Fraudulent E-mail for Ride Operators

Hey guys, Haven't posted on here in forever...takes an act of god and here it is. I just got an e-mail about leadership applications and some other crap. It wanted information that the park already has if your a returning employee. Stuff like your Addy and Social Security Number. Information you should never give out online. The park never goes about getting your information this way. It was a fraudulent E-mail. so if you get it make sure you dont reply other wise some nasties will have your info!

Take care,
S
TL Demon Drop 05

Are you serious? How do you know??? *** Edited 12/2/2005 11:33:42 PM UTC by Top Thrill Dragster***

The e-mail had two attatchments and they were word documents and when I opend the one it was all messed up. The information given was general and I've worked at Cedar Point several years now and this is just not how they do it.

S

Not good. I already emailed it back.

I called CP, and HR doesn't open until Monday so there's nothing I can do.

This is bad.

I already informed management

S

Is rideemployees@cedarpoint.com a real Cedar Point email address? *** Edited 12/2/2005 11:45:21 PM UTC by Top Thrill Dragster***

No, each member of the management team has an email addy connected to @cedarpoint.com but that is not an actual email address. The only time any information might be exchanged is through the online site and thats after you are hired. Not to mention that the returners have already put in their applications, they are due before the end of the season.

S

Well crap! So what can I do?

Um nothing at the moment

To play devil's advocate... Although they may not have done this before... what is to stop them from changing things now?

Furthermore, by e-mailing your info back to the address given, there is no way someone outside of CP could get it. Most scam e-mails work by making people click on a link that looks valid, but really isn't. Even if rideemployees@cedarpoint.com doesn't exist, you are still e-mailing the Cedar Point websever, and no one without acess to it could get your e-mail.

Overall, it seems unlikely that this is a scam. If it is... a very poorly planned one.

Well, isnt it a little seedy that its coming from rideopemployees@cedarpoint.com (at least thats what mine was), when we work as "ride hosts" in the "PARK operations" division? Plus, it asks for our FRIENDS social security numbers. Hello red flags, good to see you!

Hmm.. did someone go through the ride operations address book? That's the only way I can think of this, because the only time I capitalized my email like that was for the address book. Weird....

To be on the safe side (just in case) I wouldn't send any information to this person until I have received official confirmation from CP's HR that this was sent out by CP. Until then I personaly wouldn't send ANY information.

Just my two cents.

~the clean up crew~

Hmm.. did someone go through the ride operations address book? That's the only way I can think of this, because the only time I capitalized my email like that was for the address book. Weird....

Well... wouldn't that be where Park Ops got your e-mail from? The only other place that the park would have that info is from the application and HR would have that. So if they didn't want to bother with HR, they might have just looked them up there.

Also... looking at the file information from the newsletter, the Author is listed as "kyerage". That information is automaticly added by word and taken from windows login information. Of course... it would only take two seconds to fake it... but it isn't something a lot of people think about.

I actually used a different account on my application (my school email doesn't have that much storage capacity, and I figured if they sent me a pdf or something, it wouldn't come through). That's true they might have used the book to bypass HR.. I'm going to play it safe and not answer until I hear something.

Relax people! There is nothing fraudulent about the e-mail. These are the same documents they have sent out over previous years to employees, only they decided to use e-mail instead of postal mail (due to BUDGET CUTS? wouldn't be surprised). They don't ask for any information that they have never asked for before. I guess they just decided to do it a little different this time around. Cedar Point JobNet is a secure server, but is under the exclusive control of HR. So, ParkOp just used the only database of Ride Operations e-mail addresses they had access to, the address book.

While I agree that it wasn't the most professional looking e-mail/document and it is a good rule of thumb never to send out sensitive information over unencrypted e-mail, i'm sure there's nothing to worry about. A good alternative would be to just print out the documents and send them to park op via US mail if you want, like has been done for years.

Just so that everyone knows this is a fraudulent e-mail. Do not respond to this email. There is a way to disguise the actual sender and even recipient of emails such as this. See the description below for more info.

If you have already replied to this email, you would be very wise to check your credit reports every week or two for the next 3-6 months minimum. It may take a few weeks or even months for anything to appear, but it is very likely that someone trying to get your social security number, etc. is going to use it to attempt to get credit. In this case it may even be worth signing up for a credit monitoring service for about $10/mo.

You can get one free credit report from each reporting agency at http://www.ftc.gov/bcp/conline/pubs/credit/freereports.htm.

This may be confusing but here is basically how this scam works so you can watch for it in the future.

When the email appears to be from rideopemployees@cedarpoint.com, the sender actually entered that as the sender's name, not the address that it was sent from. In outlook express you can double click on the FROM box and see the actual e-mail address that the message is coming from. This is a trick that is used by most fraudulent emails are sent. The same is true when you go to reply to the message. Even though it says that you are sending it to rideopemployees@cedarpoint.com, that is actually only the "name" or alias of the person that you are sending it to. The actual email address that it is being sent to can be viewed by double clicking on the address in the TO box of the reply. This will show you the e-mail address that the email is actually being sent to.

Just a common sense tip: Cedar Point would never ask for your social security number in an email. At most they would have you go to https://jobs.cedarpoint.com to fill out an application. If they really needed it for anything else, they already have it in your file because you would be a returning employee. And on that note, do not use any link in an email to go to an online application. Enter the address in the browser yourself. It is very easy to disguise the link to send you to a counterfeit copy site that is actually not Cedar Point's website but a data-gathering site. This happens all the time, especially with companies like PayPal, eBay, and banks. I have not seen it with Cedar Point yet, but somebody could try it so beware!

I hope I didn't confuse everyone too much, but it is very important to always be safe, especially when distributing personal information.

*** Edited 12/3/2005 4:44:09 AM UTC by RidePhoto101***

astrosgp said:
Relax people! There is nothing fraudulent about the e-mail. These are the same documents they have sent out over previous years to employees, only they decided to use e-mail instead of postal mail (due to BUDGET CUTS? wouldn't be surprised). They don't ask for any information that they have never asked for before. I guess they just decided to do it a little different this time around. Cedar Point JobNet is a secure server, but is under the exclusive control of HR. So, ParkOp just used the only database of Ride Operations e-mail addresses they had access to, the address book.

While I agree that it wasn't the most professional looking e-mail/document and it is a good rule of thumb never to send out sensitive information over unencrypted e-mail, i'm sure there's nothing to worry about. A good alternative would be to just print out the documents and send them to park op via US mail if you want, like has been done for years.

And how many people do you know that have their friend's social security numbers!!! Any time you are referring people to Cedar Point, they only want their name and email address. As I said above, email is not secure and Cedar Point knows that. They would never request your social security number via email, much less the social security number of your friends!

DO NOT RESPOND TO THIS EMAIL! At the very least contact Cedar Point HR directly before responding, but this IS a fraudulent email! Be VERY careful about how you give out your personal information online and via email.

You are right about everything you say, those are common tactics for "phishing" schemes, but do you have any evidence that these phishing tactics are being used in this specific e-mail? I don't see any. Matt, Karrah, Debra, and Steve are ride operations managers, not Internet security/identity theft experts. They just used a different medium this year to send documents they always send.

CP has always (well, at least the last two years) has always asked for your friends SSN's when reapplying and referring friends. Just cause they ask for it doesn't sutomatically mean it's all of a sudden a scam this time around.

As I said before, if you don't feel comfortable replying to the e-mail, don't. I'm not. But if you did, there's no reason to start ****ting bricks cause your identity has been stolen.

The irony is that this is the exact form they had for the last several years at least. Heck, I even recall it being on a blue sheet of paper. They sent out it around this time by mail. They ask for Social Security Numbers because of how the tracking system for employees works. There won't be a problem with two people having the same name.

All of the email addresses on the form send back to:
"rideopemployees(at)cedarpoint.com"

The cedarpoint.com part, which is not modifed, guarantees that it will go back to Cedar Point's email system. I'm sure why they used that over the individual emails per manager is so any of the managers can look at each of the replys instead of just one. I am a bit suprised that they didn't offer a snail mail solution for those with printers.

If you are actually worried about Identity theft for this or other reasons, then you can react by:

Checking out this site:
http://www.consumer.gov/idtheft/

And place a fraud report to one of these three credit bureaus which will get sent to the other two automatically. It does have a few advantages such as no preapproved credit card mailings for 5 years.

Equifax
P.O. Box 740241
Atlanta, GA 30374-0241
(800) 685-1111
http://www.equifax.com/

Experian (formerly TRW)
P.O. Box 949
Allen, TX 75013
(800) 682-7654
http://www.experian.com/

Trans Union:
760 West Sproul Road
P.O. Box 390
Springfield, PA 19064-0390
(800) 916-8800
http://www.transunion.com/

There is much information to be found than I can easily give you. Don't be turned off by the fact that these companies also have credit tracking options at a price. While they aren't needed, they come in handy for some people.