Your Online Payment

by Dan Strom on August 13, 2010

We have been seeing an increase lately in a specific type of phishing email being sent to both company and personal email addresses. I have received variations of this coming to me in my personal email accounts. Some have been making it past the spam filters that we use for the work email.

Phishing email are sent to a person in an attempt to get you to click on a link that is in the email. Sometimes that link will install malicious software on your computer. Other times the link may take you to a legitimate-looking web page where you are encouraged to enter userid/password combinations or credit card information. Many people fall victim to phishing scams.

Here are a couple of examples of email that have been received. If you take the time, you can see the tell-tale signs of phishing.

phish1.jpg

Let’s look at the first one.

This email looks like it is from Chase bank. It even has the correct logo. It looks legitimate, but it is not. It shows a recent payent of $117 on 8/6/10. How can you tell if it is real?

  • Red Flag #1: The recipient of this email does not have a Chase credit card. Chase would not send a payment confirmation if you do not have an account.
  • Red Flag #2: The recipient did not make a payment of $117 to Chase.
  • Red Flag #3: Look at the From: address at the top of the image. It shows that it is from someone at royalgreenland.com. A real email from Chase would be from someone at chase.com.
  • Red Flag #4: Only one of the links in the body of the email indicates that it will take you to chase.com. In the original, if you hover the mouse pointer over the links, they point to places other than chase.com

 

phish2.jpg

 

Looking at the second example, we can see that this purports to come from amazon.com and looks legitimate. But…

  • The recipient did not place an order with amazon.com
  • The From: address is not amazon.com
  • Hoving your mouse pointer over the links points to places that are not amazon.com

I have seen similar email that supposedly come from Best Buy, also.

So, watch out for the links that are in email messages you receive. Check to see if it is reasonable that the company is sending you email. Look at the From: address to see if it matches the company listed in the email. Before clicking links in the email, hover your mouse pointer over the link to see where the link goes.

Just be careful.

- Dan

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Tagged as: Phishing

Leave a Comment

Spam Protection by WP-SpamFree

Previous post:

Next post: