I just got an interesting phone call. The caller ID showed me 800 number – (800) 344-3089 – telling me that I had just won $200. That’s pretty sweet. I could use some money.
Sadly, this seems like a vishing scam; we’ve previously discussed similar incidents. It was an automated caller, and it tried to direct me to attbonus200.com to claim my money. That doesn’t seem legit, and I’m not going to risk a laptop and my identity for a $200 “freebie.” The laptop and all my data are worth more.
That’s right. Flying phish.
The newest phishing scam is an email claiming to come from British Airways. It tells you your recent ticket purchase is complete, and it gives you links to what appear to be an electronic copy of your new ticket and the customer service desk.
However, the links will actually attempt to download malware and spy on your data.
For more information about this scam, read Graham Cluley’s article, British Airways e-ticket malware attack launched via email.
As the snow and ice at UD begin to melt, more phish are making their way here.
Pretty standard stuff. First, if this actually came from whoever manages your email, it’d have your name on it.
The link goes to tripod.com, which is a pay-to-use web hosting service. UD systems are hosted on udel.edu. No system emails will ever come from pay-to-use domains, so beware of links to outside sites.
Now, after you’ve read the email, you’ll realize the subject and content don’t match. If your mailbox was almost full, why would the email content warn you about suspicious account activity?
To top it all off, there are plenty of spelling and grammatical errors throughout. For example, “with 24hour” (oh, time limits are another common phishing trick; they create a false sense of urgency).
It’s best to let phish like this swim past you. For more posts about scams like this one, check out the Email Accounts category on this blog.
This morning, some standard phish were swimming into UDel inboxes. Here’s a screen shot of one that amazes me — not a particularly good one, but the scammers find that it still works:
Click the image to see a larger version.
We’ve highlighted some of the tell-tale signs, so that even if you didn’t know your email quota is higher than that mentioned in this scam, you can see what to look for. The non-UDel URL you see when you hover your mouse over the link is a dead giveaway. Ditto getting email about your email from someone at “snead.edu.” And why would UD be sending you email with the word “Warning” marked as a trademark? And marked as copyrighted by Microsoft?
Speaking of reminders, the SANS tip of the day at the website is a succinct summary of what to look for in phishing scams. It also includes links to two quizzes to help you see if you can recognize a phishing scam:
- Washington Post Phishing Quiz
- SonicWALL Phishing IQ Test
Two fun quizzes to improve your “Phishing IQ”!
Bottom line: When you get email with a link in it or asking for personal information or telling your to “click here” to fix a problem with your account, take a minute to examine the message. Think B4 U Click!