New Phishing Threats

Don't get hooked like a big dumb Trout!

Owners of my security e-book The Hacker’s Nightmare have been too well educated to ever be caught by scams like the following. However they are exactly the type of thing that catches millions of less wary people on a regular  basis.

TWITTER TWADDLE!

The scumbag spam brigade is currently inundating e-mail in-boxes with fake messages purporting to be from Twitter.

You can easily identify the fakes — they contain a link that the sender wants you to click.

PLEASE KEEP THIS IN MIND…

All legitimate providers of any sort of membership service (social media sites, financial institutions, etc) are now awake to the fact that, in the interests of their customer’s security, they should not include “Click Me” links in their HTML e-mail communications.

If they really want you to login to your account and do something, they will ask you to do just that, with something like: “Please login to your account“. Maybe they will provide you with the login URL, but not as a link. However more often than not as a member you will be expected to know the login URL, along with your username and password.

HTML & PLAIN TEXT DIFFERENCES …

Be sure you know how to tell an HTML e-mail from a plain text e-mail.

Hovering your mouse pointer over a link in an HTML e-mail will usually display a little pop-up window containing the real URL that the link is pointing to — regardless of what the link text itself says.

In other words, a link in an HTML e-mail can lie to you. The link text might say something like:

Please click on the link below:
http://twitter.com/account/name@yourdomain.com

But in fact the link will take you to: http://hackerbot.xxx/gotcha/

ON THE OTHER HAND…

With a plain text e-mail, what you see is what you get. So long as you recognise the URL as being valid it is safe to click on. But you still have to be careful that it’s not a carefully constructed look-alike.

ANOTHER ONE DOING THE ROUNDS…

…is a plain text e-mail with no links in it, but with an HTML file attached. The body text of the e-mail will read something like:

You have (8) messages from Microsoft Outlook.

Please re-configure your Microsoft Outlook again.

Download attached setup file and install.

While it makes a feeble attempt to appear to be Microsoft Outlook Support, that ain’t the case at all. The examples I’ve seen are actually from: Frillsdu64@recordonline.com.

EDUCATE YOUR PROVIDERS…

If you are a member of any legitimate service that is in the habit of putting “Click Me” links in their e-mail communications to you, PLEASE contact them and point out how dangerous this practice is. This is how the cyber crims grab your login credentials for their own nefarious purposes.

Related articles:

• Spam masquerading as Twitter e-mails lead to phishing, malware
• Twitter forcing some users to change password. Reported threat of phishing attacks