Spot the emails that will steal your money!

Contents

What is Phishing?

Phishing refers to the phenomenon of emails that are used to persuade people to disclose private information that can be used to steal money from them.

Various techniques are used to pursuade the reader to click on a link contained in the email, to visit a site. When you do you will be required to enter sensitive information such as a user name and password or banking details. These emails always appear to come from genuine well known companies such as banks, building societies, PayPal, Ebay etc.. etc.. and the bogus sites that you visit when you click on the link will have been designed to look genuine.

These bogus scam emails are sent to millions of people, and it will be extremely unlikely that you've not received at least a few!

These emails are extremely dangerous and recent research* suggests that as many as 90% of people who click on these links and visit the bogus site fail to recognise that it is not genuine.

Examples of Phishing Emails

Here are some good examples of these scam emails. You can see how some of them are incredibly convincing (Please Note: I've disabled the links so they send you back to my home page).

This is just a very small selection of the hundreds of scam emails currently circulating. I've included them to give you an idea of how genuine they can look these days.

Amazon

Amazon is committed to maintaining a safe environment for its community of customers. To protect the security of your account, Amazon employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Amazon system for unusual activity. We are contacting you to inform you that our Account Review Team identified some unusual activity in your account. In accordance with Amazon's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. To secure your account and quickly restore full access, we may require some additional information from you for the following reason: We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card. This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension. To securely confirm your Amazon information please click on the link bellow: https://www.amazon.com/cgi-bin/webscr?cmd=login-run We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure. For more information about how to protect your account please visit Amazon Security Center. We apologize for any inconvenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire Amazon system. Thank you for using Amazon! The Amazon Team

Barclays Bank

Dear Barclays Customer, We Hereby notify you that Your Account has been suspended due to unauthorised activities we noticed going on in your account. Due to this we advice you to VERIFY your account to clearify you as the legitimate owner of this barclays online account by clicking the following link. https://activate.barclays.co.uk/olb/p/LoginMember.do Note: you will be asked to provide the following details : 1 Surname 2 Membership number 3 Five-digit passcode 4 memorable word. At Barclays we strive to ensure the safety of our coustmers and maintain our high quality standard. Security Department Barclays Bank PLC. Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your Barclays Online Bank account and choose the "Help" link on any page. Barclays Email ID # 1009

Recent email scams have attempted to con some customers into disclosing their Online Banking security log-in details. However, we would like to get security warnings across to as many customers as possible.    This is why we are asking you to take a few minutes to confirm your log-in details. This will allow us to identify you as the legal owner of the account.    Confirm your log-in details by following the link bellow:    https://ibank.barclays.co.uk/olb/q/LoginMember.do    If your log-in details are not confirmed within 7 days, your online access will be suspended.   We regret any inconvenience this may have caused you. Sincerely, Account Review Department. Barclays Bank PLC. -------------------------------------------------------------- Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your Barclays Online Bank account and choose the "Help" link on any page.

I received the following email after the ones above and have included it because it's audacity is breathtaking!

Notice the way it is warning you about scam emails that are asking for your details ... and then does exactly what it is warning you about.

(It is also worth noting that the address that appears to be: https://update.barclays.co.uk/olb/p/LoginMember.do is actually something completely different and starts with http:// - signifying that it is not actually a secure site at all)

Important Notice: November 10, 2005

Dear Sir/Madam, Barclays Bank PLC. always look forward for the high security of our clients. Some customers have been receiving an email claiming to be from Barclays advising them to follow a link to what appear to be a Barclays web site, where they are prompted to enter their personal Online Banking details. Barclays is in no way involved with this email and the web site does not belong to us. Barclays is proud to announce about their new updated secure system. We updated our new SSL servers to give our customers a better, fast and secure online banking service. Due to the recent update of the servers, you are requested to please update your account info at the following link. https://update.barclays.co.uk/olb/p/LoginMember.do *Important* We have asked few additional information which is going to be the part of secure login process. These additional information will be asked during your future login security so, please provide all these info completely and correctly otherwise due to security reasons we may have to close your account temporarily.   J. S. Smith Security Advisor Barclays Bank PLC.   Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your Barclays Online Bank account and choose the "Help" link on any page. Barclays Email ID # 1009

Paypal

The following email supposedly from Paypal was a really 'good' example of a Phishing email.

Every link in this email was actually pointing to the designers website, where you would be presented with a valid looking page and enticed to part with sensitive information (I've deleted all the links on this page!)

One really useful tip if you receive emails like this from Paypal is to forward them to spoof@paypal.co.uk. It will be checked out by Paypal and they will reply with a message to let you know whether it has been sent by them or not. I did this with the following email and have included the Paypal response after it.

(Ebay have a similar service if you receive emails that report to being from Ebay and asking for you to verify your account etc.. forward them to spoof@ebay.co.uk.)

February 2006

PayPal Security Measures. It's easy to track your expenses and stay organized when you use PayPal. All your incoming and outgoing payments are tracked on your Account History page. See sample.		Your account has been flagged! PayPal Security Measures. Dear PayPal Member, Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your Paypal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your information at this time, please visit our secure server webform by clicking the hyperlink below: Click here to verify your Information If you choose to ignore our request, you leave us no choice but to temporarily suspend your account. Thank you for your patience as we work together to protect your account.  Your PayPal Account in Action Use PayPal to purchase with cash. When you link your bank account to your PayPal account, you can fund your purchases with the money from your bank account. So get Verified—it's just like spending cash. Learn more. Make FREE calls around the world. Reduce your phone bills—with Skype software you can talk to other Skype users all over the world for free. Or make low-cost calls to any landline or cell phone with SkypeOutTM services you purchase with PayPal. Learn more. Pay or get paid back with PayPal. Start off the year with a clean slate. Easily pay your family and friends what you owe them, or request money that they owe you. See how easy it is to send or request money with PayPal.  Special Offers for PayPal Customers Save 20% on Dell Inspiron Notebooks when you use PayPal. Enter code at checkout: SFW86WKM?16WSL Special Offer— Use PayPal and get free Super Saver Shipping on ship- ments of $49 or more. Save 10% on over 300,000 products. Enter promo code: paysave. Plus Free Shipping, Free Returns, and No Sales Tax.

		Helpful Links: ID Theft Resources | Help Center | PayPal Shops | Password Help

Please do not replay to this e-mail. To modify your notification preferences, log in to your PayPal account, click the Profile sub-tab, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypal.com/privacy. < Copyright © 2006 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. PayPal is located at 2211 N. First St., San Jose, CA 95131.

and here's the reply from Paypal when I forwarded this message to spoof@paypal.co.uk:

Thank you for contacting PayPal about a fraudulent (spoof) email or Web
site. We appreciate you bringing this suspicious email to our attention.

We can confirm that the email you received was not sent by PayPal. Any
website which may be linked to this email is not authorized or used by
PayPal.

Our fraud prevention team is working to disable any website linked to
this email. In the meantime, please do not enter any information into
this website. If you have already done so, you should immediately log
into your PayPal account and change your password, as well as your
security questions and answers. We also recommend that you contact your
bank and credit card company immediately.

If you notice any unauthorized activity on your PayPal account, please
report it to us by following the instructions below:
1. Go to the PayPal site and log in to your account only from the PayPal website.
2. Click on the Security Center link at the bottom of the page.
3. Click on the 'Unauthorized Transaction' link under the Report a
Problem column.
4. Follow the instructions on this page in order to access the
appropriate form.

Lastly, we recommend taking a few steps to protect yourself from
identity theft:

1. Download the SafetyBar, a toolbar for Outlook and Outlook Express,
which identifies known spoof emails.
2. Get eBay Toolbar with Account Guard which warns you when you're on a
potentially fraudulent (spoof) Web site.
3. Sign up for Equifax Credit Alerts for PayPal Users, a program that
provides an early warning detection system in the event of identity
theft. Find out more by visiting the PayPal Identity Protection Center
at www.paypal.com/idprotection.
4. Frequently monitor your PayPal account for suspicious activity.

For additional tips please visit the PayPal Security Center at
http://www.paypal.com/security.

Thank you again for sending us your report. We appreciate your efforts
to keep PayPal safe.

Sincerely,

PayPal
______________________________

Important: PayPal and its representatives will NEVER ask you to reveal
your password. There are NO EXCEPTIONS to this policy. If anyone
claiming to work for PayPal asks for your password under any
circumstances, by email or by phone, please refuse and immediately
contact us via our secure webform online.


************************************************************************
This
email is sent to you by the contracting entity to your User Agreement,
either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) Limited is
authorized and regulated by the Financial Services Authority in the UK
as an electronic money institution.

***********************************************************************

How to spot a Phishing email

Unfortunately there's no specific thing that will tell you whether a particular email is genuine or a scam. However, there are indicators to look out for:

• Asking for sensitive information
  This type of scam is so well known now that no genuine company will ever send an email asking for you to click on a link to supply sensitive information or verify account details. If you get an email asking you to do so you can almost guarantee that it's a scam!



• Who's the email addressed to?
  If you have an account with a company that holds your financial details, then they certainly know your name. If the email isn't addressed specifically to you (e.g. the ones above are all 'Dear account holder' or something similar) then this can be a dead giveaway that the email isn't genuine. But please note that I have heard reports of some Phishing scams that do address the email to you, so while this is a good indicator you should consider it in relation to others.



• Grammar and Spelling
  When Phishing emails first appeared they contained extremely bad English and were often full of spelling mistakes. Unfortunately, as these scams have become more sophisticated so also has there use of the English language. If you study the emails above you will find that there are some glaring spelling errors and the language often seems not quite right.



• Scare Tactics
  Most Phishing emails include a message that is intended to scare you into following their instructions. Often they tell you that there is unauthorised activity on your account or someone is using your credit card without your knowledge.



• Deadline
  Another trick they often use is to give you a deadline - give us your details immediately or your account/credit card etc.. will be disabled.

Please Note: this is not a complete list and just because these indicators don't appear in an email doesn't necessarily mean that it's genuine.

My tips to AVOID the danger

So, you will hopefully have realised that there is no absolute foolproof way to spot a Phishing email, a lot of it comes down to gut instinct.

There's only one way to be absolutely sure that you don't get scammed by one of these emails, and this is a rule that I always follow:

NEVER click on a link in an email that is asking you to provide sensitive information or verify account details, no matter how authentic you think the email is!

• If you think the email might be genuine, phone the company and ask them if they've sent it.



• If you're visiting a site that needs sensitive information always type the site address into your browser address bar rather than following the link - the description of a link is not necessarily the same as the actual destination (e.g. www.microsoft.com - the link I've put here suggests that it is pointing to the microsoft website. however, I have programmed it to point to the home page of this site.
  
  (but be sure that the address you're about to go to is a valid one, an address might look valid but not be owned by the company).



• Always check that when you visit a site requesting sensitive information it's a secure site.
  
  A secure site will always have an address that starts with https:// (normal sites begin with http://).
  
  Secure sites will also have a padlock icon in the status bar at the bottom right of the browser window.



• If you receive an email that says it's from PayPal, forward it to spoof@paypal.co.uk and wait for a response before you do anything else with the email.



• If you receive an email that says it's from Ebay, forward it to spoof@ebay.co.uk and wait for a resonse before you do anything else with the email.

What to do if you've been caught out

If you think that you've been caught out by one of these scams, and may have given away sensitive information, here's my advice as to what you should do:

• Immediately change your account information - especially the password.
• If you can check who has visited your account, or whether there has been any unauthorised activity, then do so.
• Inform the company/bank that you have the account with that you suspect you have been the victim of a phishing scam and follow their advice.
• If you think your credit card or bank account details have been compromised you should notify your bank or credit card company so that they are aware, and again follow any advice given.

Links to other useful information

Microsoft have written a very good article about how you can spot scam emails and websites, to read what they have to say click on this link:

Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks

* data from BBC news site, click here to read the full article.