Phishing Scams Seen at UD

So far this fall, UD has seen plenty of phishing scams, but not a lot of new ones. We’re using Black Friday to remind you about some of the common shopping and shipping scams you might see during the holiday gift-shopping season and giving you some resources to help you tell which email is fraudulent and which is authentic.

If it looks too good to be true, it probably is a scam.

Have you seen email making an outrageous claim (“Click here to get a new iPad for 69 cents!”)? Sometimes email like that carries malware that will infect your computer, perhaps to gather information about your Web browsing, perhaps to take control of your computer and make it part of a botnet. Sometimes, it will lead to a series of questionnaires or Web sites designed to harvest your personal information.

See an offer that sounds too good to be true? Delete it.

Holiday shopping means holiday eBay scams.

During the holiday bargain hunt, some people fall for a variety of eBay scams. Consult eBay’s Security Center for official information about avoiding fraud on eBay.

One of the best user-published guides to eBay scams has been published by the merchant Pennant Palooza. This guide offers information about fake second chance offers, phishing and other email scams, hijacked accounts, and other eBay-related frauds. Here is one excerpt describing a new form of eBay fraud:

The scammer will create a fake eBay page making it look like an auction listing. Then the scammer will send real email through eBay asking [a] seller if the item he has for sale is similar to “this one.” The seller is directed to the fake page where he has to sign in. When [the seller] signs [in to] the fake eBay auction, the scammer will have the seller’s ID and password. Answering buyers’ questions will increase sales, but you have to be very careful and question all emails.

Package scams

Last year, we published some sample package delivery scams. This year’s holiday shopping season will include even more of these scams. Rather than post more samples, this year we’re posting links to the fraud protection pages at major shipping companies:

• DHL Fraud Awareness and Protection
• Fed Ex Customer Protection Center: Defending Against Fraud (Includes samples of fraudulent email.)
• UPS: Fight Fraud (The Learn to Recognize Fraud section includes samples of fraudulent email and Web sites.)
• US Postal Service (USPS) Guide to Preventing Mail Fraud

You can see more information about malware and viruses contained in fraudulent package delivery notices at the Snopes.com Web site.

Not sure whether a message is authentic or fraudulent?

• Review the information linked from this site for samples and tips.
• Check with your department’s IT professional for assistance.
• Contact the IT Help Center.

Superficially, this phish looks convincing. A lot of us shop at amazon.com using an American Express card. Oh, no! We’re in trouble! Only if any of us click any of the links in this message.

Look at this message for about 10 seconds and it becomes apparent that it’s just another rotten phish.

• Sent to a list of addresses. Real banks and credit card companies do not do that. They know that it’s a security breach to expose customers’ email addresses to other customers.
• Bad links: hover your mouse over either of the two links in the message body that allegedly go to an American Express site. As the screen shot below indicates, they will take you to an identity-harvesting site. Actually, three of the links in the footer will also take you to non American Express Web sites.
• Message content: Do not click any links in this email message. If you are an American Express customer, instead, in your web browser, go to the standard credit card site where you usually log in, log in there, and look for a secure message to you from your credit card company.

Even though this phish has the stolen logos and a serious looking footer, if you just pay attention for a few seconds, you’ll draw the proper conclusion: Just delete the message!

Study this message for a few seconds and you'll see it's another rotten phish. Delete it.