Phishing is the attempt to acquire sensitive information by posing as a trustworthy entity in an electronic communication. It is typically done through e-mail spoofing or instant messaging – instructing users to perform further action, such as clicking on links, submitting forms, or entering details at a fraudulent website that looks and feels legitimate, when in fact it is a scam.
Phishing scam spam is not just annoying, it’s downright dangerous.
Posing as legitimate messages, they may be doorways to malicious outcomes. Their main goal is to trick you into clicking on the links within, and that’s when the damage begins. This type of email activity is called phishing.
An entity behind phishing can get a hold of your sensitive information that entails personal, financial, and other proprietary information, including usernames, passwords, and credit card details – to use at their discretion, be it using it to commit identity fraud, hack into your financial accounts, or resell to other criminals.
Anti-Malware such as anti-virus, anti-phishing, and e-mail filtering software can offer some protection against harmful software that resides within a computer.
What does a phishing email look like?
By now, all of us encountered some form of scam spam. You have probably come across a Nigerian Money scam, where a prince or a secret accountant offers you a boatload of money for using your account, or an email from someone who was supposedly robbed while on vacation and needs money to get back home…
Here are a couple of examples of an Account Impostor Email. These arrived to my mailbox a while ago and I kept them for reference – click to enlarge and notice that I have highlighted the areas of our interest for this article.
Account Impostor Email Scam Method Analysis
Used by marketers everywhere, Calls-to-action is a very powerful tool. Things like “Buy Now”, “Click Here” or “Send Request” are calls to action – those little triggers designed to persuade you to follow through. In this email, the suggestion to update your account, and then the line to login to fedex.com is a Call-to-Action – scammers hope you click on the link, and here is where the surprise awaits you: IT IS A SCAM.
One email is titled “Account Update“, and it supposedly comes from “FedEx“, and the other one is titled “Confirmation of email address change“, from “American Express“. Scammers count on the fact that all of us have some type of account – and a lot of us have accounts with FedEx or American Express. And for those of us who don’t, we still react to an “Account Update” or “Email address change confirmation” call-to-action. It is especially true when we have an account but have not made a change described in the phishing email: we want to clear it up and see what’s the matter. The email looks familiar because the scenario that it suggests is something that happens in real life. So, chances are, someone will at least open that email.
Scammers hope that you will not realize that it is a fake email – because it uses a famous-brand logo and company name – in this case, it is FedEx. Notice that the company logo and domain name are used throughout the email, and even a picture of a smiling FedEx employee with a branded shirt is used to give that legitimate feeling to this email. It is designed to look credible to pacify you.
On the opposite side, phishing strategy also counts on our fears, such as loss – notice that text in this email threatens you with consequences if you do not act – in this case, they use the word Suspension (capitalized, too – implying importance). It also gives you a short deadline for your action (48 hours). The other one triggers “they have the wrong email address!” fear, and expects you to jump in on the action to correct an erroneous record.
There may be various things that can happen if you click on that link, but most commonly, it could lead to 2 things: a) identity theft or b) malicious act of damage.
Even with my super anti-virus protection, I did not want to click on the links to find out. So, we’ll discuss this one in theory.
This is a scenario where crooks hope that you will fall for their scam as a legitimate request, and will provide them with some form of authentication – username and password, full address, perhaps even credit card information. By themselves, little tidbits of information may not look harmful, but they can be used elsewhere to aid scammers in accessing more information on you, and ultimately using it as means for identity theft.
There may be different malicious actions taken – you may be taken to the page that can prompt you to download a program, or click on further links – and ultimately result in getting your computer infected. It may be done to simply damage your computer system by infecting your computer with a virus, or to install malware and spyware on your computer, that can provide scammers with more information on you, stealing your passwords and personal information directly from your machine. If you suspect your computer has been infected by a virus or spyware, you may need to run diagnostics and have your computer system – or perhaps even a network – repaired.
Most of the programs allow you to preview the link before clicking on it. In my case, Microsoft Outlook displays a window with a full URL – once I hovered my pointer over the supposed fedex.com link, a true link to a domain with a Brazilian extention .br appeared. It still has the word “FedEx” in the link somewhere, but if you pay attention, you realize it is not an authentic link. You can also check the email properties – it may look like lots of gobbledygook, but you should be able to find the line that says “Received:” – in my case, it came from the server at webmail.yujii.com.tw – which is in Taiwan. Again, not a likely FedEx resource.
The most simple piece of advice – slow down. Don’t just glance over logos and assume they must be legitimate. Pay attention to little details.
Use common sense. Credible organizations do not send emails of this kind. If there is an issue with your account – if you have any – they will still send you a good old “snail mail” – an actual letter. When in doubt – delete the email, and go directly to the institution’s website – in this case, I would open my browser, and in the browser window, I will go directly to the source – in this example, to https://fedex.com – or better yet, use the official phone number and call the organization directly to speak with an authorized representative about your account.