Let's go phishing! How to recognise a scam

(Classified under: Security)

Posted on 19 September 2016

A new variant of a long-standing phishing scam has begun circulating on the web in the last 48 hours.

The emails are presently being sent to the registered contact of top-level domains (.com, .net, .org etc.) but most likely, it won't be too long before they start targeting other domain extensions, such as .com.au, .co.uk, .co.nz and the like.

The emails have a subject line of: Notification: {your name} - {your domain name}, so if you get an email with this subject line, the best thing to do is delete it.

View an example of one of the latest phishing emails

While these particular emails do mention that they are a solicitation (perhaps as a thinly-veiled attempt at legitimacy), they also have many of the characteristics of phishing emails in general...

So what is phishing?

Well, when you think Phishing, remember the 3 P's. The bad guys are after Payments, Passwords or Personal Details.

  • They may ask for PAYMENT for a supposed service that you cannot necessarily trace or ascertain whether you've actually got any benefit from. They might also just as easily want to collect your credit card details to sell on the black market or rack up a big bill somewhere overseas;
  • They may try to get your PASSWORD, often by sending you to a website that looks legitimate, but is actually crafted to simply look like the real thing. For example, the link in the email may send you to a supposed banking website - once you sign in, so do they, and drain your bank account!
  • They may be after your PERSONAL DETAILS to be able to either help steal your identity, or sell your information to someone else who will try to steal your identity.

Here are some things to look out for with phishing emails:

  • The Unexpected Email: Phishing emails often arrive unexpectedly and may refer to a service that you have not requested or a circumstance which is unexpected (such as action to suspend your bank account, PayPal account or similar).
  • The Unknown Sender: Phishing emails may come from a sender, organisation or domain name that you don't recognise. Sometimes they come from a name that you think looks almost familiar...
  • The No-Name Sender: Having an email arrive in your In-box that only shows the email address of the sender (rather than their name) should set alarm bells ringing!
  • Dear User: If you are not identified by name in the email, you can bet that the email is bogus. However, even if your name does appear in the email, there's still a chance that it could be fraudulent. There are plenty of public sources that the crooks can get hold of your details to include in scam-mail, including domain registries, company registries, public forums that you might have posted to, online telephone directories, your company website, social media, and the list goes on. Even if you see your name, don't assume that you know the sender.
  • It's urgent! There is often a sense of urgency about scam emails - something really bad will supposedly happen if you don't do what they are asking right away. In reality, this is just to get you flustered and help prevent you from thinking clearly about whether the email is legitimate or not...
  • Bogus Links: If the email displays one domain, but when you mouseover the link, your email client says a different domain (or worse still, an IP address) - watch out! There are a couple of different ways that the bad guys do this, from images to display the initial link, to tool-tip text, to using a link with an @ symbol in the link. Even if a link looks legitimate, if you have any concerns about the rest of the email, do not click on that link!
  • Fax your life away: Sometimes phishing emails don't actually contain links. Instead, you get asked to fax your credit card details. Yes, facsimile is old technology, but it's just what the scammers want you to use - just in case you have Internet security software that might otherwise prevent you from going to their bogus website.
  • Attachment Surprise! Never open an attachment if you don't know the sender, aren't expecting the sender to send you the attachment or if anything about the email makes you concerned. If in doubt, delete the email and contact the person by phone, relying on the White/Yellow pages, rather than a phone number listed in the email itself.
  • Bad spelling/grammar: Many phishing emails originate from overseas, often from countries where English may be a second language. Look out for bad spelling, poor grammar or irregular turns-of-phrase. These could indicate a phishing email.
  • Things just don't add up: Often, there may be other inconsistencies in an otherwise perfectly-good-looking email that just make it seem a little "off"... You may not be able to put your finger on exactly why, but something tells you that the email isn't everything that it's making itself out to be. Trust your instincts and delete the email!

There's a saying about odd emails... "If in doubt, chuck it out!"

How well do you think you can recognise a bogus email?

Read more about phishing on the Dell SonicWALL website and take their quiz to see how you would go at recognising a phishing email.

Protect your In-box

If you're not already using our Mailflow email filtering software to help protect your In-box, please contact us to discuss getting it set up for you.

 

 


NB: Information presented here is general in nature, does not take into account your particular situation and should not be used in place of professional IT consultation.