Tuesday, July 06, 2010

How to Detect a Phishing Email

Our anti-spam filters do a pretty good job of keeping junk out of your email box. But filtering is a cat and mouse game. The scammers and spammers want to get their message to you and work night and day to figure out how to get around filters. The good guys want to keep them out and work night and day to block the latest clever way to thwart their filters. This means that every once and while something is going to get through. This week a few phishing messages got through.

These guys works really hard to make sure that their scam mail looks as close as possible to the real thing. So there will be elements that are correct. I have highlighted those in yellow. There are areas that are wrong too, I have circled those in red.

 

image

What’s Wrong?

A Friend has sent you a Hallmark E-Card: This should read, Amy Babinchak has sent you a Hallmark E-Card. It should not be generic. It should list the full name of the person or organization sending you the card.

The second item is more insidious and it is where the poison pill is located. Look at what happens when I move my cursor over the URL.

image

URL’s highlighted in blue are not really web links even though they look like them. They are just blue underlined text to indicate that you can click here and they themselves are linked to an underlying URL. The underlying URL is exposed in Outlook by moving your mouse cursor over it (just don’t click) and a little message box will appear. The message box will show you what will really happen if you click. In this case, if I click a web server in Russia (.ru) will download and run a program on my computer (.exe). This would infect my computer with an application that will scan my computer for credit card numbers and social security numbers. It might even uninstall itself after it is done. They are getting smarter all the time.

As always be careful out there and keep a sharp eye out for phishing scams. If you are using our partner Exchange Defender and you get a phishing email send it to spam@ownwebnow.com so they can analyze how it got through. You won’t get a response but you will help it from getting through again.

0 Comments:

Post a Comment

<< Home