
For me it's that I will always go to the website myself
Well yes, that too, I go to the website. But I do that BECAUSE I was suspicious. That itself was not what made me suspicious.@@Soapy-chan
Be careful ... eventually they'll be smart enough to actually get a real Ebay account, and manage to invoke one of those emails to themselves. Then they'll just copy the text of a Real Ebay Email into their scam email.
Bottom line, don't trust it, even if by all accounts it *seems* legit.
My mum who's elderly when she gets these bank scams always claims to be from her bank, always phones her bank directly and they tell her it's a scam.
it may be eBay's data breach, but it may also be eBay sellers harvesting data on their customers and selling them (I similarly had an email that i used primarily for eBay that reveives lots of spam, but notably associated with a domain that did not exist in 2014)
My bank would just as soon step on my face as look at me, all that slobbery greeting is a dead giveaway
this is like a constant pen test, they just keep evolving until one slips in, maybe you open your email when you were kinda sleepy that day and rip your info
stay alert!
As a professional translator, i work a lot for a bank. I see a lot of internal documents and customer facing communications. At least for that bank, there is a shift towards friendlier sounding messages to their customers, so "valued customer" does not look too weird for me. (There's a lot of empty, feel good wording too, depending on the type of communications, i've noticed.)
So considering that, there's really only comparing to recent communications from that same bank (if you receive them) to know if this flowery language is normal or not.
The reason that "valued customer" stands out like a sore thumb to me is that the phrase implies they also have customers who they do not value.
"Valued customer" always shouts "scam email" to me.
Generally speaking I only click on email links that I'm expecting to receive, such as Paypal invoices, with the confirmation from the other person that it was them who sent it. It's inevitable in this day and age that your information is out there being abused by somebody, the best you can do is apply reasonable doubt and try to confirm with the expected sender where possible.
I've been getting occasional phishing emails that have disturbingly good facsimiles of the email layout of our government's email standards.
Only because I actually worked on systems pumping out the real emails, and know the internal html layout and graphics dimensions and naming of the real ones was I able to see the difference clearly, though I was warned by the ever so slightly odd wording and one of the images being a bit off in its scaling. Not enough to trigger anyone but people who actually have inside knowledge of the government email standards.
Personally to prevent these type of scam I have one phone and one email I never use and only give to banks. Not even family member know that number and emai.
And broadly, at this point, nothing in any email from a bank or ebay or amazon or DHL ever needs to be taken care of within the email. If its asking for something, take your own self to the site and engage there, no clicking links. All relevant secure messaging can be accessed within these sites themselves. All my bank emails go to an address I barely look at because it doesn't matter anyway. If its real I'll see it next time I log in, if its important I'll get an actual letter.
Hackers are getting so bad that at university they are teaching us to just hash all data or near all data that goes into a database. Sometimes even with multiple hashing algorithms
🧂
As always, great advice. I have been in IT for 30 years, and I haven't seen everything. Even I occasionally fall victim to clicking on bad links. These videos are a great help to everyone online. Thank you.
I live in Belgium and I've noticed that all the phishing emails I receive are in Dutch. It's an instant red flag to me (i don't speak it, all my administrative and official correspondence is set up to French).
Well that is quite Belgium specific.
It is rare for country to have two languages of same officiality and inhabitants have practically exclusive knowledge of only one.
@Richdragon4 I'm not Belgian, I just live here 🤷♀️ pretty sure most Belgians have varying degrees of actual bilingualism.
From what I've learned, any email with a link is suspicious. If you have to go somewhere, you type it out yourself in the browser.
Have a suspicion, check the email header. If it is someone's name and a bunch of letters, figures, and numbers, watch out.
When I get phishing e-mails, I usually open the phishing form, then enter BS, but plausible-looking data. The idea is to pollute the database so much with fake credentials that the scammers give up on trying to get into real accounts before they come across actual credentials of some unsuspecting victim.
It's a good idea in principle, but there's the possibility of clicking on a link that instead of phishing, is something like a zero day malware attack
@@AtomicShrimpThat's why I always do that in a VM.
@@UltimatePerfectionyou must have a lot of time! I'd wager that it's taking you more time to do, than it's taking the scammers to work around. Not worth it imho bro, save yourself the time.
Good idea!
I bet we could automate that... 🤔
@@saschamayer4050 Just make sure the data looks plausible. The people behind it will probably scroll past Mr Dampy Wonkypants without even trying.
Might be worth making a future scam video about defunct or old linked-email accounts and the associated risks. Many people still have their social media and other online accounts linked to old sometimes forgotten about email addresses (ISP based ones and older webmail accounts) from when these accounts were originally set-up, even though they have since moved on to other email providers. These older email accounts rarely support or have 2FA, use short weak passwords and regularly feature in data breaches. They are commonly used by criminals to request password resets for all linked accounts.
Things scammers say that give them away: Kindly, good health, high spirits, valued customer. Help expand this please
I had no idea that "kindly" is considered archaic in the UK. It's alive and well in the U.S., particularly the south. You learn something every day.
I always use the word kindly when I email customers. Maybe this is the reason I don’t get a reply 😂
Maybe, it probably wouldn't hurt to try not using kindly for some time.
Scammers ruin lives to everyone.
My bank never sends me kindly or wishing me good spiritual health messages, neither do my utility companies or government. Scammers would be better off saying: "hello wage-slave, give me dosh coz I want it". Bloody annoyed for people with Alzheimers/Learning difficulties/pressed for time and stressed ones. Anyway my bank makes me jump through hoops... thinking of turning dosh to gold and keeping it under the mattress! Gertcha!
Thank you so much! I was very suspicious with a recent email I got this morning, a transaction that I don't recall doing and told me if I want to cancel that I should make a certain phone call that they given. After watching your video, I compared to the email and found "kindly" and it's with a business I never heard of in my life.
I don’t think any company in the U.K. would use “I hope this finds you in good spirits”. That sounds like scammer language and I immediately wouldn’t trust it.
Thank you for your work, Shrimp. Love your channel. Keep it up!
I unfortunately also was affected by a data breach and am still suffering from the effects with spam mail and spam callers.
I’m American and we use “kindly” in emails (like, ‘Kindly inform me if you experience any problems opening the document.”)
I had no idea it was old fashioned in the UK.
your scambaiting vids and advice actually helped me to not fall for a scam a while back! it was a fake amazon link through text asking me to verify some shipping and tracking info, and i was worrying whether it was real because it looked legit (i even googled whether amazon does this kind of thing) but at the last second i went to check the sender and it was some random icloud account that i promptly blocked. i wouldn't have been wary at all if not for your advice. i only just remembered this event now so i thought i would thank you!
To quote a classic scammer, "Don't be scared, you're in the right place, ok"
the solution (for most of those emails) is to go to the real site directly instead of the button.
most companies will ask the user to go to the site *and* include a direct link, if it's just a link it's probably a scam.
today most companies will also send you an sms and an email at the same time and the sms number will most likely already have a few messages (like confirmation for the first time).
conclusion:
every single time just do a few more clicks and go to the actual site.
That was a very informative video, we definitely needed one! So thank you for your efforts in making it.
When it comes to banking emails, I'd also recommend calling your bank and checking if they indeed did send an email requiring you to take action. Stay safe everyone!
I wonder if the improvement but oddity of phrasing in the scam messaging might also be a result of generative AI. Based on my exploration of how AI writes, this format and word choice is quite similar.
I just literally never check my email which is a good and smart way to live. Just like I don't answer any phone call or even get my mail out of my mailbox. My ADHD being completely overwhelmed by modern life FTW 😅😢
When I started in business in the United States, many many years ago, one use the word “kindly“ instead of “please“ if one wanted to express contempt and anger towards the recipient.
Fantastic advice as always, but I'd like to add that rather than going to your bank's website, just call them directly. If it's a legitimate problem with your account, you can fix it with a representative right then and there. And if it's a scam, the bank will let you know that they never sent an email about that nor did they have the wrong information.
Two things, firstly would you consider making a video on scams that you get via text? As I have noticed that I am getting a lot more scam texts. Secondly and most importantly can we please soon witness the return of John Warosa and Herry Mike Ridering?
I've been getting a few on my personal phone (WhatsApp messages mainly) referencing job opportunities, which I just roll my eyes at and block. However I did end up having a small text exchange on my work phone earlier this evening, the first message said something along the lines of they didn't have my number stored in their contacts and did we know each other. I said I didn't have theirs either, who were they? (Keeping it professional in case it genuinely was a client whose number I hadn't saved) The reply said they were 'Diana' and they weren't sure they knew me either, what was my name? I asked for their full name and where they worked so I could work out if they were one of my company's clients. No response and I searched the number which did show up as a potential text scam, so I blocked it. Fairly well written, and no obvious sign as to what the potential scam could be. One I'll be passing to my colleagues tomorrow to be aware of.
I'm getting a feeling that youtube is a scam. I click on the video, an ad plays up to 1 sec. before it can be skipped and locks up the content. Restarting it just puts it in a loop. Awful. OK?
Half the problem is that banks rely so much on email communications. I went back to all my important stuff coming in the mail, and thankfully 2 factor authentication is a thing for online stuff.
Great video, thanks. BTW, what happened to the Spanish Omelette video from yesterday? It's vanished.
I've pinned a comment here about it
scammers have chatgpt now
10:38 it used to work. but with time, more and more websites block this option and don't accept plus sign as a part of a valid email address
One of my biggest tips for anyone is that if you are suspicous but still worried then phone the company directly, using a number you find on official sources. Then you can sort out the problem if it's real or find out if it isn't.
another banger of a video my guy
i'll watch this soon, after my lgr vid, but wondering if we'll get to see the spanishish vid again soon? i wasn't quick enough to watch earlier
A few days ago got home, groggy after a long day at work. Got an email (supposedly) from PayPal, telling me they had to lock my account because of some vague illegal activity detected on it. Read through it and it was well (enough) written and provided some nice button to (probably) get to a login page. I was about to open a browser and 'manually' log in to PayPal (I made it a habit to never click links in emails). But then the whole 'illusion' suddenly broke down. The sender address was gibberish. The greeting was addressed to the email address rather than my proper name. Stuff like that.
So without that 'never click links' rule, they might have gotten me to at least go to their fake website, cause over being tired, their email was just good enough that evening. What I'm getting at, thank you for helping us keep ourselves safe
When I was a pre teen I made a handful of emails so I could make multiple accounts on websites like quotev. Ended up being amazing because I have different emails with different fake names so I only use my important email for like government websites and banks. Even when I order food ahead of time the baristas call out one of the random names because I don’t like food emails clogging up my inbox.
Oh no, I'm up way too late. 😢 (3:00am)
Dude, it's 9:15
Incorrect, it's 3:16am
8:18 GMT actually :)
Sorry to hear! I hope you get to rest well. ❤
@@UltimatePerfection maybe on your side of the planet 🥱
A jolly good video in the morn’. Kwoite a blummin’ brilliant session of scambaiting it was, may the King’s blessing be on you.
bloomin'?
My email is starting to go crazy with scam emails from people pretending to be companies. I set them to spam and report them right away. I log in directly to my account, or phone the company directly if i question the content of an email.
I like how you mentioned going to the site directly instead of trying to click through to it, that's what I'll usually do if something seems up
I must now revive the usage of the word kindly.
could you kindly refrain from doing that, perchance
I prithee, foreswear such folly upon the instant.
I hope this comment finds you in good spirits
I posted an ad for my business with facebook, and throughout the campaign I received several spam emails and fb messages saying that I had a copyright violation and needed to address it. The email link led to a facebook page. But I had no red flags otherwise that it was a fake e-mail. Very well crafted scam, I did not follow up other than reporting the page to fb and the messages
I’m in the United States, Buffalo NY
Whenever I’ve received any kind of mail to verify my information from any service provider it’s direct and to the point
It gives you the information they need confirmed and either gives you a phone number with the customer service hours for email or a postage paid envelope to fill out the piece of paper to return with the phone number and business hours in case you don’t want to mail it for physical mail
Anything business related would never be worded like that and in some cases it’s even worded like a legal document a lawyer would send so definitely wouldn’t say
I hope this finds you in good health 🤣
I really appreciate your videos because I’m sure there’s many people who would just assume they are genuine
Lots of people would love to think the people who work where they bank genuinely care about their wellbeing
As a Halifax customer I would have deleted this instantly. NO bank in the UK is going to ask how I am. 😂
My SO works in banking (in the risk area) and reporting emails like that is huge so please keep doing it.
6:23 noted, so that data breach stuff can still affect you a decade later. Always change your stuff after data breaches.
Anytime I receive anything from text messages to emails for something I use I go straight to the website. Saves me time reading anything and I can quickly discern if it is just another scam email or not. Usually anything you receive in the mail will also be shown in your account.
If I get an email that looks really authentic asking for any information or informing me of fraud I contact the bank directly. It is now easy for scammers to get your information through public records and data breaches. I once got an official looking email from a bank that I never had an account from that had my name and phone number on it. I actually contacted the bank through official means to make sure someone didn’t open an account in my name. They reassured me that the email was fake and that there wasn’t an account in my name open.
I once mentioned my bank's name in a comment on a big social media site that wont be named but starts with the letter F.
Within a minute, in my inbox was an official looking email from my "bank" wanting to verify some things via a link. I phoned the bank directly and they had sent no such email.
If i hadn't put 2 and 2 together and had clicked that link, I'm sure I'd have been robbed.
I think another convincing part of this email is the lackadaisical "no worries, just get back to us at your earliest convenience" part at the end of the first paragraph. Sure, the very next paragraph has that "CHECK NOW" urgency in it, but usually that urgency is throughout. Curious.
One thing I have always done in the case where I get an email about updating my account or such, I would visit the actual site rather than clicking on any links in the email. I almost never click links in emails, unless I am specifically expecting a confirmation email that requires me to click their link in the email; where-in it would be Extremely Coincidental if I got a scam email from someone with the exact same website/business name as I was expecting.
A few days ago, I received a recorded message to my home telephone number telling me that I had some issues with my account and that some money were taken from it...etc. The caller was using a toll-free number. I called the number several times and I had always a voicemail asking me to leave my private info. I got suspicious and I phoned my bank. Likewise, I was told that it was a scam. I was not sure because the person had a normal white's American accent, the same directives as my bank with the same music...etc, when I phone it, so I emailed the fraud department of the bank. And yes, folks, the fraud department wrote me back and told me it was a fraud. My emphasized point here is that some scammers are very sophisticated, and they even use toll-free numbers to contact their victims.
The first thing I noticed that immediately gave it away was that the color blue in the Halifax logo and the "I hope this reaches you..." header don't quite match
If it's from a bank, go to the bank's own URL and look for a personal message there.
The English is pretty good but they said "Actions are required."
There's only ONE action required at this point, "click the button".
Unusual words like "kindly" should set a red flag too.
Very good video. Thanks.
6:07 I live in Malaysia and I didn't know that Kindly is an old fashioned term! Well as they always say, you learn something everyday!
I started a new job for a small business. I had met the owner and a email came through my work emails saying it was him and he needs my number. Thought it was an odd and decided to ask at work about it. For a small business it's crazy they knew the owners name and I was a new starter 😅