Written: June 1, 2017

Google phishing address

Google Docs Phishing Scam

I have been using Google Docs (aka Google Drive) for several years now, and it’s another easy to use, cloud-based storage where I can keep important documents for my own business or documents to share with clients and other freelance professionals. Today I received the following email message:

Google Docs scam

Email

At first glance it looks like a legitimate email message, however the subject line includes an email address that doesn’t exist although the domain name is from my own web site.

The big, blue button for View Document links to a phishing web site that has nothing to do with Google:

Google Phishing link

Phishing Link

S0 now I know for certain that this is yet another phishing scam that wants me to click a bogus link and end up at some web site that will steal my username and password. The second clue that this email is a phishing scam is the From address:

Google phishing address

Phishing address

So, be safe today when you receive an email like this one purporting to be from Google Docs, when in fact it is really a phishing scam trying to steal your username and password instead. When in doubt about an email check for these signs:

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Apple ID

Apple Phishing Scam

I do own a few Apple products in my business:

So today when I received the following email it looked legitimate:

Apple ID

Apple ID

The first clue that this email may not be officially from Apple was that it started with Dear Customer, instead of using my first and last name. I next clicked on the From field in the email to see who actually sent the message:

spoof email

spoof email

OK, so now I knew that this wasn’t an official Apple email because the From address didn’t contain apple.com in it’s name. Furthermore, when I hover over the link for Learn More the address was revealing:

Phishing URL

Phishing URL

This is the hacker’s phishing address, not an actual apple.com address.

Even when an email comes from a big name like Apple, do a little checking before clicking any hyperlink, just to ensure your safety and not fall victim to a phishing scheme that is trying to steal your Apple ID and password.

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

LogMeIn

Hackers Phishing for LogMeIn Credentials

It’s Monday morning, so time to get caught up on my emails for the day. Ah, here’s one from a company that I’ve used before: LogMeIn. They have a neat service to allow remote control of computers, quite the time saver so that I don’t have to hop into my car and drive over to a client location and see what is going on with their computer while browsing a web site that I’ve built.

LogMeIn

The actual email looked a bit suspicious to me at first.

Phishing LogMeIn

What caught my eye first was that there was no corporate logo in the email, or a footer with the typical security language.

Secondly, there was no personal information like my complete first and last name or my account number.

The final determination that this email was a hacking using a phishing scheme was the actual hyperlinks, as I mouse over the hyperlinks they go to some hacked web site in Japan, not logmein.com in any way:

Hacker URL

So there you have it, to ensure that an email from a vendor is legitimate look for these good signs:

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

iPad phishing

But I Didn’t Even Order an iPad

I just went through my morning list of emails and there was one message from Self Electronics about the shipment of an iPad. It’s a coincidence that I already own an iPad, however I didn’t order any new iPad.

iPad phishing

The senders of this email set a subject line as if we had been communicating before, adding a bit to the realism of the message. I was curious if there actually was a company called Self Electronics, so I browsed their web site:

self-electronics.com is a scam

So this company doesn’t even have a valid web site, that’s enough info for me to know that this email really was just another phishing scam where they want me to click the link for UPS tracking. The final test of authenticity is found by hovering over the UPS link:

UPS link

So the UPS link is really for some bogus web site, telling me that there is no need to be lured into clicking it.

Remember, a real company will know a lot about you and in their legitimate email it will include info like:

If this trusted information is missing from your email message, then it’s very likely that you are being duped by a phishing scheme or just some shady site trying to sell you something that you likely don’t even need. With a little precaution you can make certain that all of your emails are legitimate.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

domain abuse notice

Two New Email Scams to Avoid

Each morning as I start my work routine the first thing that I do is read the Inbox of my email to see which messages require my attention for the day. Today I received two new email scams that at first blush looked almost legitimate.

Domain Abuse Notice

That email subject caught my attention, because the last thing that I want is a web site that is infected by something malicious, so here’s what the entire email looked like:

domain abuse notice

The English grammar looked OK, however the first clue that this was a phishing scam was their request for me to download something by clicking a link. Any legitimate email would instead be coming from my web hosting provider, and they would have specific details like:

This email is from a domain name called domaincop.net, and when you browse that site something comes up in Arabic letters, so this is not legitimate at all, you may safely delete this particular email.

Email Abuse Report

Ironically this second spam email has almost the identical type of subject line as the first email with a colon and a web site address in it:

email abuse report

The link in the Click Here is for a domain at abusemonitor247.com, which is just another junk content web site. Also notice the international phone number area code. Just like the first email scam notice this one has no customer details:

So the moral of this story is beware of warning email messages that prompt you to click or download a report without any account details. Be smart, be safe.

Tags: , ,

One response to “Two New Email Scams to Avoid”

  1. Christine says:

    Thank you for the information.
    I got the 2 emails today and was just a bit suspicious.
    They almost look real so I was worried.

Leave a Reply

Your email address will not be published. Required fields are marked *

Spotting Fake Domain Name Registration Scams

As a web developer I own my own domain name of www.tualatinweb.com and several others for clients. Almost every week I receive phony email messages from bogus companies asking me to renew my domain name, or else. Here’s a typical example that I just received a few minutes ago in my In Box:

fake-domain-name-registration

After a quick glance it could be a credible email because it has a pleasant heading color of orange, and a big, blue button that they want me to push labeled: Renew Now

As an owner of a domain name it is important for you to keep your real account updated so that your web site continues in service without any embarrassing interruptions or down time. Now, let’s dive in and start taking a closer look to understand why this particular email is a phishing scam and not legitimate.

  1. My Full Name

A legitimate vendor has my full name on file, and they will use it in all email communications. Notice that this email has name or personalization included at all. Strike one.

2. My Account Number

Where is my account number in this email? Not to be found. So that’s strike two, folks.

3. Who are You?

As I hover my cursor over the From email address is reveals that the sender of this email is using a domain name of romconsults.com, which is not my actual vendor’s domain name. And that gaffe makes it strike three. But wait, there’s more.

bogus-email

4. English grammar

They used a very odd phrase, “search engine registration” which makes no technical sense to me. Correct phrases would be “search engine optimization” or “domain name registration”.

5. Renew Now

Hovering my cursor over the big, blue button reveals a strange URL address of www.thedomainregistration.net, which is not the name of any vendor that I do business with.

bogus-url

 

Summary

Trust email only from vendors that you know, where they include your full name, show an account number, have a company logo, and use links to only vendor addresses that you are 100% certain of, otherwise it is a bogus email trying to phish your credentials and cheat you out of money.

Tags: ,

2 responses to “Spotting Fake Domain Name Registration Scams”

  1. Kathy Scott says:

    Very helpful tips, Daniel, and likely applicable to other suspect emails. I’m going to try the ‘hovering’ on some of those just to see what comes up.

    • Daniel Payne says:

      Kathy, thanks, yes these tips help identify other phishing an scam emails. The bad guys are sending out a record number of fake emails, so it pays to be informed and diligent.

Leave a Reply

Your email address will not be published. Required fields are marked *

Mileage header

Yes, that really is United Airlines

In my previous corporate job as a Product Marketing Manager I used to fly around the world for business and so I signed up for the United Airlines mileage program in order to earn free tickets and other perks. This morning I received an email from the MileagePlus United program, or so I thought. Just to be safe I did some quick checking on this email to determine if it was legitimate or just another phishing scheme to steal my identity and mileage points.

First up on the scrutiny list is just the heading of the email message itself:

Mileage header

This header showed the correct last four digits of my account number, and they also personalized the email by using my first name in the message. These are both excellent signs that the email is legitimate, because the bad guys typically don’t have this level of information about you, maybe they would know my first name but certainly not my account numbers unless United had been hacked.

Next up is the actual link that they want me to click on:

United sign in link

That link address appears when I hover my mouse over the sign in, and it clearly shows a trusted address of: news.united.com

Near the bottom of the email is a button, so I check out the link address for Learn more.

United, Learn more>

Once again, this link is OK because it contains: news.united.com. This is a trusted address that United Airlines does own.

United is a big company, so they always have a lot of legal text in the footer:

United footer

The final check is looking at the From address in this email:

United, From address

That address of news.united.com is also OK, because it contains united.com, a trusted web address.

I also noted that the message itself was written in American English, and that the spelling was proper, the grammar was correct, and that the message made sense instead of being computer generated gibberish.

Well, there you have it, doing a little extra checking on official-looking email messages is worth the effort to validate that this was a legitimate email from United Airlines.

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

PayPal scam

PayPal and Fubar

I signed up years ago for PayPal because it was an easy way to make and accept payments online at sites like eBay, so when I get an email from PayPal I do pay attention. At first glance this email appears to be legitimate because of the layout, PayPal logo, and boilerplate footer content.

PayPal scam

My first suspicion came about because this email didn’t have my First and Last name included, and I know that PayPal always uses that information when they communicate with me. Secondly, when I hover my mouse over the link for try again it goes to some other website not related in any way to the real PayPal:

Try again

 

Same problem with the second link for send us an email, it doesn’t go to a PayPal site.

send us an email

 

The final detail to reveal that this is really just a phishing scheme designed to steal my credentials is the Login button:

send us an email

Double check any email supposedly coming from PayPal, and if the links don’t have paypal.com in them, then it’s just another phishing scheme to steal your identity.

There is a new site called Fubar that is supposed to be an online bar and Happy Hour, and I started to receive emails claiming to be from Fubar that looked rather plain:

Fubar

Since there were no graphics, no logos and not much formatting I decided to check out the links by hovering my mouse over fubar.com:

fubar link

Sure enough, yet another phishing scam because the link has nothing to do with fubar.com. Besides, my drinking and dating days are long gone as I am 27 years sober and married 33 years.

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

PayPal Phishing

Yet Another PayPal Phishing Scheme

I’ve been a user of PayPal since the very first days, enjoying how easy it is to send and receive money by email using my credit card or bank accounts. With success comes imposters who want to trick you into believing that they are PayPal, when in fact they are scammers sending out official-looking emails that look a lot like a real PayPal message. Here’s an email that I received today from a scammer:

PayPal Phishing

The logo looks official, but there are a few things that stand out to tell me that it’s a phishing scheme instead:

  1. The from address should be service@paypal.com, but it isn’t.
  2. The first letter in the first sentence isn’t capitalized.
  3. The spacing on the sentences and paragraphs aren’t right
  4. They don’t show my first and last name.

The final two clues that this is a fake are the From email address:

From PayPal email

And the hyperlink in the email is not going to any secure paypal.com address:

PayPal hyperlink

So the moral of this story is to continue using PayPal, however just double check any email from a financial institution like PayPal before blindly clicking the hyperlink. If I were to click this phishing hyperlink I’d end up at a site that would request my login credentials, giving them directly to the bad guys, who would then probably lock me out of my PayPal account and siphon off any of my PayPal funds or worse yet, get into my linked banking accounts.

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

WFB phishing

Banking Phishing

Both my business and personal banking are online, saving me time and effort to run my company and personal finances. Getting an email alert from a bank can be a bit dramatic, as I found out this morning when the following message arrived.

WFB phishing

At first glance this appears to be an official email from Wells Fargo Bank, but upon closer inspection a few things didn’t look quite right to me:

The final detail to help me realize that this was actually a phishing scam was that hovering my cursor over either button showed that the link was not going to www.wellsfargo.com, but rather another phishing web site that would certainly try and steal my real username and password to break into my real account.

Be very suspicious of any email from a financial institution like a bank, because you need to be 100% certain that the email is coming from your trusted vendor and not a scammer trying to steal your identity.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Blog Tags

Recent Posts

Blog Directory & Business Pages at OnToplist.com