• Moonrise2473@feddit.itOP
    link
    fedilink
    English
    arrow-up
    112
    ·
    3 months ago

    They know my name, yet they wrote “Dear Google Workspace Administator” as the most generic phishing attempts.

    • rxin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      9
      ·
      3 months ago

      Yeah actually, any non-spam email should always address you by name and that’s a rule. Many services also have this in their e-mail footers “This e-mail is for XXXXX” etc. because a typical mass sent garbage mail won’t know your name.

      • Trainguyrom@reddthat.com
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 months ago

        When I worked the email marketing opt out queue I relied heavily on the “this email was sent to [email address]” because 9/10 reports that the opt out didn’t work, they had setup forwarding from one email address to another

    • Rhynoplaz@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      28
      ·
      3 months ago

      Were you expecting a Google employee to notice the issue, think “Uh oh, I better let Moonrise know about this!” and type out an email for you?

      • Vent@lemm.ee
        link
        fedilink
        English
        arrow-up
        44
        ·
        3 months ago

        Email templates are ubiquitous and can easily insert names and any other variable.

      • Moonrise2473@feddit.itOP
        link
        fedilink
        English
        arrow-up
        20
        ·
        edit-2
        3 months ago

        Do you know that’s trivial to write a marketing email like

        “Dear <name placeholder>…”

        I get that Google is just a startup with limited resources and can’t afford expensive marketing tools, but this is a basic feature offered in every marketing email software, even free ones.

        The reason is that a phishing scammer usually just got a leaked/stolen email list without names, and by stating “dear <name>” they show that it’s not a phishing.

        Once you train users that generic emails with “click here to read the message” are legit, then phishers have an easier life.

        In this specific case they’re just announcing that a Google service that nobody was using has been killed (as is tradition) and they’re going to delete the data, there’s no reason at all to have a “click here to read”.