Urgent;I've had a phishing email re my donation to gofundme

[mimivanne]

Just checking my emails.1.19 pm, email from 'Nate' at the GofundMe trust and safety team requesting a copy of my government issued photo ID ,evidence of my connection to the campaign such as links to social media.
Failure to respond within 48hrs will result in the refund of my donation.
Checked GofundMe t @ c's ,states they will never request personal details.
Very worrying

Yes, this does not sound right.

If I were asked for photo ID, I'd be tempted to send them a fake ID with a badly photoshopped anime character as the photo. Works on twitter, doesn't it?

But this is not funny. This is sinister.

Wait a mo itsallgoingtobefine

You donated anonymously and still got refunded?

WTF?

@BarrackerBarmer - was that quote from PocketCoffee's deleted post?

But this is not funny. This is sinister.

^this

Oh wait, I see where that got confusing.

OK, phew, standing down.

Ok. I'm a bit confused and now paranoid. I got this email. I've ignored it. I used a different name. So yes, how did the email me?
What should I do as next steps?

Argh. Paranoia... maybe the Romulans are our to get me after all!!!

It will be interesting to see how they respond to this. My donation was anonymous so I've not had any emails yet...

I donated anonymously and have had no emails.....

I've had a peruse of both their T&C's and their Privacy Policy and can find nothing about needing to submit photo ID for anything, not even starting a campaign.

It's very easy to fake an email address and emails of this type are very common. Don't reply to it or click on any links, instead contact GoFundMe and change your password.

support.gofundme.com/hc/en-us/articles/218413318-Recognizing-Suspicious-Emails-or-Phishing-Attempts

A refund of ..... has been issued for the payment you made to Keep All-Women Shortlists Female!. The money you were charged will be returned to you within 3-7 business days.

heres one I made in another name. Email came from [email protected], which seems legit. Messaging entirely different from the phishy sounding ones.

That advice is to organisers though as they have contact emails on their fundme page. Theoretically, donors contact info should be secure and confidential (unless they have social media linked to their account - which I don't) and impossible for a phishing email to be sent in this way... unless an employee has 'leaked' info.

It's not impossible for an email to be sent like this. Fake emails which spoof legitimate accounts are very, very common.

Why is there no word back? This is hours ago, it wouldn't take long to verify or discount one email.

Saskia - if it is fake, the question is not so much "how did they spoof the reply-to account?" (as you say, this is relatively easy to do) but "how the hell did they get the list of addresses to send to in the first place?"

From the CAB:

www.citizensadvice.org.uk/consumer/scams/scams/common-scams/computer-and-online-scams/phishing-spam-emails-and-fake-websites/

*Phishing usually takes place through spam emails sent to millions of addresses. These emails look like they come from a genuine companies, usually a bank or credit card company, and they ask for details of your account.

The company claims you need to update or confirm your account details by clicking on a link. The link then takes you to a bogus website where your details can be used by criminals.*

HairyBallTheorem OTTOMH, I'd guess they use software to harvest user names and then generate email addresses using those names combined with the most commonly used email accounts. Alternatively, the people who have received them have had their accounts hacked.

It's not impossible for an email to be sent like this. Fake emails which spoof legitimate accounts are very, very common.

I know, I stupidly got caught by one in December, had only just got a new card as had lost one (which is why I replied to the fucking phishing email) and that nixed the new one! Luckily realised straight away then transferred all my money out immediately.

Saskia - but the point is that the people who've been targeted are the ones who used pseudonyms. So the publicy available information was "WellKnown LeftyDudebro", while the rest of the information - bank account in name of A GenderCrit, email of gendercrit@yahoo or whatever - should have been securely stored.

If the emails were indeed phishing emails, it doesn't make sense. To send out the phishing emails, they'd have been wasting their time sending them to leftydudebro@yahoo. So whoever sent them out had access to the supposedly secure list of containing gendercrit@yahoo. That's what's so suspicious.

Saskia;
My email add is often queried by companies who haven't heard of it ,so hoping I've not been hacked

They aren't wasting their time, the whole thing is automated, they generate and send hundreds of thousands of them at a time. Most will bounce because the addresses don't exist, but some will get through and people do respond to them. Which is what makes it lucrative.

If the user names don't match up, then anyone who has received one should change their password and contact GFM because it's likely their account has been hacked.

I'm worried too. I replied to the one that asked for my ID etc., I asked them to refund me and to remove me from their mailing list.

I've also contacted gofundme directly through their website and asked them to verify that it was them that emailed me. It's all very fucking dodgy!

Never respond to them, click on anything or interact with them in any way. At best, you'll be added to umpteen other lists, at worst you could access a dodgy site or give away info which lets the sender steal your identity.

mimivanne what do you mean by queried?

I don't have a good understanding of these things, but I don't even have a gofundme account because it keeps asking me to complete my account set up when I go on the website. I used another name to donate so the only way they could have emailed me is if they were able to lift my address from gofundme - my email isn't something that could be guessed from the publicly available info on gofundme. I'm livid.