Phishing is the attempt to acquire sensitive information by posing as a trustworthy entity in an electronic communication. It is typically done through e-mail spoofing or instant messaging – instructing users to perform further action, such as clicking on links, submitting forms or entering details at a fraudulent website that looks and feels legitimate, when in fact it is a scam.
Phishing scam spam is not just annoying, it’s downright dangerous.
Posing as legitimate messages, they may be doorways to malicious outcomes. Their main goal is to trick you into clicking on the links withing, and that’s when the damage begins. This type of email activities is called phishing.
An entity behind phishing can get a hold of your sensitive information that entails personal, financial, and other proprietary information, including usernames, passwords, and credit card details – to use at their discretion, be it using it to commit identity fraud, hack into your financial accounts, or resell to other criminals.
Anti-Malware such as anti-virus, anti-phishing and e-mail filtering software can offer some protection against harmful software that resides within a computer.
What does a phishing email look like?
By now, all of us encountered some form of the scam spam. You have probably come across a Nigerian Money scam, where a prince or a secret accountant offers you boatload of money for using your account, or an email from someone who was supposedly robbed while on vacation and needs money to get back home…
Here are a couple of examples of an Account Impostor Email. These arrived to my mailbox a while ago and I kept them for a reference – click to enlarge and notice that I have highlighted the areas of our interest for this article.
Account Impostor Email Scam Method Analysis
One email is titled “Account Update”, and it supposedly comes from “FedEx”, and the other one is titled “Confirmation of email address change”, from “American Express”. Scammers count on fact that all of us have some type of account – and a lot of us have accounts with FedEx or American Express. And for those of us who don’t, we still react to an “Account Update” or “Email address change confirmation” call – when we don’t have an account, and have not made a change to an email settings, we want to clear it up and see what’s the matter. So, chances are, we will at least open that email.
Scammers hope that you will not realize that it is a fake email – because it uses a famous-brand logo and company name – in this case it is FedEx. Notice that company logo and domain name used throughout the email, and even a picture of a smiling FedEx employee with a branded shirt is used to give that legitimate feeling to this email.
It also accounts for our fear of loss – notice that text in this email threatens you with consequences if you do not act – in this case they use the words Suspension (capitalized, too – implying importance). It also gives you a short deadline for your action (48 hours). The other one triggers “they have the wrong email address!” fear, and expect you to jump in on the action to correct an erroneous record.
Used by marketers everywhere, Calls-to-action are a very powerful tool. Things like “Buy Now”, or “Click Here” or “Send Request” are calls to action – great little helpers to persuade you to follow-through with the offer. In this email, suggestion to update your account, and then the line to Log in to fedex.com is a Call-to-Action – scammers hope you click on the link, and here is where the surprise awaits you: IT IS A SCAM.
There may be various things that can happen if you click on that link, but most commonly, it could lead to 2 things: a) identity theft or b) malicious act of damage.
Even with my super anti-virus protection, I did not want to click on the links to find out. So, we’ll discuss this one in theory.
This is a scenario where crooks hope that you will fall for their scam as a legitimate request, and will provide them with some form of authentication – username and password, full address, perhaps even a credit card information. By themselves, little tidbits of information may not look harmful, but they can be used elsewhere to aid scammers in accessing more information on you, and ultimately using it as means for identity theft.
There may be different malicious actions taken – you may be taken to the page that can prompt you to download a program, or click on further links – and ultimately result in getting your computer infected. It may be done to simply damage your computer system by infecting your computer with a virus, or to install a malware and spyware on your computer, that can provide scammers with more information on you, stealing your passwords and personal information directly from your machine. If you suspect your computer has been infected by a virus or spyware, you may need to run diagnostics and have your computer system – or perhaps even a network – repaired.
Most of programs allow you to preview the link before clicking on it. In my case, Microsoft Outlook displays a window with full URL – once I hovered my pointer over supposed fedex.com link, a true link to a domain with a Brazilizan extention .br appeared. It still has the word “fedex” in the link somewhere, but if you pay attention, you realize it is not an authentic link. You can also check the email properties – it may look like lots of gobbledygook, but you should be able to find the line that says “Received:” – in my case, it came from the server at webmail.yujii.com.tw – which is in Taiwan. Again, not a likely FedEx resource.
The most simple advice – slow down. Don’t just glance over logos and assume it must be legitimate. Pay attention to little details.
Use common sense. Credible organizations do not send emails of this kind. If there is an issue with your account – if you have any – they will still send you a good old “snail mail” – an actual letter. When in doubt – delete the email, and go directly to the institution’s website – in this case, I would open my browser, and in the browser window I will go directly to the source – in this example, to http://www.fedex.com – or better yet, use the official phone number and call the organization directly to speak with an authorized representative about your account.