Identifying Phishing Scams
What is Phishing?
Phishing is a form of fraud where a scammer attempts to gain log in credentials or account information from the victim. These scammers usually impersonate as a reputable company or person through email or other forms of communication. These scammers can either install malicious software on to your device or try to trick you into providing them with personal information such as your passwords or credit card information. Phishing scams are designed to look as authentic as possible. Below are some examples of phishing scam emails including scams that seek log in/account information as well as ransomware that seeks to infect your computer with malicious software.
If you feel that an email looks suspicious or malicious, pay attention to typos, fake links, fraudulent senders, and threatening language included within the email. Below are samples of what to look out for.
Sample Emails For Phishing Scams:
This sample from FedEx prompts you to download a fake postal receipt to take to your nearest office. The downloaded file will install malicious software on to your computer. FedEx delivery drivers will leave a note on your door indicating that they have tried to deliver the package. When in doubt, call FedEx directly at the phone number provided on their website and supply the tracking number given at the time of purchase.
This example from UPS prompts you to download a Shipment label. The download will install malicious software on to your computer. Note the fake sender address, grammatical errors, and the link does not redirect you to UPS. When in doubt, call UPS directly at the phone number provided on their official website and supply the tracking number given at the time of purchase.
Not only does this example contain numerous typos, but UPS will never send an invoice like this. When in doubt, call UPS directly at the phone number provided on their official website.
This sample email looks like an authentic Apple email. The link included in the email redirects you to a page that also may look like an authentic Apple log in page. The scammers are trying to trick you into entering in your Apple ID and password. Instead of clicking the link within the email, open a new tab in your web browser and go directly to iCloud from there.
This second sample from Apple wants to redirect you to a page for an unexplained purchase where the scammers will try to obtain your log in information.The link is fraudulent and will prompt you to enter in your Apple ID and password.
This example from Apple is from the April 2017 Dok malware. The malware is installed by opening an infected .zip file. Once downloaded, this a fake update screen will pop up.
The sample from Gmail shows the email that was received and the authentic looking Google login page that the link directs you to. Note the address bar at the top does not show www.google.com but, rather, a suspicious website to gain your log in credentials.
This second sample for Gmail wants you to verify your account information. Note the sender’s email address highlighted in red at the top of the image is not from Google. The words highlighted in yellow show typos. The link will redirect you to an authentic looking Google log in page in order to obtain your log in information.
This third Gmail sample claims that there has been a suspicious log in attempt on your account. Note the sender’s fake email address. The link will redirect you to an authentic looking Google log in page in order to obtain your log in information.
This sample is from Yahoo! and it claims that you must update your user settings. The link will redirect you to an authentic looking Yahoo! log in page in order to obtain your log in information. Note the typos in both the subject bar and body of the email.
Locky Ransomeware Examples:
This is an example of a Locky ransomware phishing scheme. The email contains an infected .pdf file attachment. Opening the infected attachment can install the ransomware on your device. Always be cautious about emails from non-trusted sources that contain attachments.
This second Locky ransomware example shows an infected Word document attachment. Always be cautious about emails from non-trusted sources that contain attachments.
This sample comes from Amazon. Note the web address at the top of the page. While the log in looks authentic, the website is not Amazon.com
This sample is from a fake Facebook log in page. Note the address bar at the top does not show www.facebook.com. Scammers will almost always try to mimic the original website address.
For more information on how to spot phishing scams, check out this guide from Microsoft.
When in doubt, open your web browser to a new page and go directly to the specific website (Yahoo!, iCloud, Gmail, Google, Amazon, Facebook, PayPal, FedEx, UPS, etc) and log in through their secured site.