This morning (Tuesday, March 10), a number of people affiliated with our church received an email appearing to be an “invitation” from a well-known church member, sent through the “Greetings Island” service. (See above screenshot.)
Please note that while Greetings Island is a legitimate electronic invitation service, the notes we received are NOT actually from either Greetings Island or the church member (which that person has confirmed). And a closer look at the email verifies this. First, when you mouse over the green “View Invitation” button, you’ll see that the URL that pops up is NOT a link to a Greetings Island page. Instead, it goes to a domain called nft.hookealo.bio. Also, if you do click the green View Invitation link (though we definitely advise against it!), it takes you to what looks like a Google/GMail log-in screen, which it says you must fill out before you can open the supposed invitation. Again, though, if you look closely at the URL bar above the log-in screen, you’ll see it’s neither a Greetings Island nor a Google/GMail page, and it is, once again, a link to something on the suspicious nft.hookealo.bio site.
Just how suspicious is it? If you do a quick Google search for the core domain nft.hookealo.bio, the first hit will be a big warning:
Warning
Suspected Phishing
This website has been reported for potential phishing.
Phishing is when a site attempts to steal sensitive information by falsely presenting as a safe source.
And what are they phishing for? Let’s go back to that “Google” log-in page – the one asking for your Google email address and password. That seems to be exactly and very specifically what they’re looking for…and it’s what they will get if you enter and submit the requested information. Please, please, please DO NOT ENTER YOUR GOOGLE LOGIN INFO! And better yet, please do not click to open the supposed invitation. It is not from our church member. It was not sent through Greetings Island. It is a cleverly veiled (including both the church member’s picture and characteristic signature line) attempt to steal your Google login name and password.
If, however, it’s too late and you did enter your Google information, please change your Google/GMail password as soon as possible.
Unfortunately, this is not the first time we’ve seen a fake/scam electronic invitation sent to a number of church members. But this one does seem to be the most sophisticated of the attempts so far.
Also unfortunately, there is nothing we can do about the assault because these things are usually sent by a virus that has harvested the address book from someone’s computer. And we have no way of knowing whose it was…only that the stolen addresses included a lot of church members. So the best thing everyone can do is 1) be super vigilant about clicking on emails that may not be what they appear to be at first glance…2) do not provide the private information requested in the email…3) if you did provide your Google information, change your Google password asap, and 4) make sure you have good virus protection on your own computer, and run frequent scans to prevent similar viruses from infecting your machine and launching new attacks.
For more information on past scams targeting our church members, please see these previous news stories:
Scammers at it Again – This Time with Fake Texts to Church Members
