Author Archive

It may look like an official UD notice–but it’s a scam.

Email claiming that there’s been an update to UD email update is a scam. Click the smaller image for a larger version.

How can you tell?

If you read carefully, you’ll see that the email talks about UD Webmail and apparently gives a URL for use by UD Exchange users. Further, if you are using a computer, you can hover your mouse over the links and see that they really would take you to a pharming site to harvest your UD Account information.

Oh, look! The email warns you, “Beginning on Wednesday, March 27th, 2012, the new webmail application becomes the default for all users.” But today is Wednesday, March 27, 2013.

And they got the URL wrong for the IT Support Center. And that fake URL would lead to the pharming site anyway.

See this message or one like it? Just delete it. Log in to the UD email service you use in the usual way to check on your account. Alternatively, contact the IT Support Center if you have a question.

Think B4 U click!

 

Comments Comments Off

PayPal says I paid WHAT!?!

Click to view larger image.

Don’t fall for it. The immediate reaction may be to click one of the links in the email, but avoid this temptation. Clicking could lead to a page, where you unknowingly type in your PayPal password because you think you are logging into PayPal.

Instead, open a new browser window and manually type the PayPal URL [paypal.com] to ensure you access the real site. After logging into your account, check your transaction history. If something is off, contact PayPal using the methods available on the legitimate PayPal web site. DO NOT use the methods in the phishing email, unless the charge was legitimate.

Though this email looks legitimate, let’s look at some of the obvious indicators that it is a phishing scam:

  1. All of the links in the email are the same. Therefore, no matter where you click you’ll end up right where the scammers want you to be.
  2. PayPal’s email address in the “From” section is NOT a PayPal email. Typically, email from PayPal use service@paypal.com or member@paypal.com [see image #1]
  3. A PayPal receipt always includes the recipient’s shipping address. However, in this example, the scammers only included the seller’s shipping address. [see image #2]
  4. A big warning sign should be the product listed as purchased. If you know you didn’t buy it–or spend that much money on anything using PayPal–or don’t even have a PayPal account, be weary of anything inside of that email.
  5. PayPal will use your name in the email when addressing you (i.e. “Hello Jane Smith”–not your email address).
  6. The information in the footer of the email is different from the information PayPal uses in the footer of their transaction receipt emails. [see image #3 for the CORRECT footer info.]

#1: Not a typical email address used by PayPal

#2: That is definitely not my address!

#3: This is what a REAL PayPal email footer looks like.

Comments Comments Off

Cramming, also known as SMiShing, is a fishing scam via text message. By replying to one of these messages or clicking a link in the message, you may be authorizing these scammers to charge monthly fees to your wireless phone bill.

As with many other forms of phishing scams, the offer or message may sound legitimate, but you should always double check before clicking a link in a suspicious message from an unknown number. If you are not sure, Google the URL before clicking it and review the results.

Here is a vague text from an unfamiliar number, but could be considered harmless if you have a friend named Jennifer.

 ”Jennifer said to send this to you http://bit.ly/SLfdB9

After googling the link, it turns out many other people received the same message.

After Googling the bit.ly link, the only results are scam reporting forums and phishing reporting websites.

But it is not just links that can result in unwanted monthly charges, also beware of replying to SMS messages from unfamiliar numbers. Some messages even state that by replying “STOP” that all charges and SMS services will ceases, however this is not always true. If the message is a cramming text then by replying you are actually submitting to these unknown charges.

To avoid SMiShing, keep track of what services you use or subscribe to on your mobile device and be cautious when providing your cellphone number over the internet.

Also, take a closer look at your monthly bill; these unauthorized charges may be disguised as a third-party service such as “news alerts,” “app subscription,” “tax” and, Attorney General Biden reports in Delaware Online that it could be, something as inconspicuous as “premium messaging.” Usually the charges will be minimal, from a few cents to $10 or more. These charges are meant to be indistinguishable from other charges or subscriptions you may have on your wireless mobile device.

Comments Comments Off