Monday, February 06, 2012
(337) 330-2555
YOU ARE HERE
Home 
Blog Security & Protection How to detect suspicious e-mails.
Blog Security & Protection How to detect suspicious e-mails.
Since the advent of the Internet, e-mail has made it easier for con artists to prey on unsuspecting users. Fraud via the Internet has risen dramatically, and now it’s easier than ever to create deceptive e-mails that look legitimate. Many con artists participate in the activity called “Phishing,” which is a technique of creating “trap” e-mails. These e-mails are designed to trick the recipient into thinking it is legitimate business activity and creates a sense of urgency in order for the user to click on it.
What’s the goal of phishing e-mails and websites? They’re designed to trick you into submitting valuable personal information that allows con artists to steal your identity. Here are some of the information that most phishing e-mails request.
- Names and usernames
- Addresses and phone numbers
- Passwords or PIN
- Bank account numbers
- ATM/debit or credit card numbers
- Credit card validation codes (CVC)
- Social Security Numbers (SSN)
Examples
- A fake e-mail has been sent from what appears to be a company you conduct business with and is warning you that they need to verify your account, otherwise your account will be suspended.
- Fake charities asking for your donation. Many of these con artists like to take advantage of your goodwill.
- Foreign lottery scams asking you to submit your banking information in order for your winnings to be deposited into your account.
How can you tell it’s a fraud?
The e-mail requests personal information. Most legitimate businesses have created policies to not exchange personal information through e-mail.
- Sense of urgency. The text in the e-mail is usually polite in tone. However, it tells you that you have to respond soon; otherwise they will delete your account, etc.
- Impersonalized e-mail. Most legitimate e-mail is personalized. For example, many fraud e-mails greet you with “Dear valued customer,” or similar generic greetings.
- Fake Links. Many fraud e-mails contain fake links that redirects users to their phishing website to collect information. For example, if your bank’s website is www.acmebank.com and the e-mail redirects you to something different like https://192.168.2.45/login.jsp.
Best Practices
- Do not reply to e-mails that request your personal information.
- Do not click on suspicious links in e-mails.
- Use strong passwords and change them frequently.
- Do not send personal information in regular e-mail.
- Do business with only companies you know and trust.
- Make sure the website uses encryption.
- Make sure your computer is protected with anti-virus software and a firewall.
- Monitor your transactions in your bank statements.
- Never use debit cards online. Only use credit cards for online transactions.
How to report online fraud or identity theft?
- FBI
- FTC
- Or your local authorities
Example Images
This e-mail was sent to me by someone impersonating as FedEx. Here are some of the things that caught my attention which made this e-mail highly suspicious:
- There is a .zip attachment. In the e-mail, it says that the attachment contains the invoice. FedEx never sends invoice attached inside a .zip file. Usually .zip files from unknown sender contains some sort of virus.
- No name in greeting. This e-mail started off with "Dear" and contained no name. It's obvious that this e-mail is being sent to mass amounts of people hoping that at least one person opens the attachment.
- Text as image. All the text contained in this e-mail is an image. If you examine the text carefully, you can see that it's very grainy. The con artist captured an image of an actual FedEx e-mail, edited the image and then pasted it to a new e-mail to be sent to unsuspecting users.
- No detailed information. This e-mail failed to contain additional legitimate information, such as your tracking number, original estimated delivery date, shipping origin and destination.
Published in
Security & Protection
Tagged under
