Award-winning web development since 1995
Written: August 13, 2020
Landing in my email inbox this morning was a respectable-looking message that had a SharePoint logo at the bottom of it, but I suspected that it may be a Phishing scheme to steal my identity.
I didn’t fall for this Phishing scam by clicking the Orange button labeled Open, because of several factors:
On closer inspection if I just hover my cursor over the Open button it reveals where this Phishing email wants to send me:
That web address is not really legitimate, because a real address would be something like www.ionos.com, not mail-ionos.fa523.web.app.
Be suspicious of every email sent to your address, because these Phishing schemes are intended to send you to a fake web site where they will steal your username and password combination, then take over your digital identity on one or more web sites. Use some of the techniques that I listed to determine if this email message is real or Phishing.
Tags: phishingI receive lots of spam and unwanted email messages every day, which does slow down my business productivity because some of it reaches my inbox where I need to make a decision to read it or delete it. Today I received an email with subject line: Tualatin Web Voice Receiver for Daniel. OK, so that identifies my business and first name, sounds like an OK message, except for the grammar is odd with the word Receiver.
I don’t know the sender, Alicia Madison, and the message body contains no business name, but it does have my first and last name. My Android phone has voice mail and my home phone also has voice mail, but they don’t send out email messages like this, so I’m quite suspicious.
When I click on the sender address it reveals: voice@alignerreminder.com
I don’t have an account with alignerreminder.com, so I’m pretty sure that this is yet another phishing attempt to steal my login credentials. When I hover over the blue button, it links to some address at alignerreminder.com, a web site that doesn’t even load in a browser.
This was yet another phishing scheme that wanted me to click the Blue Button and then login, stealing my credentials that would be used to hack some other legitimate account, assuming that I used the same password, a big no no in the security world.
Take caution with email, any legitimate email from a trusted vendor will have properties like these:
I’ve been using Dropbox for years as a way to save all of my Invoices and PDF user manuals in the cloud, it works across all of my devices: Laptop, iPad and Android phone. An email today was suspicious because it claimed to be from Dropbox, but ended up in my junk email folder.
At first glance it has nice formatting with an outlined box, and a pretty blue button called “View file”, but several things jumped out at me screaming scam:
Hopefully, you will also be suspicious of email that ends up in your Junk folder, although about 1-2 legitimate emails sent to me daily do wind up in the Junk folder by mistake. Just keep vigilant with all email messages, especially when they have a link or button for you to click. Just hover over that link and see what the address is before clicking it.
An email just came in today warning me about: Undeliverable emails to your inbox. At first glance the message looked like it was auto-generated, but I knew that my email hosting is through ionos.com and nothing in this message had ionos.com listed.
My first response was to click on the From email field to see if this was coming from ionos.com:
So the aortiz@faciteck.com address isn’t ionos.com, so I’m 100% certain that this is yet another phishing scam, designed to lure me into clicking some link in the message. If I examine one of the message links by right-clicking, I can copy and then paste the link.
http://awaitingpickup.com/wp-images/chambs/neww/Auto/index.php?email=daniel@tualatinweb.com&&domain=https://tualatinweb.com
So I know from looking at this link that the phishing hacker wants to send me to another web site where they have compromised the site and added their own malicious code. The moral of the story is to be suspicious of all email messages sent to you, especially if:
As a courtesy I did visit the infected site at http://awaitingpickup.com and used their Contact form to alert them to a hacked web site, so hopefully they will believe me and then hire a professional to clean up the infected folders and files, then adding security to harden their site, making it more difficult for hackers to exploit their site.
Tags: phishingAnother quick alert to an email phishing scam just received today, because it actually looks pretty legitimate at first glance.
Official logo, proper phone number, but ah, that Customer ID is just my email. Scrolling down to see the rest of the email, it looks official enough.
Hovering the cursor over the Green button reveals an address not at all related to godaddy.com, so we know it’s a phishing scam.
Another clue that this email is not legit, is to click on the From address and look for an address with godaddy.com suffix:
So this phishing scam had all of the telltale signs of a fake:
Phishing scams lure you into clicking that link in the email, then you land on a bogus page that collects your real account identity. Be smarter than the identity thieves, and double-check all email before clicking any links.
Tags: GoDaddy, phishingWe all have online accounts and the process of providing a username and password is quite commonplace, but exactly how strong is your password? Just today on LinkedIn I received a message from a confirmed contact that is also freelance, and it talked about an opportunity, but somehow the message didn’t look quite right to me:
First of all, we know each other, but the wording sounded formal and unlike the person. Secondly, the link was going to something on Amazon Web Services and the page just didn’t look legit:
Finally, clicking the link to Open File brought me to yet another insecure page, that was phishing for my Microsoft credentials:
At this point I was 100% certain that this was a phishing scam, but how did that message get sent within LinkedIn in the first place?
I did a quick text message to my freeleance contact and quickly confirmed that he did NOT send me a message on LinkedIn, rather a hacker had guessed his password and used his account to send out this message. My contact was able to change his LinkedIn password, thus securing control of his account and locking out the hacker.
Moral of the story? Well, if something in a LinkedIn message seems off, or not like the personality of your contact, then confirm before proceeding. When you confirm with your contact, use either email or text, not LinkedIn, because the hacker is logged into the victim’s account and will try to assure you that all is well, when in fact all is not well.
Tags: LinkedIn, phishingHackers often send me phishing email messages in order to trick me into clicking a link, then trying to login to their fake web page, stealing my login credentials in the process. So how do I keep safe from such attempts?
Just this morning I received an official-looking email, claiming to be from Navy Federal Credit Union.
This email has a beautiful layout, official logo, pleasant stock photo, even nice fonts, so at first glance it looks legitimate, but being suspicious I begin to notice the telltale signs of a phishing scam:
Clicking on the sender’s email address is always the defining identity test.
OK, so even the sender’s email address is bogus, because shuttleplanet.com is not navyfederal.org. The final determination that this is a phishing scam is that pretty, Orange button that they really want me to click, so just hovering my cursor over it reveals that the link has nothing to do with navyfederal.org:
There you have it, I know with 100% certainty that this is a phishing email, not a legitimate one, however the sender was clever in making this email appear to be real with use of a beautiful layout, nice fonts and official logo. So be wary of email messages that invite you to click a button or click a link, because it just may send you to a hacker site that steals your login credentials instead.
Tags: phishingI receive dozens of emails daily, yet I approach anything that reaches my In Box with some skepticism because there are hackers out there that want me to click an email link, then trick me into entering my login credentials on a bogus web site. Today the follow message popped into my In Box, reportedly from American Express:
The subject line looked ominous: Ticket ID #1501K7505F0. My first clue was that I don’t have an American Express account.
Secondly the opening line in the message is: Dear valued member
A real email from American Express would have:
Looking at the from address it shows:
So I know that the sender is not legitimate, because the real address would be something like info@americanexpress.com, not web@online.de
Finally, just hovering my cursor over the Click Here link reveals that this phishing link has nothing to do with www.americanexpress.com :
So I know with 100% certainty that this email is not legitimate, rather it is a phishing attempt to lure me into clicking the link. Don’t be fooled by every email that comes into the In Box, instead, do some of this quick checks to verify that the email is legitimate before clicking any link. This is how to stay safe and yes, it does take away from your product work day.
Tags: phishingMy web site is hosted at 1&1, recently renamed to IONOS after a merger, so I pay attention to email that comes from that trusted vendor in case there’s an issue with web hosting services. Today in my Junk mail folder there was a message that had the proper blue logo colors from IONOS:
Apple mail is pretty good when it comes to filtering out unwanted email, but maybe 1 in 100 Junk messages are actually real messages that I need to pay attention to. The first two words of the email message are “Dear Customer“, however I know from experience that IONOS does know my first and last name, plus they know my account number, so a legitimate email message would have those listed to verify authenticity.
The first paragraph starts out with the word “we”, which is supposed to be capitalized, so I’m already 100% certain that this is a phishing email designed to trick me into clicking a link, then stealing my login identity. As I continue to read the message their are typos and misspellings, so yeah, this is not a very bright phishing scheme.
Finally, the link that the malicious schemers want me to click is revealed to be bogus as I hover my cursor over it, revealing the true destination:
So, I wasn’t fooled by this phishing email and hopefully you too can become more vigilant when looking at email messages that arrive either in your Inbox or Junk mail folders. The bad guys are getting more sophisticated in impersonating legitimate vendors by copying their colors, logo and fonts.
A real vendor always identifies your account number, first and last name, plus their links are at a trusted site that you already have used before.
Tags: IONOS, phishingSeveral times per week I receive official-looking emails from what appears to be a trusted company or email sender, so today I just received an email using a From Name of “DocuSign Signature”, which is a little odd because most email messages have an actual person’s name in the from field.
On first glance this email appears to be legitimate because of the logo, header, grammar and fonts used. Being suspicious the first step that I take is to click on the From Address to see who was sending the email, or at least pretending to be:
Bingo, the From Address is not coming from @docusign.com, instead it is coming from @srcpro.com, so I am 99% assured that this is yet another Phishing scam to entice me to click a link and end up at a site to steal my login credentials.
A second, but more subtle indicator that this is a scam email is that the message isn’t centered on the page, or left-justified. It’s centered off to the right, which a real corporation like DocuSign would never allow to be sent out.
A third point, if I just hover my cursor over the enticing button, Sign Invoice, it reveals a totally bogus and very unsafe web address:
Finally, the content of the email starts out with, “Dear Recipient” which is always a symptom of a phishing scam. A real invoice from DocuSign would have my complete First and Last Name, plus a known Account Number. This email has none of my account details, so it’s a scam, and I should never click the Sign Invoice.
So, stay safe with your email, be on the guard for clever phishing scams like this one that can at first glance appear to be legitimate, but with a few seconds of double-checking turns out to be unsafe.
Tags: phishing
©2020 Tualatin Web LLC. All rights reserved. |
Payment |
Web Hosting |
Privacy |
