I have seen hundreds of spam messages in my life, but this week I have received something truly “special”: A PHISHING EMAIL. Since it’s the first time I get a message like this, I take this occasion to write about it.
What is Phishing? It is an attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons. Now when we know the definition, let’s take a look at the email I received.
Negative, suggesting a dark outcome if I don’t renew with them, with a brilliant ending - “Thank you for your cooperation.” I checked the link and others already reported it as a spam message, and malware scanner didn’t spot any threads. I decided to open it.
I have a mixed feeling that $93 is all they want. Once you enter your credit card information, there will be more charges.
1. If you have any doubts, don’t click anything blindly, don’t open attachments.
2. Identify a Phishing Email
Consider these points
- Are you expecting an email of this nature? (e.g. password reset, account expiration, travel confirmation, etc.).
- Do the message ask for sensitive information?
- Does the “From” email address look familiar?
- Does visible link and actual clickable link are the same?
- Click ‘Reply’ - Does the address in the ‘To’ field match the sender of the message?
- Urgent or threatening language in the subject line
- Are there any silly mistakes (in my case they asked to renew blog.thevaldas.com, from when does domain provider charge you per subdomain?)
Check spam reports, find more information about the sender
- https://cleantalk.org/blacklists/noreply@domainwebnetwork.com
- https://safeweb.norton.com
- Google it - you might find some information from others
Phishing websites look cheap
3. It’s a Phishing scam! What’s next?
Report those bastards!
Google https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Symantec https://submit.symantec.com/antifraud/phish.cgi
Gmail https://support.google.com/mail/answer/8253?hl=en