24
Caught a phishing email at 2am that almost got me
Working night shift at the hospital last Tuesday, I got a text from 'HR' saying my direct deposit changed. Looked legit with the logo and everything, even had a link to a login page. But I noticed the URL was hxxps://company-payroll.xyz instead of the real .org domain we use. I reported it to IT and turns out 12 other people on my shift clicked it before I caught it. Now I double check every single link before I tap it, even at 3am when I'm running on coffee. Anyone else get hit with these fake HR texts lately?
3 comments
Log in to join the discussion
Log In3 Comments
anthony76311d ago
Watch out for those fake login pages too. I almost got caught by one that cloned the EXACT same page, same fonts, same layout, everything. Only thing that saved me was the URL was .info instead of .com. Now I always bookmark the real login page and go through that, never from a text or email link. And tell your coworkers to enable two-factor authentication if your system has it, that extra step stops most of these scams cold.
4
gracethomas11d ago
Did you catch that before you typed anything in? That's the scary part, those phishing pages look so identical now that even a careful person can slip up. I always tell people to check the padlock icon in the URL bar too, if it's not locked or it says "Not Secure" don't trust it. And you're dead right about two-factor, I set it up on my work login and it's stopped two attempts already where someone had my password. Another thing that helps is using a password manager, they usually won't autofill on a fake page because the URL doesn't match. Saves you from having to memorize a million different logins anyway.
6
johnson.river10d agoMost Upvoted
Bookmark the real login page and never click links from texts or emails, period.
6