Some of my important emails end up in the Spam folder due to incorrect filtering. So, I occasionally check the Spam folder to see if an email that was not spam ended up there. Today, while checking the Spam folder, I came across an email that was a classic example of a phishing message. Hence, I decided to share it here to point out some common tactics used in such messages.
Here is the email:-
One look at the from address should be enough for anyone to judge that this message is not genuine. Messages from most companies are through a no-reply address. Also, most companies contact you from an email address that is on their main domain, not some random free email provider. Moreover, almost all email providers use an interstitial page in the situation described in this message. None of them sends an email asking for verification.
Another important thing to notice in this message is the Sent to: field. Notice how it mentions undisclosed recipients. This is common in such messages. They are sent to a lot of email ids in one go. Hence, hiding the recipients allows hackers to prevent their targets from knowing that this same message has been sent to a lot of users.
The next thing to notice is that this message does not address me by name. This is uncommon for an email company that already has your name. Most companies add the user's name to add a personalized feeling to their messages. This is something that is quite difficult to manage if you are sending the same message to thousands of users.
One of the most common feature of phishing emails is their use of incorrect grammar. This message is no different. The inappropriate capitalization and spelling mistakes like writing the word 'loosing' in place of 'losing' leaves no doubt about its authenticity.
One more important thing to notice is that at the end of this message, there is no mention of the email provider's website. This is very uncommon considering that most email providers leave no stone unturned to brand their messages.
Lastly, the email address to reply to is different from the one with which this message was sent. A proof that the sender of this message tried to spoof the sender id.
The techniques used in this email were typical and hence it should not be difficult for anyone to detect that it is a phishing message. However, cyber criminals are evolving and most of them don't make such common mistakes anymore. You should always use common sense in such situations and never click on suspicious links.
Here is the email:-
The phishing message. |
Another important thing to notice in this message is the Sent to: field. Notice how it mentions undisclosed recipients. This is common in such messages. They are sent to a lot of email ids in one go. Hence, hiding the recipients allows hackers to prevent their targets from knowing that this same message has been sent to a lot of users.
The next thing to notice is that this message does not address me by name. This is uncommon for an email company that already has your name. Most companies add the user's name to add a personalized feeling to their messages. This is something that is quite difficult to manage if you are sending the same message to thousands of users.
One of the most common feature of phishing emails is their use of incorrect grammar. This message is no different. The inappropriate capitalization and spelling mistakes like writing the word 'loosing' in place of 'losing' leaves no doubt about its authenticity.
One more important thing to notice is that at the end of this message, there is no mention of the email provider's website. This is very uncommon considering that most email providers leave no stone unturned to brand their messages.
Lastly, the email address to reply to is different from the one with which this message was sent. A proof that the sender of this message tried to spoof the sender id.
The techniques used in this email were typical and hence it should not be difficult for anyone to detect that it is a phishing message. However, cyber criminals are evolving and most of them don't make such common mistakes anymore. You should always use common sense in such situations and never click on suspicious links.