Premium Phish
Our IT Director shared a phishing email with me noting how professional it looked. While professionals, such as our IT director would not be fooled by a phish like this, many people would be fooled.
A picture of the body of the email is below. The “from” address would fool many people. The “to” address looks at least somewhat plausible as well.
Where you should spot that it is a phishing attack is the part in which it asks for your username, password, date of birth, and country. Hotmail, Live, Yahoo, Google, MySpace, Twitter, PayPal, eBay, and other legitimate sites are not going to ask you to email them your password, or to go to a web page to input your password (other then to tell you to log into your account). Never follow a link in such an email.
As for asking for your username, if they have decided to shut down YOUR account, then they know your username, no?
There may be some very rare exceptions, but as a rule, there are only two types of people who ask you for your password – Thieves and idiots. Never, give out your passwords. If this one would have fooled you, then let this be a good lesson for you.
Randy Abrams
Director of Technical Education
Cyber Threat Analysis Center – ESET LLC
2 Responses to “Premium Phish”
Leave a Reply
- David Harley (743)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (29)
- Andrew Lee (15)
- Jeff Debrosse (12)
- Robert Lipovsky (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Peter Stancik (4)
- Alexis Dorais-Joncas (3)
- Tasneem Patanwala (3)
- Aleksandr Matrosov (2)
RSS
December 21st, 2010 at 1:02 am
Well done, just a little short-sighted. If they added a link like "Click here to confirm your account" and ask the same details on an HTML form with the same "look and feel" of Hotmail, they would fool many more…
December 21st, 2010 at 2:03 pm
While it does have a professional look, it still fails in that its has gramatically/spelling mistakes. Even if the password was not being requested the mistakes would give it away.