Anatomy of a Phishing Email
By on February 11th, 2012

Phishing is a popular method of social engineering employed by scammers. A scammer posing as someone else uses popular communication medium such as email or telephone to contact a victim and request confidential information. This information is used for purposes such as withdrawing money illegally from the victim’s account or even identity thefts.

Identifying a phishing email is easy if you keep in mind certain basic fine points. I will be explaining these points with the help of an old phishing mail that circulated around 2007.

clip_image002

1. Generic Salutation – Phishing emails usually begin with ‘Dear User’ or ‘Dear sir/madam’ rather than specific salutation used in legitimate important mails.

2. Time frame – Usually, a sense of urgency is portrayed in phishing emails in order to make the victim anxious so that he acts in haste.

3. Threat – A threat is generally associated with the time frame so that as mentioned above, the victim is forced to act in haste. Usual threats include cancellation of accounts, charging of credit cards etc.

4. Suspicious links/Request for confidential information – While some phishing mails ask the victim to reply with certain information such as credit card numbers or PIN, others provide a web page where the victim can enter this information.

If the email asks you to reply with your password or any other sort of confidential information, you can be absolutely sure that it is a phishing mail. No company will ever ask you to send your password or credit card number by email.

In case of email with links, see if the link is pointing to the location which it is supposed to. Phishers usually use a text which looks like a URL which is linked to a phishing page. For example, it will look like google.com, but it will be pointing to some other webpage. If you hover your mouse over the link, your browser will display the actual hyperlink.

clip_image004

You can also use a link scanner extension with your browser for extra security. I use the link scanner from Virus Total called VTChromizer. You just have to right click the link and select ‘Scan with Virus Total’. You can also use scanners from AVG, McAfee etc.

5. Poor language– Most probably, authors of phishing emails might not be someone you could depict as masters of the English language. So, there might be grammatical, punctuation and spelling mistakes. Although it is not necessary that every phishing email will have mistakes, most of them that I have seen was not perfect on the language side.

Another equally important way to fight phishing is to make sure that the email came from the right source. If you get an email from Amazon, check whether it came from something like no-reply@amazon.com rather than something like amazon@somesite.com.

All of today’s major email providers have spam filters that will detect phishing mails and all major browsers have anti-phishing features, such as, the ‘Smart Screen’ for IE9 which can effectively protect you from phishing attempts. And now, with these simple tips, you can hopefully detect those one or two phishing mails that sneak into your inbox.

Tags: , ,
Author: Nithin Ramesh Google Profile for Nithin Ramesh
Nithin is a blogger and a Windows security enthusiast. He is currently pursuing Bachelors in Electronics and Communication. Apart from technology his other interests include reading and rock music. His Twitter handle is @nithinr6

Nithin Ramesh has written and can be contacted at nithin@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN