Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
We3D26521yAny payment ( especially the scam ones ) can wait till I'm out 4 fun. safety first, will check it when I'm 'sober' some time later and carefully inspected before clicking anything in the mail or other links and tricks =]
-
@We3D @thekarlisk
I was not going to pay anything. I knew I was paying the more expensive parking fee of the two and I planned to argue the fine. At that point, I just wanted to see what's the fine for and what's the amount I "owe" to the authorities.
It was all supposed to be a read-only operation. -
@electrineer That's what's been bothering me since. HOW???
I used an official app to pay for parking.
I also have my phone no. behind my windshield. Maybe it's worth pulling the dashcam's recording to see if anyone noted down my phone no. Otherwise, I suspect the parking lot owner might have a malware sniffing for new parking events and siphoning them out to the phishing engine.. -
Voxera115851y@netikras Even paying the higher might not be good enough.
We used to have a case close to central station here where two parking lots on either side of the entrance road way belonged to different companies and one of them had put their payment station right by the road, between the lots, while the other was half the lot away.
There was quite a lot if people paying to the wrong company until the municipality cracked down and told them to sort it out due to all complaints landing at the stations customer service. -
@theKarlisK I was using 4g so I guess not a mitm.
Ofc it could be a coincidence that I happened to park in a confusing parking lot just minutes before "getting a fine". Knowing that I haven't received such phishing attempts for years now, I find it qjite unlikely. But not impossible... -
@Voxera but looked it up...Where..? There's no publicly accessible registry mapping plates with a phone no
-
@theKarlisK I've just finished reviewing the dashcam recording for the time I was parked there. Noone even came close to look what's that number behind my windscreen.
I was kind of hoping... :D -
We3D26521y@netikras usually 2 do scams u have to have put some thought into dat. even if that was their vector, they probably have cameras too, and tele lenses r around for a long time, but u said u don't have public db for that so u better track ur net activity and see if u can find a clue there ;)
-
Unless you can recreate the situation (with another car & number ideally) I'd lean heavily towards this being independent events. I suppose lots of people park cars and might get a fine so targeting this heavily is likely unnecessary and risky.
Related Rants
I just had a boys-out night with my son. Went to some restaurant, found a parking spot in a confusing parking lot (half is more expensive than the other half of the lot, not sure which fee applies to the middle row... confusing), started paying for parking with the app (pays every 15 minutes until stopped).
Went inside, ordered a pizza, some ice cream. Chatting, playing, eating, having fun,... An SMS comes: "You have outstanding fines" and a link to the gov taxes' website.
wtf.. I must have parked in the wrong spot. FUCK! Oh well, it should not be a large fine anyways, it's just for parking....
Click on the link, login with my bank/SmartID creds. Another SmartID dialog pops up asking for a PIN2.
What? PIN1 is for authentication, PIN2 is for Authorization. What am I authorizing...?
Reading through the Auth message: "Paying 2473€ for Boris SomeLastname".
what.....?
Thank God my muscle memory did not kick in and I did not enter that PIN2.
And thank God I know what PIN1 and PIN2 are for.
It would've been one expensive boys-out evening... Even a strip club would've been cheaper.
Stay sharp, guys!
P.S. Later I checked the URL. It used all the right keywords, and it was registered as an .info domain. It was somewhat off, but gov websites trying to be lean do sometimes use some weird ass domains.
rant
phishing
close call