Phishing – Avoid Fraud by Knowing The Basics

Phishing - Avoid Fraud by Knowing The Basics

Phishing – a deceptive Internet practice to acquire sensitive details as usernames, passwords and credit card details by pretending to trustworthy entity via electronic communication such as E-mail.

Phishing is not new, it’s been around for ages BUT unfortunately there are many who know not how to detect phishing.

Today, I’ll be providing a few pointers on how you could easily identify PHISHING. While my examples will be using E-mail phishing, the logic applies to other form of PHISHING as well, even those like from SMS.

Here’s an E-mail that I received recently……….

Phishing - Avoid Fraud by Knowing The Basics

What Did You Register With Them With?

Yes, KNOW what did you register with.

For example, I got this PHISHING E-mail in one of my E-mails accounts. The E-mail claims to be from our local bank’s online service website – Maybank2u.com

The first give-away in that PHISHING mail, was recipient address. I was dead sure I did not register that particular E-mail address for the bank’s online service. 🙂 So clearly these guys were spamming based on their E-mail database and hoping I’m one of the victim.

*I personally put the bulk of the blame on the idiots who put my E-mail under TO and CC instead of BCC for mass E-mailing purpose.*

So remember, if you’re receiving such notices on your E-mail or anywhere else that you didn’t register with a particular entity – then clearly something’s amiss.

Take Note Of The Link

In E-mail based PHISHING, it always comes with a LINK. That link will lead you to a website that will in most cases, look exactly like the actual website of the entity they claim to be.

So imagine if you entered your username and password – then it’s information in their hands already. 🙁 Another way to avoid such terrible plight is to take note of the URL (address) of the link provided. Just mouse over the link on your E-mail (whether it’s web-based or not) and it usually will show you where the link is going to bring you.

Here’s what it looked like on my Thunderbird E-mail application.

Phishing - Avoid Fraud by Knowing The Basics

If you can’t find any indicator of where the link goes to, just click it. Don’t worry because PHISING sites usually don’t contain those nasty scripts as those malicious scripts usually trigger a response from anti-virus or browsers and it certainly would arouse your suspicion.

Now once you click on the link, you’ll be brought to the site. Look at the URL, especially the front portion right after the HTTP:// or HTTPS://. As long as it doesn’t look like the usual URL that you visit for your online transactions – AVOID it.

A tech-savvy person like myself would identify it without a problem but a less savvy person on the other hand could have a chance of mis-identifying, thinking that it’s a legitimate site. For example, maybank2u.com could be written as mayban2ku.com and get away with it. Some go to the extent to put subdomains that confuse or adds assurance to users, such as maybank2u.securenetdata0001.com (this URL is entirely fictional!).

Know The Source

Some PHISHING E-mails aren’t that cleverly done, their sender E-mail address gives away their identity immediately. On the other hand, there are others who are more detailed and send from what looked like a legitimate sender.

Phishing - Avoid Fraud by Knowing The Basics

It’s not something hard to do, anyone could just configure it in their E-mail application

Badly Done Content

If you refer to the same image above, notice how titled the E-mail. And take note also on how they address you as Dear XYZ Customer.

I’m not saying that they can’t but usually it’s a good sign of being phishing E-mails. Even if they don’t address you personally, it almost always comes appropriately titled.

Some Things They’ll Never Ask

Entities like banks will never ask you for sensitive information such as passwords. Some might as for username but they certainly won’t ask for both username and password. Others would just ask you verification questions based on the data available on their end.

If you do come by E-mails, calls or SMS that asking you too many details, especially sufficient details to log in to your account or at least request for changes to your account – it’s clearly a PHISHING in action.

The Logic Factor

In the E-mail above, you’ll notice how odd it is that they publicly announced that they were hit by DDoS attack (I’m not going to explain what is DDoS attack), E-mail was sent but nothing of such notice was stated on the website.

Furthermore DDoS attack is not HACKING, which doesn’t interfere with data. And to make it all the more funny, who on earth would give you 24 hour notice before suspension? It doesn’t even make sense, because 24 hours and not accounting the time difference between mail sent and mail read does make it ridiculously MISSION : IMPOSSIBLE.

With a little bit of knowledge to help you with some logical thinking, you could sniff out additional pointers that discredits the E-mail further.

Repeated E-mails, Changing Content

Yes, sometimes they repeat.

Phishing - Avoid Fraud by Knowing The Basics

So it’s a dead give-away. First they say it’s 24 hours to take action, then they send another mail like 48 hours later. And with a different link too! A really clear give-away.

Contact The Entity Involved

The safest best for anyone who isn’t savvy enough to do all the above – MAKE A PHONE CALL. Yes, call the entity and ask about the received E-mail. Just make sure that the number you called is the OFFICIAL number.

Share Your Experience

Did you think I miss out something? Please share, I’m sure it’ll be beneficial to everyone who read this article.

goldfries rated this product :

8 Comments

  1. Normally, these e-mails will be filtered by Gmail or Y! Mail.

    But sometimes if it passes through, I’ll look at the e-mail first. IF it’s like [email protected] prepare to delete.

    I am well aware of such phishing attacks.

    actually they can mask their e-mail address as well.

    Example: they send as [email protected], but at different server. If you’re a wordpress user, you’ll know that your e-mail is used to send notification to users.

    Therefore, I read the link as well.

    All we need to do is,
    1. check source e-mail.
    2. check the URL that we are going to click.

    Regards,
    HeHeHunter

  2. Author

    Unfortunately many would be clever enough to send from what looked like a seemingly valid .com E-mail.

    As to checking the servier – the thing is, do we keep track of their IP address? And most people don’t even know how to read E-mail headers to begin with. In my opinion, most people would just reach as far as the “FROM” part and no further than that. So for point #1 I think is not sufficient unless you are SURE that they only send from a particular IP address or server.

    It’s just a good start but surely not the final say on whether the mail is false.

    As to your point #2 – yes, that one is always the most clear cut checking. Unfortunately again there are those not too savvy, where domain names could end up looking legitimate to them.

    Which is why I find #1 and #2 in your comment, maybe sufficient for you but it is certainly not applicable to the rest with “All we need to do”, as there are many others who aren’t well versed enough to spot phishing mails just from those 2. 🙂

  3. Surprisingly, my campus’s email got hit by it, it took the IT Guys 3 hours to realise it and retracted back all of the emails.

    But overall, this article should be able to give less computer savvy people a good heads up on what might be hitting them.

  4. *laughing*……..*still laughing*…. uhm eXPeri3nc3, please tell me how exactly did the IT guys retract the emails ? Cuz i just sent an email with all my bank account info to [email protected] and its only been 2h and 50m so I still got 10 mins maybe u can help me pleaseeee.
    Oh and as for my advice to the matter, simple the “bank” will NEVER EVER ask you for your password or information that could be used to log into your account, like the answer to your security questions. The give them a call idea is actually really good, just google the name of the bank to make sure u have the right address.
    I got an sms telling me i won 3000$ and a nokia n95… although i did check just to be sure and found aver 1000 other people who had received similar sms, i knew i was fake because of 3 resons:
    1 I didn’t participate in any contest.
    2 I’ve never seen a prize composed of Money and a Mobile Phone.
    3 Nokia n95 is wayy to old to be given as a prize in 2009… maybe if it where an iPhone.
    So just use common logic and btw u can not retract ur emails so think twice than think again before thinking of sending…*still laughing*


  5. laughing_man, though it’s a bit late, but yeah. You CAN retract emails if you’re in an organisation that uses Novell Groupware.

    Assuming that your IT Dept did not disable the function.

    But what you’d said is true, free emails like Gmail or Hotmail of course you can’t retract what you’d sent.



Comments are closed.