On 16/05/2023 12:16, Ian Goddard wrote:
> Enno Borgsteede wrote:
>> Op 15-05-2023 om 03:53 schreef Denis Beauregard:
>>> On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
>>> <ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:
>>>
>>>> Searching for the text online indicates that others have received them
>>>> as well bu no explanation on a look.
>>>
>>> Perhaps this ?
>>>
>>>
>>> https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean
>>>
>>> This sounds like a mistake when testing some new feature !
>>
>> I don't think so.
>
> It was.  familysearch.org have confirmed that to me:
>
> "Last week we changed one of the settings in the Beta Community, which
> is a testing site that we use before anything gets launched here in this
> Community. That change triggered a mass email that we did not know was
> going to be sent. We are still exploring why the email was sent and who
> got it. We are so sorry for the confusion.
>
> Please disregard these emails or any others that direct you to the Beta
> Community."
>
>
> I followed the link to the beta community, and signed
>> in with my existing FamilySearch account. I did that, because I felt
>> safe enough to do so, because it looked like a legitimate page in the
>> FamilySearch domain,
>
> Thousands of people have done similar things because they felt safe
> because it looked like a legitimate page in a legitimate domain.
>
> You were lucky this time.  It was a legitimate domain, only the email
> was an error.
>
> What has happened is that familysearch.org have now trained you to be
> accepting of emails which look as if they've come from a trusted source
> and to click on and log into what looks like a trusted site.  And next
> time you do that it might be a scammer.  You might get your bank account
> emptied.  If you do that on a work computer your company might get taken
> down with ransomware.
>
> This time you were lucky.  Next time you might not be.  I repeat, this
> time you were lucky.  Please don't push your luck.

Unfortunately big organisations that should know *MUCH* better do this
sort of thing all the time. I got one this morning which I believe to be
genuine from the Charities Commission that was indistinguishable from a
sophisticated spear phishing attack (and may yet prove to be one).

It was titled "Setting up your Charity Commission Account" and tells me
that I will have to follow a magic link that they will send me shortly
in a later email to verify my credentials. The phone number given for
support is the genuine one from their own website...

Injection was via a probably government Amazon hosted mail server.

WTF they can't port the existing credentials over to the new system I
don't know. I expect it is an IT problem of pay peanuts get monkeys.

I have complained to them about just how stupid this is as an SOP but I
don't honestly expect much if anything by way of a reply :(

--
Martin Brown