Skip to main content

How to identify Phishing Email

 How to identify Phishing Email

 Phishing is a masked attack through email that inveigles users into believing they are receiving the mail from a genuine party and leads them on to parting with sensitive information such as user names and passwords of bank accounts or credit card details. Unless you know and can distinguish between genuine and fake or phishing email, you may end up disclosing such details to people who may misuse and exploit the information. There are several pointers to identify such phishing mails.

Similar looking or sounding domain names are one of the simplest ways to spoof users into believing they are receiving the mail from a genuine party. For instance you may receive an email purportedly from Virginair but a giveaway is that the email address may be something like virginair@yahoo.com. Big companies always have domain linked email addresses.

Spelling mistakes are common in phishing attacks. For instance, the domain name may appear as Facbook.com instead of Facebook.com. Grammar and text of the mail are also pointers. The mail will contain many such errors and could have a pompous ending such as “from the desk of….President”.

Redirection is another way to fool recipients. If you click a genuine looking link in your email, you are redirected to another site. Sometimes, the email may suggest “click here” and when you do, you are taken not to a secure website or the company’s original website but to another website. That may be a single level domain or could be a combination of top and second level domains, which is another giveaway. If you hover your mouse pointer on the link in the email, the actual link shown will be different. Beware in such cases.

Beware of domains that contain too many “dot” pointing to subdomains used by attackers to fool recipients. Instead of http://www.virgin.com the link would show up like http://www.virgin.update.accounts.com.

Attackers also use javascript to hide information. A giveaway is when your email shows up a flag “contains javascript” or something like <script> or tag. Phishers also use images to indicate URLs that you must click, instead of plain text and thus bypass spam filters.

If you do click on a link and are taken to an apparently genuine looking website, a popup window upens asking you to enter sensitive information. In almost all such instances, this is a phishing attack and you should not enter any details. 

In cases where secure transactions take place, genuine websites are always secure and domain starts with https:// instead of plain http:// ; if it does not, avoid entering any details and close window.

Another method is to use HTML mails to deceive recipients by disguising the URL link. In any case, when you receive such an HTML email warning you to update your account, take action immediately to avoid penalty, that your system is compromised or follow a link to claim a grand prize are suspicious. It is not possible to hide deceptive URLs in plain text mails and HTML mail is one way to hide the link. Suspicious emails may also contain more than one straightfoward link or have a link string incorporation a question mark or redirection that will always take you to another website other than that shown.

Another tactic Phishers use is to register fictitious similar sounding domain names but with a different extension. For instance virginair.com may be the genuine website but virginair.cc is a fake. Phishers also use fraudulent means to register fresh websites and send emails using that domain name. Not all of us will care to check with the registrar but if you do and find it is a freshly registered one, chances are your mail is a phishing attack. As a matter of precaution, never click on suspicious links contained in emails. Instead, visit the website, verify it is genuine and find out if action is needed on your part.

Another indicator of a phishing email is that links do not contain names but have IP address such as http://192.192.1.1/yahoo.update. Avoid clicking links that have such IP addresses.

As phishers develop sophisticated methods, it is for the end user to keep abreast with technologies and methods and thus remain safe.

Comments

Post a Comment

Popular posts from this blog

Jobs Scam - TONY & JOE’S SEAFOOD PLACE

Never Apply if you receive this email . It's a scam in the name of TONY & JOES SEAFOOD PLACE TONY & JOE’S SEAFOOD PLACE Address : 3000 K St. NW Washington, DC 20007 Georgetown's Washington Harbour U.S.A. Ph: (202) 944 4545 Email: tonyjoesseafoodplac@acmilan.com.cn ATTENTION JOB SEEKER, THIS IS TO INFORM YOU THAT WE HAVE JOB OPENING AT TONY & JOES’S SEAFOOD PLACE. INTERESTED CANDIDATES ARE ADVICE TO SEND HIS OR HER C.V/RESUME TO : EMAIL : tonyjoesseafoodplac@acmilan.com.cn OPENNING JOBS ARE LISTED BELOW: *(ACCOUNT DEPARTMENT). (CHEFS). (CLEANER). (COMPUTER OPERATORS). *(DEPUTY MANAGER).(DRIVERS MEDICAL). (ATTENDANT). (RECEPTIONIST RESERVATION). *(DESK SALES IN THE BAR).(CHIEF SECURITY). (ENGINEERS). (WAITER ADMINISTRATOR). *(HOUSE KEEPING). (SALES EXECUTIVE). (EXECUTIVE HOUSE KEEPER). *(ASSISTANT EXECUTIVE). (HOUSEKEEPER). FRONT OFFICE .. ETC. E-MAIL YOUR C.V/RESUME TO : tonyjoesseafoodplac@acmilan.com.cn ENTITLEMENT, BENEFITS AND PACKAGES...
55 comments
Read more

Internet lottery scam in Pakistan

ISLAMABAD: Senior Civil Judge Muhammad Aslam Gondal Saturday extended the physical remand of an accused that defrauded people of millions of dollars usinf UNHCR’s name and handed him over to the Federal Investigation Agency (FIA). The accused fooled masses into investing in an internet lottery and showed a fake agreement on the letter pad of the United Nations High Commissioner for Refugees (UNHCR), signed by UNHCR Islamabad Engineer General and having a name John Cosmos as a witness. A First Information Report (FIR) vide 11/09 dated 01-04-2009 was registered against Javed-ur- Rehman, a resident of National Housing Scheme 1, Rawalpindi, under section 7, 8, 9, 15, 19 and 20 of Prevention of Electronic Crimes Ordinance (PECO) 2007 r/w36, 37 of Electronic Transaction Ordinance (ETO) 2002. The complainant Janas Khan, Peshawar, had lodged the complaint with FIA Crime Circle. According to FIA, Janas Khan was defrauded in the name of Internet lottery amounting to 1.3’ Million $. He was persua...
Post a Comment
Read more

fake mail from Nadel Halioua, The bank

Dear Friend, Greetings to you and your family my good friend, I am the manager of bill and exchange in THE BANK , i have a business of 2.5 Million United State Dollars to be transfer to your account for investment in your country , if you are ready to assist me get back to me, i will give you full details on how the fund will be transfer to you. Be rest assure that everything will be handled confidentially because, this is a great opportunity we cannot afford to miss, as it will make our family profit alot. It has been 5 years ago, that most of the greedy African Politicians used our bank to Launder money overseas through the help of their Political advisers. Most of the funds which they transferred out of the shores of Africa was gold and oil money that was supposed to have been used to develop the continent. The Political advisers always inflated the amounts before transfer to foreign accounts so I also used the opportunity to divert part of the funds hence I am aware that there is n...
Post a Comment
Read more