That's Your Payroll, Dumbass.
Nov. 3rd, 2023 01:41 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
canyonwalkerMy company has a number of internal Slack channels dedicated to security issues, including one where alerts about security threats are shared. Today two of these channels had messages from different staff members who were concerned about a text message apparently all of us in the US received from a hither-to unknown number.
I saw this message, too. It included a link it asked us to click through to manage information about our payroll. Such messages reasonable raise a bit of skepticism as asking people to confirm financial information is a common scam nowadays. Scammers pretend to be a company the victim does business with, whether that be a bank, PayPal, eBay, etc.
The key word is pretend. Not all email/text/etc. coming from your bank, PayPal, eBay, etc. is fake. Some of it is legit. How can you tell? Well, shit, it's actually not hard! For starters, look at the actual URL of the link. Does it go to the website of a company you do business with? If so, it's legit. (Be sure you see the actual link target as opposed to what the link displays as, if the medium allows those two to be different.) If it goes anywhere else, it's not.
Today's momentarily suspicious text message was from the company that does our payroll. I recognized their name because, well, they've been delivering my paychecks for 10 months. I regularly log on to their web portal to check my paystub details, too. And the link actually went to their domain, as opposed to
"I guess this is spacm as I did not sign up for that," wrote one.
"I believe this is a fraud attempt to hack into our personal information," another responded.
"I don't recognize this company name at all," added the first.
That's your payroll, dumbass, I wanted to respond.
Look, I get it: in 2023 there's plenty of reason to be suspicious of links in text and email. There are plenty of fraudsters out there. But you can't dismiss every link as fake and an attempt at theft— especially when it's so trivial to vet legit links from fake ones.
Oh, and maybe pay attention to who's giving you thousands of dollars every two weeks. What are you, a crooked politician?
I saw this message, too. It included a link it asked us to click through to manage information about our payroll. Such messages reasonable raise a bit of skepticism as asking people to confirm financial information is a common scam nowadays. Scammers pretend to be a company the victim does business with, whether that be a bank, PayPal, eBay, etc.
The key word is pretend. Not all email/text/etc. coming from your bank, PayPal, eBay, etc. is fake. Some of it is legit. How can you tell? Well, shit, it's actually not hard! For starters, look at the actual URL of the link. Does it go to the website of a company you do business with? If so, it's legit. (Be sure you see the actual link target as opposed to what the link displays as, if the medium allows those two to be different.) If it goes anywhere else, it's not.
Today's momentarily suspicious text message was from the company that does our payroll. I recognized their name because, well, they've been delivering my paychecks for 10 months. I regularly log on to their web portal to check my paystub details, too. And the link actually went to their domain, as opposed to
unheardofsite.foreigncountry/link. But that didn't stop some of my colleagues from working themselves into a lather online."I guess this is spacm as I did not sign up for that," wrote one.
"I believe this is a fraud attempt to hack into our personal information," another responded.
"I don't recognize this company name at all," added the first.
That's your payroll, dumbass, I wanted to respond.
Look, I get it: in 2023 there's plenty of reason to be suspicious of links in text and email. There are plenty of fraudsters out there. But you can't dismiss every link as fake and an attempt at theft— especially when it's so trivial to vet legit links from fake ones.
Oh, and maybe pay attention to who's giving you thousands of dollars every two weeks. What are you, a crooked politician?
no subject
Date: 2023-11-04 05:23 pm (UTC)I have a little sympathy, because there are plenty of reports of companies playing "Gotcha!" with their employees with fake phishing scams. But... yes, it's nice to pay attention to where your money comes from!