In fact .. Mail providers never actually send people important messages for any reason really .. you must be expecting an e-mail from your service provider to examine the message at all i think :)
Posted by: Mr On Line at July 27, 2010 5:33 PM
I've gotten some very professional phishing emails. One for example was purporting to be from PayPal. It was flawless and when I clicked on the link, it sent me to a great replica of the real PayPal website. I filled in some fake log on data, and when I clicked log-in I immediately was sent to the real PayPal log-in page. This would have raised very few suspicions as the person trying to log in would most likely thing they just got their password wrong and try again. Bottom line: assume all "Official" e-mails are suspect and NEVER EVER click on a link in an "Official" e-mail.
Bank of America sends me a monthly e-mail telling me to click on a link to download my monthly statement. This is legit but stupid. I've e-mailed them about this warning them that they are sending a bad signal to their customers, but they, being a know-it-all multinational, ignored me. Anyway, even though I know it's legit I still log in through a bookmark I've saved so as not to get into a bad habit. Let's just hope the phishermen don't figure out how to spoof bookmarks on your browser.
Excellent advice.
29-Jul-2010
Posted by: Mark Jacobs at July 28, 2010 1:38 AM
I, being the owner of numerous domain names, get literally dozens of these e-mails, supposedly from "support@my.domain". That makes it immediately obvious (hopefully) to anyone who owns their own domain.
You forgot to mention that many of these scams include a Windows executable, or a link to download one which, hopefully, would never be done by any legitimate provider.
Mark Jacobs... Does the bank at least give you some "personally identifiable" information in the e-mail? For example, e-mails from my bank include my full name, and e-mails from my credit card companies include my name as it appears on the card and the last 4 digits of the account number.
I recently wrote some similar articles on my blog. (I don't think including this link is disallowed here, as it's a single link to a related article.)
Interestingly, the first clue I spotted was "problem's", possessive instead of plural. I guess I am just a grammar geek.
Posted by: Digital Artist at August 3, 2010 9:26 AM
As the first comment suggests, I make a point of filling in rubbish information when I recieve such emails. When I say rubbish, i mean something that looks credible but completely fictional.
As a trained software engineer, I was taught that there is only one thing worse than loosing data and that's 'Bad Data' i.e. not knowing if your data is good. If everyone who received such emails took it upon themselves to fill in a single entry of rubbish it might make the task of spotting hacking attempts by the likes of GMail easier.
Posted by: Jeff Bowman at August 3, 2010 9:36 AM
I am STILL amazed that people fall for this stuff. Simply put, if you don't recognize the sender, you should just delete the thing. Any "real" email program will send it to the spam folder anyway. And on THAT matter, why are people STILL writing to Leo about their stupid Hotmail/Yahoo/Gmail accounts??? They're free (you get what you pay for, so don't use them for important email, use the email that your ISP provided you for important email (which ISP doesn't provide at least 7 email addresses nowadays)). There is NO customer support with free services, so why should Leo continue to waste his time answering the SAME questions week after week??? How do some people make it through the day??? lol.
Posted by: Carl R. Goodwin at August 3, 2010 12:32 PM
What Leo didnt mention -is if you get an email like this that is suspicious, you should call your bank -or use your own link for your bank -or whatever company the msg. is supposed to be from. They will set you straight as to whether the email msg. is a fraud -or not.
Posted by: Lee Doan at August 3, 2010 3:06 PM
LOL!!!!!
Forgive me the laughter. But I literally laughed out loud, because I could tell -- just from the title -- that this E-Mail was totally bogus. LOL!!!!!
It's the exclamation marks what give it away, dude.
Nobody, and I do mean nobody, sending a serious business E-Mail, is going to send a subject line with five exclamation marks in it... like, LOL!!!!!:)
Posted by: Glenn P. at August 3, 2010 4:03 PM
Your response to this rather clumsy phishing expedition is amusing, but it does not address my concern: If I receive an e-mail request from an organization that I really do business with, and it appears to have no grammatical or formatting errors, should I respond to it? These phishers will, eventually learn how to write well. Should I simply ignore e-mail messages form my financial institutions?
If you're even the slightest but uncertain, a) delete the mail, b) visit the web site of the service yourself by typing in the URL yourself or using your own bookmark. Most often if there is a legitimate issue it'll be presented when you login. Finally, you can always contact the bank or service directly by phone - they'd much rather have you do that than fall for a phishing attempt.
In summary: never click a link in or reply to email unless you're positive it's legit.
09-Aug-2010
Posted by: Chris Marlowe at August 7, 2010 3:04 PM
You wrote:-
•"We Here at MSN ..." - multiple grammar errors, odd capitalization, odd line breaks are all great signs that this is a comtpletely bogus email.
.. but omitted to also mention "incorrect use of apostrophes", such as :-
•": Dear Member." - .... Hotmail has never referred to it's users as "Member" either.
OBviously bogus.
"It's" is the abbreviation for "it is".
The possessive is "its"
Comments
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
In fact .. Mail providers never actually send people important messages for any reason really .. you must be expecting an e-mail from your service provider to examine the message at all i think :)
Posted by: Mr On Line at July 27, 2010 5:33 PMI've gotten some very professional phishing emails. One for example was purporting to be from PayPal. It was flawless and when I clicked on the link, it sent me to a great replica of the real PayPal website. I filled in some fake log on data, and when I clicked log-in I immediately was sent to the real PayPal log-in page. This would have raised very few suspicions as the person trying to log in would most likely thing they just got their password wrong and try again. Bottom line: assume all "Official" e-mails are suspect and NEVER EVER click on a link in an "Official" e-mail.
Bank of America sends me a monthly e-mail telling me to click on a link to download my monthly statement. This is legit but stupid. I've e-mailed them about this warning them that they are sending a bad signal to their customers, but they, being a know-it-all multinational, ignored me. Anyway, even though I know it's legit I still log in through a bookmark I've saved so as not to get into a bad habit. Let's just hope the phishermen don't figure out how to spoof bookmarks on your browser.
29-Jul-2010
Posted by: Mark Jacobs at July 28, 2010 1:38 AM
I, being the owner of numerous domain names, get literally dozens of these e-mails, supposedly from "support@my.domain". That makes it immediately obvious (hopefully) to anyone who owns their own domain.
You forgot to mention that many of these scams include a Windows executable, or a link to download one which, hopefully, would never be done by any legitimate provider.
Mark Jacobs... Does the bank at least give you some "personally identifiable" information in the e-mail? For example, e-mails from my bank include my full name, and e-mails from my credit card companies include my name as it appears on the card and the last 4 digits of the account number.
I recently wrote some similar articles on my blog. (I don't think including this link is disallowed here, as it's a single link to a related article.)
http://blog.runonfriday.com/2010/07/do-people-really-fall-for-this-part-2/
Posted by: Ken B at July 29, 2010 1:00 PMInterestingly, the first clue I spotted was "problem's", possessive instead of plural. I guess I am just a grammar geek.
Posted by: Digital Artist at August 3, 2010 9:26 AMAs the first comment suggests, I make a point of filling in rubbish information when I recieve such emails. When I say rubbish, i mean something that looks credible but completely fictional.
Posted by: Jeff Bowman at August 3, 2010 9:36 AMAs a trained software engineer, I was taught that there is only one thing worse than loosing data and that's 'Bad Data' i.e. not knowing if your data is good. If everyone who received such emails took it upon themselves to fill in a single entry of rubbish it might make the task of spotting hacking attempts by the likes of GMail easier.
I am STILL amazed that people fall for this stuff. Simply put, if you don't recognize the sender, you should just delete the thing. Any "real" email program will send it to the spam folder anyway. And on THAT matter, why are people STILL writing to Leo about their stupid Hotmail/Yahoo/Gmail accounts??? They're free (you get what you pay for, so don't use them for important email, use the email that your ISP provided you for important email (which ISP doesn't provide at least 7 email addresses nowadays)). There is NO customer support with free services, so why should Leo continue to waste his time answering the SAME questions week after week??? How do some people make it through the day??? lol.
Posted by: Carl R. Goodwin at August 3, 2010 12:32 PMWhat Leo didnt mention -is if you get an email like this that is suspicious, you should call your bank -or use your own link for your bank -or whatever company the msg. is supposed to be from. They will set you straight as to whether the email msg. is a fraud -or not.
Posted by: Lee Doan at August 3, 2010 3:06 PMLOL!!!!!
Forgive me the laughter. But I literally laughed out loud, because I could tell -- just from the title -- that this E-Mail was totally bogus. LOL!!!!!
It's the exclamation marks what give it away, dude.
Nobody, and I do mean nobody, sending a serious business E-Mail, is going to send a subject line with five exclamation marks in it... like, LOL!!!!! :)
Posted by: Glenn P. at August 3, 2010 4:03 PMYour response to this rather clumsy phishing expedition is amusing, but it does not address my concern: If I receive an e-mail request from an organization that I really do business with, and it appears to have no grammatical or formatting errors, should I respond to it? These phishers will, eventually learn how to write well. Should I simply ignore e-mail messages form my financial institutions?
In summary: never click a link in or reply to email unless you're positive it's legit.
09-Aug-2010
Posted by: Chris Marlowe at August 7, 2010 3:04 PM
You wrote:-
•"We Here at MSN ..." - multiple grammar errors, odd capitalization, odd line breaks are all great signs that this is a comtpletely bogus email.
.. but omitted to also mention "incorrect use of apostrophes", such as :-
•": Dear Member." - .... Hotmail has never referred to it's users as "Member" either.
OBviously bogus.
"It's" is the abbreviation for "it is".
The possessive is "its"
But you knew that.
Posted by: Robin Clay at August 17, 2010 9:16 AM;-)
To post a comment on "Is this "Account updates!!!!!" email legitimate?", please return to that article's main page.