XPost: soc.genealogy.computing

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On 5/13/2023 10:10 AM, Ian Goddard wrote:

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

NOT IN OVER ELEVEN YEARS OF USING FAMILY SEARCH

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On 13-May-23 10:56, knuttle wrote:

On 5/13/2023 10:10 AM, Ian Goddard wrote:

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

NOT IN OVER ELEVEN YEARS OF USING FAMILY SEARCH

I have been getting messages from FamilySearch for years, and have never received one like that.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On Sat, 13 May 2023 15:10:02 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

Any idea about what would mean "Level 1" ? Sounds like malware.


Denis

--
Denis Beauregard - généalogiste émérite (FQSG)
Les Français d'Amérique du Nord - http://www.francogene.com/gfan/gfan/998/ French in North America before 1722 - http://www.francogene.com/gfna/gfna/998/ Sur cédérom/DVD/USB à 1790 - On CD-ROM/DVD/USB to 1790

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On 5/13/2023 6:32 PM, Denis Beauregard wrote:

On Sat, 13 May 2023 15:10:02 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

Any idea about what would mean "Level 1" ? Sounds like malware.

Denis

I suspect that if you answered that email, you would get a "Level 1" rip
off. And if you cooperate, they could take you for much more.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

knuttle wrote:

On 5/13/2023 6:32 PM, Denis Beauregard wrote:

On Sat, 13 May 2023 15:10:02 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Has anyone else received an email allegedly from Familysearch
congratulating them on being promoted to Level1?

Any idea about what would mean "Level 1" ? Sounds like malware.


Denis

I suspect that if you answered that email, you would get a "Level 1" rip off.   And if you cooperate, they could take you for much more.

Return address is noreply at familysearch. The links in the email look
like a subdomain of familysearch unless there's one of these look-alike alphabets in use. It's not impossible, of course, that someone has
managed to get at their DNS and create their own subdomain. I'll tru
pinging that to see if there are any clues. The outbound address looks
like the sort of 3rd party -spammer- mailing house that marketing
departments use.

Searching for the text online indicates that others have received them
as well bu no explanation on a look.

The address isn't this one but it is one I might have used with them in
the past and have used here in the past from which it's been harvested

I've emailed FS support so I'll see what they say. If someone has set
up a rogue subdomain they should be able to deal with it. If this is
marketing stupidity the email tells them it's irresponsible.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Searching for the text online indicates that others have received them
as well bu no explanation on a look.

Perhaps this ?


https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean

This sounds like a mistake when testing some new feature !


Denis

--
Denis Beauregard - généalogiste émérite (FQSG)
Les Français d'Amérique du Nord - http://www.francogene.com/gfan/gfan/998/ French in North America before 1722 - http://www.francogene.com/gfna/gfna/998/ Sur cédérom/DVD/USB à 1790 - On CD-ROM/DVD/USB to 1790

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

Denis Beauregard wrote:

On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Searching for the text online indicates that others have received them
as well bu no explanation on a look.

Perhaps this ?

https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean

This sounds like a mistake when testing some new feature !

Yes but it doesn't say much apart from the fact that there are a lot of
people out there who will click on links in an unsolicited email and
even try to log in when those links offer a login page.

FWIW I took a look via a dumb text-only browser but certainly didn't try
to log in. The IP address in the links isn't the same as the normal familysearch.org but it's Cloudflare's so that leads nowhere.

What's missing so far is an explanation/apology from familysearch. Not
even a response to my support message nor anything on the main sit's
front page.

As you say, it looks like a mistake. About the only thing that tells us
is that the familysearch is about as clueless at sending emails as some
of the recipients are about responding to them.

Ian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

T24gNS8xNS8yMDIzIDU6NTMgQU0sIElhbiBHb2RkYXJkIHdyb3RlOg0KPiBEZW5pcyBCZWF1 cmVnYXJkIHdyb3RlOg0KPj4gT24gU3VuLCAxNCBNYXkgMjAyMyAxMDowNjoyNSArMDEwMCwg SWFuIEdvZGRhcmQNCj4+IDxpYW5fbmdAYXVzdG9ubGV5Lm9yZy51az4gd3JvdGUgaW4gc29j LmdlbmVhbG9neS5jb21wdXRpbmc6DQo+Pg0KPj4+IFNlYXJjaGluZyBmb3IgdGhlIHRleHQg b25saW5lIGluZGljYXRlcyB0aGF0IG90aGVycyBoYXZlIHJlY2VpdmVkIHRoZW0NCj4+PiBh cyB3ZWxsIGJ1IG5vIGV4cGxhbmF0aW9uIG9uIGEgbG9vay4NCj4+DQo+PiBQZXJoYXBzIHRo aXMgPw0KPj4NCj4+DQo+PiBodHRwczovL2NvbW11bml0eS5mYW1pbHlzZWFyY2gub3JnL2Vu L2Rpc2N1c3Npb24vMTQ1MTgxL3doYXQtZG9lcy1ub3RpZmljYXRpb24tcHJvbW90ZWQtdG8t bGV2ZWwtMS1tZWFuDQo+Pg0KPj4gVGhpcyBzb3VuZHMgbGlrZSBhIG1pc3Rha2Ugd2hlbiB0 ZXN0aW5nIHNvbWUgbmV3IGZlYXR1cmUgIQ0KPiANCj4gDQo+IFllcyBidXQgaXQgZG9lc24n dCBzYXkgbXVjaCBhcGFydCBmcm9tIHRoZSBmYWN0IHRoYXQgdGhlcmUgYXJlIGEgbG90IG9m IA0KPiBwZW9wbGUgb3V0IHRoZXJlIHdobyB3aWxsIGNsaWNrIG9uIGxpbmtzIGluIGFuIHVu c29saWNpdGVkIGVtYWlsIGFuZCANCj4gZXZlbiB0cnkgdG8gbG9nIGluIHdoZW4gdGhvc2Ug bGlua3Mgb2ZmZXIgYSBsb2dpbiBwYWdlLg0KPiANCj4gRldJVyBJIHRvb2sgYSBsb29rIHZp YSBhIGR1bWIgdGV4dC1vbmx5IGJyb3dzZXIgYnV0IGNlcnRhaW5seSBkaWRuJ3QgdHJ5IA0K PiB0byBsb2cgaW4uwqAgVGhlIElQIGFkZHJlc3MgaW4gdGhlIGxpbmtzIGlzbid0IHRoZSBz YW1lIGFzIHRoZSBub3JtYWwgDQo+IGZhbWlseXNlYXJjaC5vcmcgYnV0IGl0J3MgQ2xvdWRm bGFyZSdzIHNvIHRoYXQgbGVhZHMgbm93aGVyZS4NCj4gDQo+IFdoYXQncyBtaXNzaW5nIHNv IGZhciBpcyBhbiBleHBsYW5hdGlvbi9hcG9sb2d5IGZyb20gZmFtaWx5c2VhcmNoLsKgIE5v dCANCj4gZXZlbiBhIHJlc3BvbnNlIHRvIG15IHN1cHBvcnQgbWVzc2FnZSBub3IgYW55dGhp bmcgb24gdGhlIG1haW4gc2l0J3MgDQo+IGZyb250IHBhZ2UuDQo+IA0KPiBBcyB5b3Ugc2F5 LCBpdCBsb29rcyBsaWtlIGEgbWlzdGFrZS7CoCBBYm91dCB0aGUgb25seSB0aGluZyB0aGF0 IHRlbGxzIHVzIA0KPiBpcyB0aGF0IHRoZSBmYW1pbHlzZWFyY2ggaXMgYWJvdXQgYXMgY2x1 ZWxlc3MgYXQgc2VuZGluZyBlbWFpbHMgYXMgc29tZSANCj4gb2YgdGhlIHJlY2lwaWVudHMg YXJlIGFib3V0IHJlc3BvbmRpbmcgdG8gdGhlbS4NCj4gDQo+IElhbg0KSWYgZXZlcnkgY29t cGFueSByZXNwb25kZWQgd2hlbiBzb21lb25lIHNlbnQgYW4gZW1haWwgdW5kZXIgdGhlaXIg bmFtZSANCnRoZXkgd291bGQgYmUgaGF2ZSB0byBoYXZlIGEgcGVybWFuZW50IHN0YWZmIHRv IGhhbmRsZSB0aGUgdm9sdW1lDQoNCkkgZG9uJ3Qga25vdyBob3cgbWFueSB0aW1lcyBoYXZl IHJlY2VpdmVkIGVtYWlsIGFuZCBwaG9uZSBjYWxscyB0aGF0IA0Kd2VyZSBtYXNxdWVyYWRl IGFzIHNvbWVvbmUgb3Igc29tZXRoaW5nIGVsc2UuDQoNCldoaWxlIElkZWFsbHkgd2Ugc2hv dWxkIGVsaW1pbmF0ZSBpdCwgaXQgaXMgbGlrZSBjaHVjayBob2xlcyBpbiB0aGUgDQpzdHJl ZXQgeW91IGRyaXZlIG9uLCBzb21ldGhpbmcgdG8gd2F0Y2ggb3V0IGZvciBhbmQgYXZvaWQu
DQo=

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

knuttle wrote:

If every company responded when someone sent an email under their name
they would be have to have a permanent staff to handle the volume

If a company sends me an email expecting me to read it they should be
prepared to receive andy reply I might send. That's just good manners.
If that would place too great a strain on them it tells them one thing:
their email isn't really that important so they shouldn't send it.

I suspect that all too often the reason they won't look at replies is
that the feedback they'd get about their spam would be too upsetting for
the precious little marketroids who'd have to read it.

In any case, it was a support email I queried it with, not the noreply
that sent it. I expect support desks to respond - it's their job.

I don't know how many times have received email and phone calls that
were masquerade as someone or something else.

While Ideally we should eliminate it, it is like chuck holes in the
street you drive on, something to watch out for and avoid.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

Ian Goddard wrote:

Oops, sent early instead of minimised.

knuttle wrote:

If every company responded when someone sent an email under their name
they would be have to have a permanent staff to handle the volume

If a company sends me an email expecting me to read it they should be prepared to receive andy reply I might send.  That's just good manners.
If that would place too great a strain on them it tells them one thing:
their email isn't really that important so they shouldn't send it.

I suspect that all too often the reason they won't look at replies is
that the feedback they'd get about their spam would be too upsetting for
the precious little marketroids who'd have to read it.

In any case, it was a support email I queried it with, not the noreply
that sent it.  I expect support desks to respond - it's their job.

I don't know how many times have received email and phone calls that
were masquerade as someone or something else.

Exactly. So anyone - even familysearch.org users should be extremely
careful of such and not respond to them. In my case any unsolicited
email like that gets either dumped or handled with metaphorical tongs
and asbestos gloves. Some of those responding to the thread were
clearly oblivious to the dangers.

No responsible organisation should send out such emails. When they do
it tells me one thing about the individual or team responsible: they see nothing wrong with the possibility that their recipients could respond
and that they are, therefore, would see nothing wrong in responding to
similar unsolicited messages asking then to click on a link. Such
people are a danger to the businesses or organisations for which they
work. Th ransomware thieves depend on them.

While Ideally we should eliminate it, it is like chuck holes in the
street you drive on, something to watch out for and avoid.

Any organisation needs to train its staff in use of email and treat
errors as disciplinary matters.

There have been a number of cases where bulk emails have been sent out
CC rather than BCC in situations (e.g. STI clinics) where even the
identities of other recipients should have been regarded as
confidential. There have been cases where confidential information has
been sent to the wrong person or even a mailing list. It's not a cse of ideally we should eliminate it. Such mistakes can represent a serious
threat to the organisation that makes them and sometimes to their customers.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

Op 15-05-2023 om 03:53 schreef Denis Beauregard:

On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Searching for the text online indicates that others have received them
as well bu no explanation on a look.

Perhaps this ?

https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean

This sounds like a mistake when testing some new feature !

I don't think so. I followed the link to the beta community, and signed
in with my existing FamilySearch account. I did that, because I felt
safe enough to do so, because it looked like a legitimate page in the FamilySearch domain, and it logged me in in the usual way, using the
standard FS authentication.

Anyway, when I did that, I was immediately promoted to level 1, which
probably just meant that I am a member now. That's all there is to it,
in my mind.

Regards,

Enno

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

Enno Borgsteede wrote:

Op 15-05-2023 om 03:53 schreef Denis Beauregard:

On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Searching for the text online indicates that others have received them
as well bu no explanation on a look.

Perhaps this ?


https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean


This sounds like a mistake when testing some new feature !

I don't think so.

It was. familysearch.org have confirmed that to me:

"Last week we changed one of the settings in the Beta Community, which
is a testing site that we use before anything gets launched here in this Community. That change triggered a mass email that we did not know was
going to be sent. We are still exploring why the email was sent and who
got it. We are so sorry for the confusion.

Please disregard these emails or any others that direct you to the Beta Community."


I followed the link to the beta community, and signed

in with my existing FamilySearch account. I did that, because I felt
safe enough to do so, because it looked like a legitimate page in the FamilySearch domain,

Thousands of people have done similar things because they felt safe
because it looked like a legitimate page in a legitimate domain.

You were lucky this time. It was a legitimate domain, only the email
was an error.

What has happened is that familysearch.org have now trained you to be
accepting of emails which look as if they've come from a trusted source
and to click on and log into what looks like a trusted site. And next
time you do that it might be a scammer. You might get your bank account emptied. If you do that on a work computer your company might get taken
down with ransomware.

This time you were lucky. Next time you might not be. I repeat, this
time you were lucky. Please don't push your luck.

Ian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On 16/05/2023 12:16, Ian Goddard wrote:

Enno Borgsteede wrote:

Op 15-05-2023 om 03:53 schreef Denis Beauregard:

On Sun, 14 May 2023 10:06:25 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote in soc.genealogy.computing:

Searching for the text online indicates that others have received them >>>> as well bu no explanation on a look.

Perhaps this ?


https://community.familysearch.org/en/discussion/145181/what-does-notification-promoted-to-level-1-mean

This sounds like a mistake when testing some new feature !

I don't think so.

It was.  familysearch.org have confirmed that to me:

"Last week we changed one of the settings in the Beta Community, which
is a testing site that we use before anything gets launched here in this Community. That change triggered a mass email that we did not know was
going to be sent. We are still exploring why the email was sent and who
got it. We are so sorry for the confusion.

Please disregard these emails or any others that direct you to the Beta Community."

I followed the link to the beta community, and signed

in with my existing FamilySearch account. I did that, because I felt
safe enough to do so, because it looked like a legitimate page in the
FamilySearch domain,

Thousands of people have done similar things because they felt safe
because it looked like a legitimate page in a legitimate domain.

You were lucky this time.  It was a legitimate domain, only the email
was an error.

What has happened is that familysearch.org have now trained you to be accepting of emails which look as if they've come from a trusted source
and to click on and log into what looks like a trusted site.  And next
time you do that it might be a scammer.  You might get your bank account emptied.  If you do that on a work computer your company might get taken down with ransomware.

This time you were lucky.  Next time you might not be.  I repeat, this
time you were lucky.  Please don't push your luck.

Unfortunately big organisations that should know *MUCH* better do this
sort of thing all the time. I got one this morning which I believe to be genuine from the Charities Commission that was indistinguishable from a sophisticated spear phishing attack (and may yet prove to be one).

It was titled "Setting up your Charity Commission Account" and tells me
that I will have to follow a magic link that they will send me shortly
in a later email to verify my credentials. The phone number given for
support is the genuine one from their own website...

Injection was via a probably government Amazon hosted mail server.

WTF they can't port the existing credentials over to the new system I
don't know. I expect it is an IT problem of pay peanuts get monkeys.

I have complained to them about just how stupid this is as an SOP but I
don't honestly expect much if anything by way of a reply :(

--
Martin Brown

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: soc.genealogy.computing

On Mon, 15 May 2023 10:53:17 +0100, Ian Goddard
<ian_ng@austonley.org.uk> wrote:

Yes but it doesn't say much apart from the fact that there are a lot of >people out there who will click on links in an unsolicited email and
even try to log in when those links offer a login page.

I sometimes do that. They are usually phishing attempts, sent from an
obviously fake address, and if they ask me to log in I do so with a
fake user name and password, so they can waste a bit of their time
too.


--
Steve Hayes
Web: http://hayesgreene.wordpress.com/
http://hayesgreene.blogspot.com
http://groups.yahoo.com/group/afgen/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)