Skip to main content

How to identify Phishing Email

 How to identify Phishing Email

 Phishing is a masked attack through email that inveigles users into believing they are receiving the mail from a genuine party and leads them on to parting with sensitive information such as user names and passwords of bank accounts or credit card details. Unless you know and can distinguish between genuine and fake or phishing email, you may end up disclosing such details to people who may misuse and exploit the information. There are several pointers to identify such phishing mails.

Similar looking or sounding domain names are one of the simplest ways to spoof users into believing they are receiving the mail from a genuine party. For instance you may receive an email purportedly from Virginair but a giveaway is that the email address may be something like virginair@yahoo.com. Big companies always have domain linked email addresses.

Spelling mistakes are common in phishing attacks. For instance, the domain name may appear as Facbook.com instead of Facebook.com. Grammar and text of the mail are also pointers. The mail will contain many such errors and could have a pompous ending such as “from the desk of….President”.

Redirection is another way to fool recipients. If you click a genuine looking link in your email, you are redirected to another site. Sometimes, the email may suggest “click here” and when you do, you are taken not to a secure website or the company’s original website but to another website. That may be a single level domain or could be a combination of top and second level domains, which is another giveaway. If you hover your mouse pointer on the link in the email, the actual link shown will be different. Beware in such cases.

Beware of domains that contain too many “dot” pointing to subdomains used by attackers to fool recipients. Instead of http://www.virgin.com the link would show up like http://www.virgin.update.accounts.com.

Attackers also use javascript to hide information. A giveaway is when your email shows up a flag “contains javascript” or something like <script> or tag. Phishers also use images to indicate URLs that you must click, instead of plain text and thus bypass spam filters.

If you do click on a link and are taken to an apparently genuine looking website, a popup window upens asking you to enter sensitive information. In almost all such instances, this is a phishing attack and you should not enter any details. 

In cases where secure transactions take place, genuine websites are always secure and domain starts with https:// instead of plain http:// ; if it does not, avoid entering any details and close window.

Another method is to use HTML mails to deceive recipients by disguising the URL link. In any case, when you receive such an HTML email warning you to update your account, take action immediately to avoid penalty, that your system is compromised or follow a link to claim a grand prize are suspicious. It is not possible to hide deceptive URLs in plain text mails and HTML mail is one way to hide the link. Suspicious emails may also contain more than one straightfoward link or have a link string incorporation a question mark or redirection that will always take you to another website other than that shown.

Another tactic Phishers use is to register fictitious similar sounding domain names but with a different extension. For instance virginair.com may be the genuine website but virginair.cc is a fake. Phishers also use fraudulent means to register fresh websites and send emails using that domain name. Not all of us will care to check with the registrar but if you do and find it is a freshly registered one, chances are your mail is a phishing attack. As a matter of precaution, never click on suspicious links contained in emails. Instead, visit the website, verify it is genuine and find out if action is needed on your part.

Another indicator of a phishing email is that links do not contain names but have IP address such as http://192.192.1.1/yahoo.update. Avoid clicking links that have such IP addresses.

As phishers develop sophisticated methods, it is for the end user to keep abreast with technologies and methods and thus remain safe.

Comments

Post a Comment

Popular posts from this blog

Jobs Scam - TONY & JOE’S SEAFOOD PLACE

Never Apply if you receive this email . It's a scam in the name of TONY & JOES SEAFOOD PLACE TONY & JOE’S SEAFOOD PLACE Address : 3000 K St. NW Washington, DC 20007 Georgetown's Washington Harbour U.S.A. Ph: (202) 944 4545 Email: tonyjoesseafoodplac@acmilan.com.cn ATTENTION JOB SEEKER, THIS IS TO INFORM YOU THAT WE HAVE JOB OPENING AT TONY & JOES’S SEAFOOD PLACE. INTERESTED CANDIDATES ARE ADVICE TO SEND HIS OR HER C.V/RESUME TO : EMAIL : tonyjoesseafoodplac@acmilan.com.cn OPENNING JOBS ARE LISTED BELOW: *(ACCOUNT DEPARTMENT). (CHEFS). (CLEANER). (COMPUTER OPERATORS). *(DEPUTY MANAGER).(DRIVERS MEDICAL). (ATTENDANT). (RECEPTIONIST RESERVATION). *(DESK SALES IN THE BAR).(CHIEF SECURITY). (ENGINEERS). (WAITER ADMINISTRATOR). *(HOUSE KEEPING). (SALES EXECUTIVE). (EXECUTIVE HOUSE KEEPER). *(ASSISTANT EXECUTIVE). (HOUSEKEEPER). FRONT OFFICE .. ETC. E-MAIL YOUR C.V/RESUME TO : tonyjoesseafoodplac@acmilan.com.cn ENTITLEMENT, BENEFITS AND PACKAGES
55 comments
Read more

Mr. Rolando Biscocho Castillo, UBS Investment Bank, Philippines

Good Day, I have a business proposal of USD $8,500,000.00 only for you to transact with me from my bank to your country. All confirmable documents to back up the claims will be made available to you prior to your acceptance. Reply if you are interested so that we can commence the transation which will take less than 5 days. Best Regards, Mr. Rolando Biscocho Castillo. Investment consultant, UBS Investment Bank, Philippines. maxime.bunel@utt.fr
3 comments
Read more

Email scam - Zenith Bank (Ghana) Limited

Albert Kwesi Inkoom Operations Manager, Zenith Bank (Ghana) Limited Premier Towers, Opposite Pension House, Liberia Road, Accra-Ghana. Sir, I write asking for your indulgence in re-profiling funds, which I want to keep under your supervision. The Fund is US$29.7M (Twenty-Nine Million, Seven Hundred Thousand United States Dollars) only. I am only contacting you as a foreigner because the fund cannot be approved to a local Bank here in Ghana, since the fund is in US Dollars. The owner of this account was late MR. WILLIAM BARNES, a foreigner, an American, and he died precisely on 31st Oct 1999 in an Egyptian airline 990 along with his immediate family members and other passengers on board. For your referral, see: http://www.sptimes.com/News/110299/Worldandnation/Passenger_list_for_Eg.shtml I propose to remunerate you with 25% of the entire fund at the successful end of this deal for your speedy attention, honesty, transparency, confidentiality and sincerity of purpose. I
Post a Comment
Read more