Skip to main content

How to identify Phishing Email

 How to identify Phishing Email

 Phishing is a masked attack through email that inveigles users into believing they are receiving the mail from a genuine party and leads them on to parting with sensitive information such as user names and passwords of bank accounts or credit card details. Unless you know and can distinguish between genuine and fake or phishing email, you may end up disclosing such details to people who may misuse and exploit the information. There are several pointers to identify such phishing mails.

Similar looking or sounding domain names are one of the simplest ways to spoof users into believing they are receiving the mail from a genuine party. For instance you may receive an email purportedly from Virginair but a giveaway is that the email address may be something like virginair@yahoo.com. Big companies always have domain linked email addresses.

Spelling mistakes are common in phishing attacks. For instance, the domain name may appear as Facbook.com instead of Facebook.com. Grammar and text of the mail are also pointers. The mail will contain many such errors and could have a pompous ending such as “from the desk of….President”.

Redirection is another way to fool recipients. If you click a genuine looking link in your email, you are redirected to another site. Sometimes, the email may suggest “click here” and when you do, you are taken not to a secure website or the company’s original website but to another website. That may be a single level domain or could be a combination of top and second level domains, which is another giveaway. If you hover your mouse pointer on the link in the email, the actual link shown will be different. Beware in such cases.

Beware of domains that contain too many “dot” pointing to subdomains used by attackers to fool recipients. Instead of http://www.virgin.com the link would show up like http://www.virgin.update.accounts.com.

Attackers also use javascript to hide information. A giveaway is when your email shows up a flag “contains javascript” or something like <script> or tag. Phishers also use images to indicate URLs that you must click, instead of plain text and thus bypass spam filters.

If you do click on a link and are taken to an apparently genuine looking website, a popup window upens asking you to enter sensitive information. In almost all such instances, this is a phishing attack and you should not enter any details. 

In cases where secure transactions take place, genuine websites are always secure and domain starts with https:// instead of plain http:// ; if it does not, avoid entering any details and close window.

Another method is to use HTML mails to deceive recipients by disguising the URL link. In any case, when you receive such an HTML email warning you to update your account, take action immediately to avoid penalty, that your system is compromised or follow a link to claim a grand prize are suspicious. It is not possible to hide deceptive URLs in plain text mails and HTML mail is one way to hide the link. Suspicious emails may also contain more than one straightfoward link or have a link string incorporation a question mark or redirection that will always take you to another website other than that shown.

Another tactic Phishers use is to register fictitious similar sounding domain names but with a different extension. For instance virginair.com may be the genuine website but virginair.cc is a fake. Phishers also use fraudulent means to register fresh websites and send emails using that domain name. Not all of us will care to check with the registrar but if you do and find it is a freshly registered one, chances are your mail is a phishing attack. As a matter of precaution, never click on suspicious links contained in emails. Instead, visit the website, verify it is genuine and find out if action is needed on your part.

Another indicator of a phishing email is that links do not contain names but have IP address such as http://192.192.1.1/yahoo.update. Avoid clicking links that have such IP addresses.

As phishers develop sophisticated methods, it is for the end user to keep abreast with technologies and methods and thus remain safe.

Comments

Popular posts from this blog

Jobs Scam - TONY & JOE’S SEAFOOD PLACE

Never Apply if you receive this email . It's a scam in the name of TONY & JOES SEAFOOD PLACE TONY & JOE’S SEAFOOD PLACE Address : 3000 K St. NW Washington, DC 20007 Georgetown's Washington Harbour U.S.A. Ph: (202) 944 4545 Email: tonyjoesseafoodplac@acmilan.com.cn ATTENTION JOB SEEKER, THIS IS TO INFORM YOU THAT WE HAVE JOB OPENING AT TONY & JOES’S SEAFOOD PLACE. INTERESTED CANDIDATES ARE ADVICE TO SEND HIS OR HER C.V/RESUME TO : EMAIL : tonyjoesseafoodplac@acmilan.com.cn OPENNING JOBS ARE LISTED BELOW: *(ACCOUNT DEPARTMENT). (CHEFS). (CLEANER). (COMPUTER OPERATORS). *(DEPUTY MANAGER).(DRIVERS MEDICAL). (ATTENDANT). (RECEPTIONIST RESERVATION). *(DESK SALES IN THE BAR).(CHIEF SECURITY). (ENGINEERS). (WAITER ADMINISTRATOR). *(HOUSE KEEPING). (SALES EXECUTIVE). (EXECUTIVE HOUSE KEEPER). *(ASSISTANT EXECUTIVE). (HOUSEKEEPER). FRONT OFFICE .. ETC. E-MAIL YOUR C.V/RESUME TO : tonyjoesseafoodplac@acmilan.com.cn ENTITLEMENT, BENEFITS AND PACKAGES

Scam emails from MR. CHRISTOPHER TOWE.Director Airport Inspection Officer United Nations.

Scam emails from MR. CHRISTOPHER TOWE.   < service@hondasai4.com > Thanks, How are you doing today?  Hope you are doing very fine? I am newly transferred from the London Heathrow International Airport United Kingdom to Will Rogers World Airport here in the United States of America for an important official inspection duty.  During our investigation, I discovered an abandoned Metal Trunk boxes. The details of the consignment boxes including your name the official documents from United Nation office in London are tagged on the Metal Trunk boxes.  Please note that I have paid for all the necessary needed legal documentation charges on your behalf and will be delivery your consignment boxes to your contact address by tomorrow evening. But I will share it 75% to you and 25% to me.   Please your current contact address, Full Name, Telephone Number, and your nearest local airport are highly needed to avoid delay in locating you upon my arrival at your local airport, al

RBI: Congratulation!!! Fraud in the name of Reserve Bank of India. RBI Fraud

Mail from  Reserve Bank Of India" <rbibk@india.com                                                                                                                            Customer Service Department Reserve Bank of  India 1st Floor, Amar Building Sir P.M. Road,  Fort Mumbai-400 001 . Chief General Manager Shri Kaza Sudhakar Kind Attention , This is to inform you that this esteemed bank (RBI) received your winning (FUND) the sum of ($500,000.00 USD) from UK BLACKBERRY CO., and the total amount was loaded in (ATM) which will be re-loaded into five (5) ATM CARD and send to you after it's activation process. You are hereby required to furnish us with the information below: Name: ........... Address:......... State............ Age:............. Gender:........... Phone:............ Occupation:...... Copy of Your Identity:..... (IF AVAILABLE) We are expecting your information immediately. Oncemore Congratulation! Management, Reserve Bank Of India