A LoyaltyLobby reader forwarded us an email this morning that appeared to come from the Thai Consular asking for information to confirm their application.
Sebastian already covered the issue of a leak or hack (read more here) that had likely exposed a database of Thailand Pass and Test & Go applicants that started to receive fraudulent emails pretending to come from the consular department.
You can access Thailand Test & Go website here.
Email From The Reader:
I got this odd email that is seemingly genuine in source (same domain/email extension as when I received my actual Thailand Pass).
This is odd as a scan/photo of my passport was submitted as one of the application documents.
I am currently in Thailand and only have a few days remaining. Plus, I will not exceed the 30-day visa exemption period.
So I am finding it hard to find any valid reason for this.
Do you think this has been sent in error?
Let me start by saying that the email is FAKE. The domain from which the email was sent is “Thailand Pass <firstname.lastname@example.org>.”
The correct address for Thailand’s Test & Go application website is https://tp.consular.go.th/.
If you try to open the website of the fake domain, you get a 403:
Thailand Test & Go Website Warning:
There is a note on the real Test & Go website about the fake emails that have been sent to applicants.
Sebastian’s Piece About The Hack:
Thailand Pass Database Hacked, Beware Of Malicious Emails With Fake QR Codes
Regrettably, hackers have gained access to the database containing at least some if not all applicant information.
There are mistakes on that email that should be red flags but believable, especially for those who are not native English speakers. They are, however, using website addresses that look quite like the real one.
It also doesn’t help that Thailand has used several website addresses and email addresses, some even Gmail, for these Test & GO and Sandbox application communication.