Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Scam (?) hiding in Fido email
Old 03-17-2017, 04:55 PM   #1
Thinks s/he gets paid by the post
 
Join Date: Jun 2004
Location: E. Wash
Posts: 1,007
Scam (?) hiding in Fido email

DW got an email from what initially looked like Fidelity this morning. Subject line read something like "pending document requiring signature". Had the Fidelity logo and color scheme. Email address of sender was different. Text of email indicated email was from DocuSign and was being sent at the request of Fidelity to complete "important document that was pending and would soon expire". At bottom of email was a link to "review document"
The request was a bit of a surprised as we had recently completed docs to authorize each other to trade the others tax shelter accounts. However to the best of our understanding this was completed a couple weeks ago.
We checked DW's Fidelity account directly and could not find any message relating to an unsigned doc. Called Private Client rep immediately who returned call fairly quickly after she completed scouring their system for such an outstanding doc. Of course, there was no outstanding doc requiring signature.
Rep had me send the email account to Fidelity's phishing group (phishing@fidelity.com).
Since we never linked to the doc cannot really share what all was on the doc but just guessing they was going to be a form requiring all kinds of personal information as well as signature. What the sender was gong to use the info is unlikely a good thing for any responder.
Hope this heads-up keeps all safe..
__________________

__________________
nwsteve is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 03-17-2017, 05:01 PM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
braumeister's Avatar
 
Join Date: Feb 2010
Location: Northern Kentucky
Posts: 8,003
The attached "document" could easily have been malware, even a key logger. Very glad you were wise enough to avoid that mess.
__________________

__________________
braumeister is offline   Reply With Quote
Old 03-17-2017, 06:46 PM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 17,811
Smart. My rule is NEVER click on links in emails (well, anything financial, or that would require a log on after you follow that link). As you did, just go to the site directly and log on.

I heard on the radio the other day, another 'tip' on looking for this or that to try to tell if an email is legit. No! The bad guys might have done a good job, so just don't do it.

-ERD50
__________________
ERD50 is offline   Reply With Quote
Old 03-17-2017, 06:57 PM   #4
Thinks s/he gets paid by the post
growing_older's Avatar
 
Join Date: Jun 2007
Posts: 2,551
Just got an email from our local school district, warning that someone has been phishing with very realistic looking email about next year's assignment to schools that asks for personal information. They're everywhere.
__________________
growing_older is offline   Reply With Quote
Old 03-17-2017, 07:08 PM   #5
Administrator
Gumby's Avatar
 
Join Date: Apr 2006
Posts: 9,880
Got something similar from ersatz Amex today. As ERD50 says, just back out, go to the site and log on. Don't click the link in the email.
__________________
Living an analog life in the Digital Age.
Gumby is offline   Reply With Quote
Old 03-17-2017, 07:49 PM   #6
Thinks s/he gets paid by the post
Fedup's Avatar
 
Join Date: Mar 2014
Location: Southern Cal
Posts: 2,930
I've heard from Mathjak that Fidelity caught somebody trying to sell his wife's password and account. I don't answer phone, click on email, not cell phone of anybody I don't recognize. It's best to be safe.
__________________
Fedup is offline   Reply With Quote
Old 03-17-2017, 08:21 PM   #7
Thinks s/he gets paid by the post
 
Join Date: Jul 2005
Posts: 3,862
I've had legitimate versions of the DocuSign email, for the same reason - I was added as an authorized trader on DM's account. In our case everything was handled electronically, no paper forms. I was expecting the email, followed the instructions, and everything was fine. Also, no data was asked for. That was already in the document to be reviewed. Just a signature was required, which is bad in its own way.

If it is something you are expecting it should be legit. If it is out of the blue it would be suspicious. But I'm not sure there is a way to do the DocuSign function without clicking on some links of the legit email.
__________________
Animorph is offline   Reply With Quote
Old 03-17-2017, 08:31 PM   #8
Full time employment: Posting here.
Souschef's Avatar
 
Join Date: Dec 2015
Location: Santa Paula
Posts: 981
For the first time in a while, I just got an e-mail from a banker in Benin, wanting to split an $18 mil account with me.
__________________
Retired Jan 2009 Have not looked back.
AA 95%/0/5
WR 2% SI 2SS & 2 Pensions
Souschef is offline   Reply With Quote
Old 03-17-2017, 08:40 PM   #9
Full time employment: Posting here.
 
Join Date: Sep 2014
Location: Grapetown
Posts: 609
Send $100 to me and forward the email to me. I will get back to you if it is legit.
__________________
Winemaker is offline   Reply With Quote
Old 03-17-2017, 09:46 PM   #10
Thinks s/he gets paid by the post
Hyperborea's Avatar
 
Join Date: Sep 2002
Location: Silicon Valley
Posts: 1,008
Another tool to use to help you figure out if an email is legit is to look at the raw email with all the headers. Most mail apps or webmail services will let you do this. The "From" field can be faked and you will need to look at the routing information. The email spec is from a simpler, less complicated, more trusting time in the internet's history.

Here's a simple introduction on how to do this.
https://www.arclab.com/en/kb/email/h...-spf-dkim.html
__________________
Hyperborea is offline   Reply With Quote
Old 03-17-2017, 09:51 PM   #11
Thinks s/he gets paid by the post
SecondCor521's Avatar
 
Join Date: Jun 2006
Location: Boise
Posts: 2,217
Quote:
Originally Posted by Animorph View Post
But I'm not sure there is a way to do the DocuSign function without clicking on some links of the legit email.
One way would be for the company asking you to DocuSign something would be for them to ask you to log into your account, go to a secure message they sent you, then click on the link in the secure message.
__________________
"At times the world can seem an unfriendly and sinister place, but believe us when we say there is much more good in it than bad. All you have to do is look hard enough, and what might seem to be a series of unfortunate events, may in fact be the first steps of a journey." Violet Baudelaire.
SecondCor521 is offline   Reply With Quote
Old 03-17-2017, 10:47 PM   #12
Thinks s/he gets paid by the post
 
Join Date: Jun 2004
Location: E. Wash
Posts: 1,007
Quote:
Originally Posted by SecondCor521 View Post
One way would be for the company asking you to DocuSign something would be for them to ask you to log into your account, go to a secure message they sent you, then click on the link in the secure message.


This is standard procedure I have previously experienced with Fido in past
__________________
nwsteve is online now   Reply With Quote
Old 03-17-2017, 11:33 PM   #13
Thinks s/he gets paid by the post
redduck's Avatar
 
Join Date: Mar 2005
Location: yonder
Posts: 2,050
Quote:
Originally Posted by Hyperborea View Post
Another tool to use to help you figure out if an email is legit is to look at the raw email with all the headers. Most mail apps or webmail services will let you do this. The "From" field can be faked and you will need to look at the routing information. The email spec is from a simpler, less complicated, more trusting time in the internet's history.

Here's a simple introduction on how to do this.
https://www.arclab.com/en/kb/email/h...-spf-dkim.html
After reading all the posts so far in this thread, there's no way I'd click on the above link.
__________________
Carpe cōleī
redduck is offline   Reply With Quote
Old 03-18-2017, 02:36 AM   #14
Recycles dryer sheets
 
Join Date: May 2005
Location: Bend
Posts: 169
i just got a e mail from paypal showing a uber transaction. VERY realistic. Included several hot links. I was about to click. Then i realized it came to an alternate e mail that my uber & my Paypal are not registered on.

Usually you can tell because something is "off" in the e mail. This was cloned exactly like a Paypal site. Looking after the fact the "From" address was a bit funky.

That was close. If that had come to my registered e mail I might have been sucked in. I do go to a new browser window to log in though most of the time
__________________
Scrapr is offline   Reply With Quote
Old 03-18-2017, 03:49 AM   #15
Thinks s/he gets paid by the post
DrRoy's Avatar
 
Join Date: Dec 2015
Location: Michigan
Posts: 1,510
Quote:
My rule is NEVER click on links in emails (well, anything financial, or that would require a log on after you follow that link). As you did, just go to the site directly and log on.
+1
__________________
"The mountains are calling, and I must go." John Muir
DrRoy is offline   Reply With Quote
Old 03-18-2017, 04:58 AM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 15,132
I have never gotten a Docusign document from Fidelity. I didn't even know they used Docusign. Do they?

Regardless, the only reason to get a Docusign notification is because you initiated some major account action somewhere else.

Please forward your email showing the full headers to Fidelity fraud department. They probably have an address fraud@fidelity.com.
__________________
Well, I thought I was retired. But it seems that now I'm working as a travel agent instead!
audreyh1 is offline   Reply With Quote
Old 03-18-2017, 06:28 AM   #17
Thinks s/he gets paid by the post
DFW_M5's Avatar
 
Join Date: Sep 2003
Posts: 4,931
I periodically get these email phishing schemes from various fake banks and credit card companies, and the phone call that there is a warrant out for your arrest. Have not seen the Fidelity one yet.
__________________
Doing things today that others won't, to do things tomorrow that others can't. Of course I'm referring to workouts, not robbing banks.
DFW_M5 is offline   Reply With Quote
Old 03-18-2017, 06:41 AM   #18
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,571
Email links, even when appearing genuine, should be avoided. At least take the time to hesitate, and let your mouse pointer hover over the link so you can inspect where it goes. Still, you should try to avoid doing this.

I have a relative, who I've never met in person. She is older, and is sending me links from facebook people she has met in regard to ancestry research. Warning, warning, warning!!!
__________________
target2019 is offline   Reply With Quote
Old 03-18-2017, 06:42 AM   #19
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Second City Land
Posts: 23,462
Even legitimate email docs are often infected, I don't open them unless I can verify they are legit and I have a need. Same with unsolicited links.

Here's a case of a cyber-security firm falling victim - an employee opened a bad email doc. From Krebs on Security this morning https://krebsonsecurity.com/
Quote:
On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that bills itself as “the choice provider of cyber security services to the federal government” — told all employees that their W-2 tax data was handed directly to fraudsters after someone inside the company got caught in a phisher’s net.
__________________
MichaelB is offline   Reply With Quote
Old 03-18-2017, 06:47 AM   #20
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,571
Quote:
Originally Posted by redduck View Post
After reading all the posts so far in this thread, there's no way I'd click on the above link.
Ha, good one. I did look at the link, and it goes to arclab.com.
If you trust me, and go there, the page explains some of what goes on behind the scenes during the process.

The displayed arclab link was identical to the embedded link. It didn't contain mush else than a path to a web page. So I risked all.
__________________

__________________
target2019 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fido bill pay and the newer Fido CC bingybear FIRE and Money 6 03-02-2017 07:44 AM
Scam or no scam ? Moemg Other topics 20 12-01-2009 08:19 PM
Hiding behind pseudo names windsurf Other topics 79 10-17-2008 12:35 PM
...yet another phishing scam via my email mickeyd Other topics 4 05-24-2008 04:14 PM

 

 
All times are GMT -6. The time now is 09:38 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.