Possible hacking or plfishing
When I clicked on an email sent to me concerning information about one of my relatives,
I see in this long string "mkt_tok" in other words TikTok. Additionally, I was listening to the business channel when they said that FS would be partnering with the CCP. I have already called in and spoken to an elder. He explained, and I knew, that the Asian family histories are centuries old. And, of course, that would enhance your platform. The elder was concerned that I may have been hacked or "someone" was plfishing. So, he suggested that I provide this information to the IT folks to have a look. In the meantime, he said, don't put anything else on my tree until I hear back from your people. He wanted me to include the actual email, so here is a screen shot.
Thank you for your time.
Joyce
Answers
-
We appreciate you bringing this problem to our attention. The issue has been reported to the appropriate team, who will research the situation. We will get back to you as soon as we have an answer. Thank you so much for your kindness and patience while this is being addressed.
0 -
Thank you. Look forward to your analysis.
0 -
I received an email that looks like it came from Family Search but suggested a very strange request that isn't like anything I've ever seen from Family Search. Here is what it asked. I did not open it.
Lawrence, we’ve found a hint for an unrelated individual needing to be attached to the family tree of mankind.
This is not your ancestor, but your help can make discoveries possible for others worldwide. Just review the hint to help ensure it’s a match to the person in the tree before attaching. Can you help review and attach this record?
United States, Social Security Numerical Identification Files (NUMIDENT), 1936-2007
0 -
Both of these e-mails look pretty legitimate. In the first one I suspect that "mkt_tok" has nothing to do with TikTok but rather stands for "Marketing Token."
I received one of the second ones mentioned and looking at the full sender address and all the links to everywhere without clicking on them, it all looks to be from FamilySearch. That new database of Social Security identification is huge. All my recent US relatives have multiple hints from it and I think I could spend all my time the next couple of months just attaching those hints. Which means that at this point I'm not going to bother. All the one's I've checked out really have not added any new information. FamilySearch must have decided to help people out in getting these records attached as sources by trying to recruit volunteers to attach them.
It would be nice if FamilySearch included instructions on how to access these kinds of activities without clicking on a link in an e-mail since that is one of the things computer security lectures always give strict warnings about. Something like having under the Review Hint button a statement that says: "Or go to the FamilySearch web site, sign in, go to your personal landing page, and click on the banner for this activity you will find there." They would need to, of course, have another way, such as a banner on the landing page, that will take us to the activity. That would cut down on the accusations of phishing that seem to get posted here whenever there is a new marketing campaign.
It would also prevent problems if some day an email pops up that really is a phishing attempt trying to catch those people who use the same user name and password for both FamilySearch and their bank accounts.
1 -
Gordon is correct. Both were legitimate emails from FamilySearch.
0
