I’m very careful with privacy and security so I was surprised I got an obvious phishing email from “American Express”. I reported the email and moved on only to get another one today. I checked haveibeenpwned and it came back clear. I have never gotten a phishing email before the other day. As for the senders, they all came from generic IT sounding email addresses. They obviously weren’t American Express.

  • @jaybone@lemmy.world
    link
    fedilink
    42 months ago

    I’ve used this many times before. But this is so well known I wonder, why wouldn’t spammers/scammers just remove the “+” and trailing characters before “@“?

    • xigoi
      link
      English
      22 months ago

      True. A more reliable way to achieve this is to buy a domain and use addresses in the form websitename@your.domain.

      • @jaybone@lemmy.world
        link
        fedilink
        52 months ago

        Yeah that also usually comes up in these types of discussions. Even for technical people, that approach can be a pain to manage.