Over the weekend, people reported seeing versions of two common phishing scams in UD inboxes. One a “Your Mailbox is Full” scam, the other a “Google Doc for You” scam. Screenshots and commentary below.
Your Mailbox is Full
This scam wants you to be shocked that your mailbox is full and that you cannot send email. The scammer wants you to be so upset that you’ll react without thinking–that you’ll react by clicking that Cleanup link and fill out a form surrendering your personal information.
The red bar allegedly showing you have 2 MB left in your inbox is a nice touch, too.
This one is a classic that, even though it is an obvious phish to most of us, still hooks enough people that scammers still use it. Some telltale signs:
- First, the message comes from “Norma” and is going to “Norma.” That is a method sometimes used to send a news announcement to a large group of people (using the bcc: field for a large email list). But that sending method is never used by any reputable organization to tell you information about your account.
- Second, even when authentic email has a typo or two, it won’t contain this many errors in grammar, spelling, and and capitalization. Oh, and note that it says that your “mailbox” can’t send messages. Standard usage would be your “account” can’t send email.
- What is the ITS help desk? We don’t have such a unit on campus. IT’s help desk is called the ITSC (IT Support Center). They made up an official sounding unit name. Points out how important it is to verify the authenticity of any message of which you are suspicious.
- Fake copyright notice. Something about that phrase “All Right [sic] Reserved” scares people into thinking a scam message is authentic–even with the “s” missing from “rights.” But why is a message allegedly coming from a UD email account to your UD email account being copyrighted by Microsoft?
See a message like this one? Delete it.
Hi! I have a Google Doc for you
Oh, cool. My friend Kelly has a Google Doc for me! Great! I haven’t heard from her in a while.
Don’t click that link! How do you know that this is a scam? Let us count the ways:
- This message has a Google Docs image followed by a mish-mash of images for other vendors’ products: Adobe, Microsoft, Apple. That makes no sense.
- My friend Kelly lives in the US. Why would she send something with an upload date in DD-MM-YYYY format?
- Google refers to its shared document/cloud product as Google Drive, but did formerly refer to it as Google Docs. Note that the product is referred to as “Google Doc [sic]” three times.
- The message contains no information about the document. Why would I “Click Here” to see a document that I wasn’t expecting without any explanation from the sender, even if she is someone I know?
Google-based scams are one of the more common methods phishers use to trawl for your personal information, either by putting up a Google Form for you to fill out or by putting up a document infected with malware for you to download.
The moral is…
As always, the moral is Think B4 U click!
For more information about how phishing scams and social engineering works in general, view our June Secure UD newsletter.