One of our staff caught this Yahoo phish early Monday morning. Phishing attempts that resemble the one below share certain characteristics that make the phish easily identifiable.

Yahoo! phish

A clear sign that an email allegedly from a trusted organization is not legitimate is that the email does not address you by name. In the screenshot of the phish above, not only does the email not contain the name of the recipient, but also shows that the email was sent to a mailing list! If you are receiving a real email asking you to take action regarding your account, it should address you by name and it should not be sent to dozens of others on a mailing list.

Another sign of a phish is the grammatically incorrect English that is used. For example, in the phish above the email is addressed to “Yahoo Account Disabled.” This phrase simply doesn’t make sense with the greeting that precedes it.

This email also has an image that would not load. This is a less common signal, but it is a sign that this email is a phish since images within emails coming from a trusted source should appear without prompting.

Many phishing scams use a false sense of urgency so that their victims do not examine the email closely. The Yahoo phish uses language like “you should do this soon” followed by the apparent consequences of not doing so.

Lastly, and perhaps most importantly, if you hover your mouse over the “sign in and verify it” link, the URL that appears at the bottom left of your screen clearly does not direct to a real Yahoo accounts page. This is a dead giveaway that this email is a phish. The good address link at the bottom of the email, which does link to a Google Maps page of the location, is simply a trick to cover for the bad link.

Be aware of the signs of phishing and as always,

Think B4 U Click!