Monday, January 17, 2011

something phishy in my inbox

Have you ever seen an email in your inbox that didn’t look right?  Have you ever received an email that said your bank account has been compromised and that you need to log in to reactivate your account, or something similar? I have received this email this morning which is clearly a phishing attempt. I will now help you to recognize these bogus emails, and what to do when you receive one.

"Dear valued customer :
During our usual security enhancement protocol, we observed multiple login attempt error while login in to your online banking account. We have believed that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to update.
confirm your update by clicking the link below:
 Log on to www.bankofamerica.com/update
Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community."
The first red flag on these types of messages is that it does not use my name. It starts with "Dear valued customer" a real bank email usually addresses you by name either first and last or last only.  The next thing I notice is that it does not include a phone number to call. Another thing is that you will notice spelling errors or wrong word uses. un/fortunately most IT people struggle with spelling and grammar and if spell check doesn't find it it is okay in our eyes.

Now lets hover over the link and see where it is going to direct us. By hovering over it I can see it is going to take me to "http://www.laterthanever.org/store/media/online.bankofamerica.com/boa/" this means the root domain is http://www.laterthanever.org/ not https://www.bankofamerica.com/

So now that I know this is not a legitimate email here is what you need to do, at the bare minimum click the spam button on your email client. a step better is to forward the email to phishing-report@us-cert.gov . This allows the government to track down those responsible for these scams, and notify web hosting companies that the site has been compromised.

So hopefully when you see emails like this in the future you will be able to spot the fakes, and please take the extra second to forward these emails to phishing-report@us-cert.gov so that those responsible for these crimes can come to justice.


Now if I can just get someone to hello me get my never heard of before relatives money out of Nigeria...
-Your company's IT guy
Center4nerds.com
Posted by at
Labels: , , , ,

2 comments:

  1. Unknown3/2/11 13:13

    Users should always report these there is a great site http://www.fraud.org/internet/intinfo.htm that will help you report them to more than just the forward. Until people stop falling for this and begin to cost the idiots that do this money it will continue.

    ReplyDelete
  2. Anonymous2/3/11 14:56

    I think people that fall for this or other such scams...deserve what is coming to them...If this doesn't prove "survival of the fittest," I don't know what does.

    ReplyDelete

Subscribe to: Post Comments (Atom)