I want to make everyone aware of phishing emails purportedly coming from Jan Daub, the president of the USCA. While these have been appearing for some time it seems they may be increasing or coming to more USCA members. While it is not dangerous to open the email itself you do not want to reply, or click on any links, or call any phone numbers referenced. They could take you to some dangerous places you really don't want to explore. If you receive any questionable emails please let me know and forward the emails to me so I can look at them and determine any common sources or frequency.
A common thread in these phishing emails is a sense of urgency for you to reply by email. If Jan really needs you to do something I'm sure he can find your phone number and call you! Don't reply to the email.
If you look carefully at the 'from' address they do not appear to be using his full formal email address, but something that looks similar. Here are a few examples of some of the emails:
Hi,
I need you to get something sorted out as soon as possible, Let me know if you are available now?
Regards,
Jan Daub
Hi,
I would like to know if you can make a purchase ASAP at the store nearest to you, I plan to surprise some of our boards with gift cards, let me know if you can make the purchase now with your personal funds and I will pay you back tomorrow. I want this to be kept private until they receive the gift cards. Please Let me know.
Waiting for your reply
Regards,
Jan Daub
Again, if there is any question about the content of the email it is better to ask me first before you reply. And send me any questionable emails you might receive.
Jerry
Webmaster
admin@sidecar.com
PS. Here is a definition and explanation of phishing email (Source: https://www.malwarebytes.com/cybersecurity/basics/phishing-email):
What is a phishing email?
A phishing email is a fraudulent message crafted to trick recipients into revealing sensitive information like passwords or credit card numbers. These emails often imitate legitimate sources, like banks or popular websites, to appear credible. They aim to exploit a person’s trust in these institutions, persuading them to provide personal information, clicking on malicious links, or download attachments containing malware.
How to recognize a phishing email?
Key indicators of phishing emails include generic greetings, spelling and grammar mistakes (although not always), and urgent or threatening language that pressures the recipient to act quickly.
Suspicious links or attachments and sender email addresses that don’t match the legitimate organization they claim to represent are also telltale signs. Additionally, requests for sensitive information, which legitimate organizations typically won’t ask for via email, are a red flag.
Examples of phishing emails
Some well-known examples of these scams include a PayPal phishing attack, an IRS scam, and a Google Docs scam, each of which employs distinct tactics to deceive targets:
- PayPal phishing attack: This scam involves emails that appear to come from PayPal, often with convincing logos and formatting. The emails usually claim there’s an issue with the recipient’s account and asks them to click a link to verify or update their account information. The link leads to a fake PayPal website designed to look authentic, where victims unknowingly enter their login credentials, which are then stolen by the scammers.
- IRS scam: In this phishing attack, individuals receive emails that seemingly come from the United States Internal Revenue Service (IRS). The emails often create a sense of urgency, claiming that there’s an issue with the recipient’s taxes or tax return. They typically ask for personal and financial information, under the guise of resolving the issue. However, the IRS does not initiate contact with taxpayers via email to request personal or financial information.
- Google Docs scam: This scam involves emails that invite recipients to view a document on Google Docs. The email might appear to come from someone the person knows, which is part of the deception. Clicking the link in the email does not lead to a real Google Docs page but rather to a malicious website which may be designed to steal Google account credentials or install malware on the victim’s computer.
In all these cases, the common thread is the use of deceptive emails that mimic legitimate sources to trick individuals into giving away sensitive information. It’s crucial to be vigilant and scrutinize emails for authenticity, especially when they request personal information or direct the recipient to an external website.
Why are phishing emails dangerous?
The dangers of phishing emails are significant. They can lead to identity theft, financial loss, and malware infections. Victims may face unauthorized transactions, loss of control over personal accounts, and long-term damage to their credit score. The personal impact of these threats includes stress, loss of privacy, and potential legal issues if one’s identity is used for illegal activities.
What happens if you open a phishing email?
Opening a phishing email itself is generally not enough to compromise your computer with viruses or malware. These malicious elements are usually triggered when you download an attachment or click on a link within the email. However, opening the email can alert the sender that your email address is active, potentially leading to more phishing attempts. It’s crucial to remain vigilant and avoid interacting with any suspicious content within such emails.
What happens if you answer a phishing email?
Responding to phishing emails is risky for several clear reasons. Even if you know it’s a fake email, replying can lead to more trouble. Most phishing attacks are run automatically, and when you respond, it puts you on the scammer’s radar. Remember, these cybercriminals are often involved in illegal activities and can be harmful.
Firstly, if you reply to a phishing email, you accidentally give the scammer your personal or your company’s email signature. This signature usually includes phone numbers and other details, which the scammer can use to make more convincing fake emails to trick you and others.
Secondly, when you reply, it tells the scammer that your email is in use. This makes you a bigger target for future scams. Your email address might even be sold to other cybercriminals.
Lastly, your email’s technical details can give away your location. This means scammers can figure out where you are, which adds to the risk.
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
Jerry, thank you for posting this information. Seems our members have been hit multiple times with spam just this week.
Hey ALL, when in doubt, DON'T. DELETE.
If I really need your help, I'll call you.
Jan
Jerry--
Speaking of spammers upping the ante, I recently got an e-mail from Zelle (which is a digital money transfer service kinda sorta like PayPal). Everything about the email looked legit including all the header and sender info. Even when I hovered my cursor over the links. The email confirmed that I had just sent $996 to somebody somewhere. With of course a clickable button if I wanted to stop the transfer.
I wasn't worried since I don't have a Zelle account. Ha! But I had to admire the professionalism of the thing. No typos. No formatting errors. No spelling errors. No foreign URL's.
My email server (Yahoo) allows you to look at the raw message if you want. I did this and about halfway down through all the digital header info I spotted the telltale -- "sidecar.com" -- and was able to relax knowing that my Yahoo account had not been hacked. Just another USCA spammer! LOL But this was the best one by far.
Never say never. But the first time I actually get scammed out of real money I think I'll send the guy an extra $100 in recognition of his brilliance and ingenuity. Because I am NOT an easy mark!
Have owned 5 rigs but Rig #2 is my current one!
And as long as I'm in the mood for spouting off, is there anybody else out there who is miffed by the "capcha" thing you have to satisfy in order to log on? Over and over and over again capcha asks me to click on the squares containing a motorcycle. And there are NONE! NEVER! Lots of pics over and over again of motor scooters. Scooters here there and everywhere. All kinds of scooters! But nary a motorcycle to be found. And if you fail to identify the scooter as a motorcycle well then BZZZT you don't pass.
I guess it would be like going to a scuba diving forum, showing them a picture of a snorkeler, then asking them to click on all the squares with a scuba diver. It would tick those guys off!
How I would love to find the idiots who create the capchas so I could grab them by the neck and give them a good hard shaking. Then show them the difference between a scooter and a motorcycle.
Don't worry, Jerry, we all know it's not you who picks the pics. This is just me shaking my fist at the wind.
Have owned 5 rigs but Rig #2 is my current one!
Stay tuned, there may be an announcement coming soon...
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
Some people go to work everyday at a "normal" job and some people make it their full time job to steal your money. If you spent 40 hours a week at it, you could get pretty legit looking stuff.
Especially now that AI means something totally different than it did for us old farm kids back in the day. It used to mean artificial insemination. A good way to get cows to reproduce with no bull present. Now that it means Artificial Intelligence, certainly a different kind of bull involved.
Quote from DRONE on March 23, 2024, 10:51 pmAnd as long as I'm in the mood for spouting off, is there anybody else out there who is miffed by the "capcha" thing you have to satisfy in order to log on? Over and over and over again capcha asks me to click on the squares containing a motorcycle. And there are NONE! NEVER! Lots of pics over and over again of motor scooters. Scooters here there and everywhere. All kinds of scooters! But nary a motorcycle to be found. And if you fail to identify the scooter as a motorcycle well then BZZZT you don't pass.
I guess it would be like going to a scuba diving forum, showing them a picture of a snorkeler, then asking them to click on all the squares with a scuba diver. It would tick those guys off!
How I would love to find the idiots who create the capchas so I could grab them by the neck and give them a good hard shaking. Then show them the difference between a scooter and a motorcycle.
Don't worry, Jerry, we all know it's not you who picks the pics. This is just me shaking my fist at the wind.
That capcha thing is used to train AI. Along with a lot of the data that is recorded on you activity's. Ever notice how they what you to stay logged in. So they make it a pain to log in. Then you will likely stay logged in. Also they are always pushing you to log in with a goggle account. Nothing safer in doing so. Just faster and easier for tracking.
