Monday, April 16, 2012

by Christina Wilkinson of SabreDesign.com

First of all, the IRS does not make contact with anyone through email. So if you get an email that looks official, the good news is that it's a scam, here's a link to their website to find out how to report it: http://www.irs.gov/newsroom/article/0,,id=155682,00.html

Now that I've taken care of the scariest of email phishing scams, on to the others.

Lately I've been getting tons of phishing emails. And I admit, it's my own fault. I don't use those contrived opt-in email engines so that you're able to email me and I don't have my email server to automatically set up to delete emails that it thinks are spam. So there I am on a Monday morning, sorting through about 100+ emails; spam and everything. I do this not because I'm OCD, but because my clients are important and I want to make sure there's no reason for me to not receive email from my own clients. It's a pretty simple system for me and I prefer it that way.

Well I got this email from NewEgg.com on April 9, 2012 (click on photo to enlarge).


The malicious link is circled in RED above to show
that if the link is clicked, NewEgg is not the recipient.
At first glance, it looks pretty legitimate except that I have never ordered from this company. My first thought was to get upset at NewEgg, but they're not really the culprit here. If you use your mouse to hover over the links that the email provides, hocus pocus! You see a totally different website for your response if you were to click on it. DO NOT CLICK on these links! For that matter, don't ever click on any suspicious links.

Instead, I went to NewEgg's website and I went to their 'Contact' menu. I took a screen capture of of this email and sent it to them (including the bogus link). Then I went to GoDaddy.com and I did a look up for the main URL/Domain name. It was there that I found out who owns that specific website and who the host is. When I went to the normal part of the website (the main URL only, not the extension), it's a photography website. Seems innocent enough. But does the owner of that website know that this phishing email was sent out and uses their website? Maybe the owner did it himself? I have no idea. So I contacted the owner's host directly and reported the malicious link.



Wouldn't you know that less than a day later, the host emailed me back letting me know that they've removed the phishing link and warned the owner.

Now today I just got the email (shown below) from Verizon. At one time I did have a Verizon account, but it's been since early 2000. So I knew right away that this wasn't legitimate.

The *.com.ec extension shows that if you click on the link
you won't be on Verizon's website.
When I hovered over the link, it showed a *.com.ec extension which means it's from Ecuador. After a little more research, it shows that it's a construction company website.

I haven't gone as far as reporting it to the host yet, but I will be doing that just as I did for the other phishing email.

Another phishing scam is a pizza delivery email. It says that your pizza is ordered, the amount (in some cases shows an official receipt) and proceeds to say that if you didn't order the pizza to click 'CANCEL'. This is a trick to get you to click on the cancel link. Don't do it.

If you've already clicked on an email link, the damages that arise from phishing like this include the possibility of you not being able to access your own email to the loss of personal information which may lead to financial loss. So if you feel you've been phished, contact your bank right away to change account #s, change your email passwords, social media passwords and any other passwords you can think of.

Here are some tips to protect yourself from emails like this:

1. Never click on any link in a questionable or suspicious email.
2. Never click on any attachment in a questionable or suspicious email.
3. Take a screen capture of the email if you plan to report it or delete it.
4. Warn your family and friends about it.
5. Do not forward these emails. It only makes a phishing email look legitimate.


Additional types of phishing emails are disguised to look like they come from banks, Facebook invitations or any other social media invitation, your own business URL and sometimes a family member. If you'd like to know more about different types of phishing scams, read this article



NOTE: This article may be published on or offline with all credits attached.





0 comments:

Post a Comment

We value our readers so your comment is being moderated.