Oh, no, I’ve received email that my Wachovia Bank account has been suspended!

This phish would be moderately effective if it didn’t refer to a bank that no longer exists! Wachovia was bought by Wells Fargo over a year ago. Besides, as the screen shot below indicates, the link in the email message does not go to a Wells Fargo (or Wachovia!) address.

Just delete it.

Phishing scam allegedly from a bank that no longer exists!

Phishing scam allegedly from a bank that no longer exists!

Comments Comments Off

Don’t ever respond to email like this.

  • We’ll never ask you to send us your password and date of birth.
  • This phishing scam is clearly not from UD. Look at the from and reply-to addresses.
  • We’re not perfect, but we try to send out email without sentences like this one:
    Effective from the moment this email his been received
    and response received from you.

Just delete it.

Date: Sat, 17 Dec 2011 09:32:24 -0500 (GMT-05:00)
From: "Udel.edu Webmail Services" 
Reply-To: "Udel.edu Webmail Services" 
Subject: Udel.edu Email Notification

This message is from udel.edu messaging center to all
udel.edu email account owners,we are removing access to
all our Webmail clients.

Your email account will be upgraded to a new enhanced
webmail user interface provided by udel.edu.

Effective from the moment this email his been received
and response received from you.

Udel.edu will discontinue the use of our udel.edu
Webmail and our udel.edu webmail Lite interfaces.

To ensure your e-mail address book is saved in our database
kindly enter your details filled below:


And send it back to us, which will enable us to transfer
your contacts to our new Webmail client database.

All e-mails will be safe in this transition! All your old
email will still be there and you will have new unread
messages waiting for you. We are confident that you will
like the new and improved webmail interface.

Failure to comply with this immediately will remove your
access from our udel.edu database.

Thank you for using udel.edu.

Yours Sincerely,
Udel.edu Webmail Services

Comments Comments Off

Verizon recently sent out a phishing warning to many of its customers.

Recent phishing email has gone out with the Verizon logo and a link that LOOKS like a legitimate link. However, when you follow the link you go to a “pharming” site–a web site designed to harvest your personal information for criminal purposes–in this case, your bank account or credit card information.

After including an image of one of the recent scams, Verizon provided some very sound advice and announced a change in their policy (Emphasis added.):

To avoid getting hooked by such bogus emails, here are some tips to help safeguard your personal information:

  • Do not open suspicious emails. Look for misspellings, awkward requests or inconsistent grammar.
  • A Web site link included in an email can make getting to a Web site easy, but it can also be used to send you to a malicious Web site.
  • If you have doubts about the authenticity of an email, do not click on any links in the email – instead, type the Web site or Web page address into the ‘address bar’ of your browser.
  • Never type sensitive personal information, such as social security and/or driver license numbers or account numbers and/or passwords, in a reply email.
  • Use spam filters to block suspicious emails.
  • Use anti-virus and anti-malware software to automatically detect and eliminate malicious software.
  • The best practice when you find a phishing email is to either immediately delete it or report it to the company or organization being impersonated. Like Verizon’s abuse@verizon.net mailbox, many companies have set up an ‘abuse’ or ‘security’ mailbox to receive those reports and provide customer assistance.

Finally, in order to provide you with additional confidence in Verizon alert messages going forward, Verizon will be removing live ‘clickable’ links from any alert messages we send you regarding payment processing problems or credit card and/or bank account issues. You can continue to access and make changes to your account any time of the day or night at www.verizon.com.

We quote the Verizon email at length because it provides such good advice and because it announces Verizon’s new policy NOT to include links in a variety of different billing and customer service email messages.

Stay safe. Keep deleting those phishing scams.

Comments Comments Off

A lot of UD folks have email accounts at Yahoo!, Google, or Hotmail for things like shopping and personal correspondence. So this phish, seen in a Yahoo! email account, could be relevant. Notice how this one contradicts itself–it claims your account has had new anti-virus software applied, but says you need to send in your account info (including your password) to “prevent spread of the virus.”

Remember, no legitimate entity will ever send you a request to reply with your complete account information (password, account, birth date, etc.).

See email like this? Just delete it.

Dear Yahoo!® Mail Subscriber,
Virus Notification
A DGTFX Virus has been detected in your yahoo.com folders.
Your email account has to be upgraded to our new Secured DGTFX
anti-virus 2011 version to prevent damages to our web mail log
and to your important files. Click your reply tab, Fill the
columns below and send back to us or your email account will
be terminated to avoid spread of the virus.
User name: 
Reconfirm Password:

Note that your password will be encrypted with 1024-bit RSA
keys for your password safety.
All Yahoo.com User Should Reply Now !!! 
Failure to do this will immediately render your Web-email
address deactivated from our database.
Thank you for your co-operation.
Warning Code :ID67565434
Yahoo Account Support.
Copyright ©2011

Comments Comments Off

Last month, we talked about fake notices that an electronic payment has failed. Well, these phish are really multiplying. One IT staff member received 43 (!) messages like that in the past week.

Even if they have the NACHA logo and are formatted appropriately, they’re still phish. In the sample below, note how the alleged link to a Word file really takes you to a suspect Web site.

If you think there’s an issue with an electronic payment to your bank account or from your bank account, contact your bank directly.

If you get email like this message, just delete it.

Fake ACH notification

Fake ACH notification: Another Phish!

Comments Comments Off