MyHeritage Users Being Targeted with Phishing Emails – Other Vendors May Be Next – Instructions to Protect Yourself

hack fraud.png

An email containing an image, shown below, saying MyHeritage V2 ethnicity estimates are available is being sent from a fraudulent email account, info@myheritaqe.com (with a q instead of a g), encouraging users to click to review their matches.

hack q

This email was not sent by MyHeritage and is fraudulent. DO NOT CLICK. Delete.

hack mh fraud email.png

MyHeritage users are receiving emails from a fake account with the subject “Ethnicity Estimate V2” which attempts to lure users into signing into a fake website set up to look like the legitimate MyHeritage website. The fake website has a similar domain name, except with a q instead of a g, and has stolen the MyHeritage main website picture to look legitimate.

Please read the MyHeritage article, here. To be very clear, MyHeritage has NOT been breached, but bad actors have harvested emails, probably from the GEDmatch security breach, which I wrote about here, and are using them to try to target MyHeritage users.

Word of warning – any other vendor’s customers may be targeted too. Be very very leary right now of any emails.

What Happened?

It appears that email addresses retrieved from the GEDmatch breach either are or may be being used to target users. Be sure if you are going to renew a subscription that you are on the legitimate website, by verifying that the website name in your browser line shows the MyHeritage name accurately and not misspelled in any way.

hack web

Note the g instead of a q – this is the legitimate MyHeritage website.

To date, there are no reports of MyHeritage users who did NOT upload to GEDmatch from MyHeritage receiving targeted emails, but that may simply be a matter of time.

Other Vendors

There are also no reports of GEDmatch customers who uploaded files from other vendors being targeted, but that may be coming. Stay vigilant.

Protect Yourself

Always, always check the sender information and look for words that are similar but not accurate. Examples might be 23amdMe instead of 23andMe, or Ancesty instead of Ancestry or FamlyTreeDNA instead of FamilyTreeDNA. You get the idea. These are just examples that your brain “fixes” for you – which is what hackers are counting on.

Here are some ways to protect yourself:

  • At MyHeritage turn on two-factor authentication. Their article includes instructions.
  • When looking at emails, always truly LOOK AT and evaluate the sender.

These are examples of legitimate emails.

hack email ftdna.png

I can see that this website name is accurate.

hack email mh

I can see that MyHeritage is spelled correctly here, and it matches all of the other Smart Match notifications I’ve received.

hack ancestry.png

This is the address my Ancestry notifications come from, spelled correctly.

hack 23andme

And at 23andMe.

Please note that a normal email doesn’t guarantee that the email is legitimate, as addresses can and are spoofed regularly. However, an odd email guarantees that it’s NOT legit.

Protection on a Phone

On my phone mail, I click on the sender’s ID a couple of times until it finally displays in this format. I retrieved this email out of my spam folder, someone wanting me to click on a link. Yea, right.

Clearly, this person is not Chondell Campbell.

Hack chondell.jpg

I don’t know a Chondell Campbell, but even if I did, email addresses are hijacked all the time. I would never, ever click on any link that I can’t clearly see, nor from someone if I wasn’t expecting the information.

Call me paranoid but I’m also safe.

Change Your Password

Just to be safe, you may want to change your passwords occasionally. Don’t use the same password on multiple sites. If you already have, change them now.

Always pick a very irritating long secure strong password. You may want to use a tool like LastPass. Some people use song lyrics.

I’ve noticed a real uptick in bad-actors and emails with phishing attempts in the past few weeks/months. Increase your suspicion level from yellow to full-on red right now.

hack stop light

Don’t Click

Don’t click until you are sure, on emails, on messages, on social media or on any website. Not EVER!

We Will Get Through This

I know this is disheartening on top of pandemic and politics and whatever else is going on in your life. Keep heart. We’ll get through this.

_____________________________________________________________

Disclosure

I receive a small contribution when you click on some of the links to vendors in my articles. This does NOT increase the price you pay but helps me to keep the lights on and this informational blog free for everyone. Please click on the links in the articles or to the vendors below if you are purchasing products or DNA testing.

Thank you so much.

DNA Purchases and Free Transfers

Genealogy Products and Services

Genealogy Research

Fun DNA Stuff

  • Celebrate DNA – customized DNA themed t-shirts, bags and other items

13 thoughts on “MyHeritage Users Being Targeted with Phishing Emails – Other Vendors May Be Next – Instructions to Protect Yourself

  1. Roberta, this is very bad for the future of folks who might be now be contemplating doing a DNA test, as well as those who already have. We need you to show that the DNA info most tests reveal, does not reveal the exact identity of the tester, only who he/she matches.

  2. I had a “you have new matches” email this morning from Living DNA. I did look at them, but I think I logged into the website, rather than click in the email … hope so, anyway!

  3. Thank you for this warning.

    Perhaps folks should know that many (most?) email programs and browsers will display the actual URL (link) or email address that underlies whatever words are shown on an email or webpage. Generally they appear in the bottom left of the window. Even that can be deceiving because sophisticated phishers will have something that closely resembles the real thing – it can take some experience to recognize the real from the fake. In any case it is always preferable to sign in to a site by typing in the URL, not by clicking on a provided link.

      • But still use the links on Roberta’s website to purchase a test, so she can get a small contribution, which will keep her website going and make it possible for her to keep us informed of situations just like this!

  4. Thank you for the informative post. I appreciate the swift and transparent public remarks from both Gedmatch and MyHeritage.

  5. I got an email in the middle of the night last night that said it was from Last Pass, and said that my account had been compromised on several different websites including My Heritage. But I don’t and have never used Last Pass. It had links to the sites that it said had been compromised. I clicked nothing.

  6. My only disagreement with you, Roberta, is the assertion that black researchers have absolutely no resources before 1870. In fact, there are many many resources out there for black researchers. It’s just that it takes a lot more digging than most white researchers have to do. Items like wills, inventories, even censuses for free persons of color, tax records, freedmen’s bureau records… the list really goes on and on. I would encourage you to change that statement. Otherwise, I am very grateful for everything that you have written about DNA here. For some reason, this message is not getting through to all the people who need to know it.

Leave a Reply