06.18.07

Dealing with phishing

Posted in Bad boys, Crime, Phishing, Spam at 10:03 am by angela

I thought it was time to do a little public service work here. Like many people, I’m tired of receiving those phishing emails. You know, the ones that tell you you may have had unauthorized activity in your account, and you need to use this link to login right now to get it straightened out.

Or maybe you don’t know, which is why I’m trying to do this as a public service and not just poking fun at the idiots. It’s pretty obvious to me that if people didn’t click on their link and type in their account info, thus giving god knows who access to their accounts, that these emails wouldn’t be going out. The crooks would give up.

But I’ve heard perfectly intelligent people relate to me how they were phished not once, but multiple times. So I’m going to show you what to look for in the hopes that I save at least one potential victim from the phishing scam.

First of all, consider what account it came in on. Is this the account that you normally receive email from this company? If not, then it’s absolutely a scam. I actually heard a woman say that she responded because it came in on a different account. No. That’s completely wrong.

Do you even have an account with this company? The fact that you receive emails from multiple companies that you don’t even have accounts with asking you to verify information should make you suspicious of all contacts like this, even when you do have an account with the company in question.

The email address I received this on is one that goes with this website. I do no day-to-day business on it, just stuff having to do with clients and porn. Therefore, I should not be receiving official correspondence on it from financial institutions, and thus, it’s all phishing.

The webmail account I use will not show suspect images, even in the html mode. So I can’t show you the header image. But you may see an exact replica of the official company email header. It may even link to that company, to give you the illusion that this is an official email.

On the other hand, you may see a poor imitation of the company logo. So watch for that.

So looking at this email I received, first of all, you can see that they did not address me by my customer name. (1) If they do not do that, immediately assume it’s a scam. In this case, I am not a banking customer of Bank of America, but even if I was, I would assume it was a fake for this reason alone.

Now look at (2), the link address. Many people probably don’t know that when a text link shows up, it is actually a piece of text that links to a URL you don’t see. Most of the time when a URL shows the link is same. But there’s no reason it has to be. You know that any piece of text can be a link. So http://principalquattrano.com/news,
Breaking news!, http://www.whitehouse.gov, http://www.georgebush.com, and even http://www.georgebushistheantichrist.com all link to my news blog. Clearly none but the first two should be linking to my news blog.

If you look at the link, it looks official. It starts with ‘http://www.bankofamerica.com’, which is the company’s official website. Now look in the yellow box at the actual URL you’d be going to if you clicked on that link. When you mouseover a link in Opera, this is how the actual link address appears. In most other browsers you will see it at the bottom of the window. Mouse over my links above, so you can see where they are actually linking to.

This link goes to a URL ‘http://www.baliparty.com’, which clearly has nothing to do with the Bank of America website. I followed it to a Japanese company, but could not get any more specific information than that. In any case, seeing that the two URLs are different should raise red flags for you.

Now look at (3). “Tank you”? These are often full of spelling errors. Spelling matters. No big company would send out an email with dumb, really dumb spelling errors like this. It’s telling you the thing was written by a foreigner.

And finally, (4). They’re going to put a ‘temporal’ hold on your funds? What the hell does that mean? You’re going to have access in the next life? The correct word is ‘temporary’.

Like I said at the beginning, they wouldn’t be sending these emails out if suckers weren’t clicking on those links to send their account login to Japan and other faraway places. Don’t be a sucker. Read and think.

And if you’re still not sure whether your account has been compromised, go to the company’s website the way you normally do, through your bookmark, or by typing the company URL into your browser.