It’s been a while since I wrote the article on phishing, I thought I’d write another one as my father had recently received this E-mail which is pretty deceptive and it was a good thing he asked me about the authenticity of the E-mail. I had a quick look at it and I’m surprised at what these are capable of.
While the example I used for the phishing article still holds true, this new case opens more points to highlight.
Here’s The E-mail………..
Wow, scary huh? See, that’s the problem
Fear, Greed, or Any Other Things Bad
Practically all phishing related matters prey on fear. If not then greed, or whatever bad virtues.
In this case, it’s fear – fear of losing your account would cause you to act.
Deceptive Sender E-mail
One of the most convincing part of the E-mail was the SENDER E-mail address. It’s from Yahoo! isn’t it?
Just as what I mentioned in the previous article – Some PHISHING E-mails aren’t that cleverly done, their sender E-mail address gives away their identity immediately. On the other hand, there are others who are more detailed and send from what looked like a legitimate sender.
I guess what I missed out is HOW to find out the legitimacy of the E-mail, so here’s how you do it – just click on the REPLY button. I did that and here’s what it looked like.
Oh look, 2 E-mail addresses. The first one is clearly not from Yahoo! The second one is just another Yahoo! E-mail account, it could be registered by anyone and it is possible for even Yahoo! to miss out such E-mail names that are clearly made for evil intent.
Some Things They’ll Never Ask & The Logic Factor
And just like the previous article – the above are still applicable.
Logically speaking, Yahoo! is already keeping track of your activity, so they wouldn’t need go through such lengthy E-mail send / receive process just to know your activity.
Gender? Birthdate? Occupation? Country? Those details are all in your Yahoo! profile – Yahoo! has all of it on record already and there’s no reason for them to ask you what they already have and could access at any time!
If the above doesn’t make sense enough – let’s go through the petty nonsense.
– There’s no reason for you to enter your E-mail address if you’re going to reply them – that’s asking the obvious!
– There’s no reason for them to know your password – if they need to know you’re active, a reply E-mail is good enough.
Common Sense Is Not So Common
Unfortunately logic sometimes fail. Most people fail to cross-check with common sense due to being overwhelmed by fear – the thought that goes like “WTF! I gotta reply them now or I’ll lose those precious E-mails in my inbox! All 32,386 of them!”
Badly Done Content
In the midst of being overwhelmed by the fear of losing our beloved account, it is not surprising that people didn’t notice the horrible E-mail content.
How many of you noticed that the “Due to ………. yada yada yada………. security reasons” appeared twice? In varying font size and color. 🙂 Subliminal messaging perhaps?
And how many of you noticed that while the E-mail was titled “Yahoo! Verification Alert!!!”, the first header was “Yahoo! Customer Care Satisfaction Survey” and the paragraphs were about suspension of account?
There’s a HUGE difference between an “ALERT”, a “SURVEY” and something that requires “action to avoid SUSPENSION”. LOL. It’s a joke! Absolutely laughable content, who in the right mind would treat it seriously?
Then again, when logic fails, sense goes amiss and emotion creeps in – I’m not surprised people would actually respond to such E-mail.
Share Your Experience
Did you think I miss out something? Please share, I’m sure it’ll be beneficial to everyone who read these articles.