What is Phishing?


Userlevel 5
  • Retired Webrooter
  • 58 replies
This subject was inspired by a recent conversation here on the community about fake DHL emails that lead to scams.
 
So, what exactly is phishing?
 
Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company asking you to provide sensitive information. This is usually done by including a link that supposedly takes you to the company’s website where you are asked to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam.
 
The term ‘phishing’ is a pun on the word fishing because criminals are dangling a fake ‘lure’ (the email that looks legitimate, as well as the website that looks legitimate) hoping users will ‘bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, user names, and more.
 
Here are some clues that usually indicate an email is a scam:
  1. The email is not addressed to you. “Dear Customer” isn’t an identifier
  2. You don’t have an account with the company, or haven’t used the company’s service
  3. Grammatical errors. Usually, you’ll notice weird capitalizations and terrible grammar.
  4. They push you with urgent messages to open attachments or click on links.
  5. If you hover over links with your mouse, you’ll see the URL destination on the bottom of your browser. You can clearly see that all links send you away from the company site—or they try to fool you by adding the company name somewhere in the URL.
Seeing any one of these flaws is enough to tell you the email is a phishing attempt – but what if these errors aren’t present? A smarter scammer could have corrected all these mistakes, including knowing the recipient’s name and email address, and masking their URL in a much more convincing manner. If they had done a better job there would have been nothing in the message to trigger your alarm bells – even though the email would still be fake.
 
So how can you guarantee you don’t fall for a phishing scam? Apply these two actions consistently and you will be nearly 100% protected from online scams:
 
  1. Drive, don’t be pulled. Stay in the driver’s seat by finding the website yourself. This is the ONLY way to guarantee you land on the legitimate site. If you use the link (or phone number) in an email, IM, ad on a website/blog site/forum/social network/text message, etc., where you land (or who you talk to) is their choice, not yours. The website they take you to (or the ‘bank manager’ on the phone) may be a very convincing copy, but if you enter your information it will be stolen and abused. Instead, use your own link. If you use the company, you may already have a bookmark for the website you can use, if not, use a search engine and type in the company’s name, then use the link from your search engine to go to the correct site. If the email is legitimate, you will see the same information when you log into your account on the legitimate site.
  2. Install or activate a web tool that identifies malicious sites for you so you know the website you find is legitimate. There are several tools that will do this for you. Every standard browser now has a tool you can turn on to alert you if a website you are about to click on, or just clicked on, is safe or malicious.

17 replies

Userlevel 1
Badge +3
Thank You...
Userlevel 7
Badge +56
I get those also but they go right in the Junk Email Folder in Outlook 99% of the time! :robottongue: I use my ISP email and they use Yahoo mail for there email service it just goes to show how much Spam and Phishing emails get through there Filters and the one's that carry Malware and doesn't Yahoo mail use N****n as there AV :@
 
TH
Userlevel 5
Sneaky gimmick. Glad you caught it!
Userlevel 5
If I get one more email from the Canadian Pharmacy, Rolex, or some forlorn woman looking for someone to date, I think I might just go crazy. 🙂
Userlevel 6
Merely identifying and deleting phishing/scamming emails is not enough.  It is important to become proactive.  File a complaint with the Federal Communications Commission (FCC).  It takes a few minutes to complete the form.   http://www.fcc.gov/complaints
 
I do this as a matter of course.  The FCC will acknowledge the complaint, assign a complaint number, and take action.  It generally takes a few weeks for the FCC to acknowledge your complaint.  I believe that if enough complaints are received by the FCC about to a particular sender, it will take appropriate action.
 
A similar approach applies if you receive robotic phone calls on your cell or landline.  If you receive a suspicious call, make note of the number from your caller ID and then Google the number.  If there is a history of abuse from a particular caller, copy the thread and file a complaint with the FCC, citing the thread and pasting it into the complaint form.  This will alert the FCC that the caller is a repeat offender and increase the likelihood of action by the agency.
 
Sounds like a PITA, I know, but these emails and calls only proliferate.  Once your email address/phone number gets on a list, you're going to have repeated problems.
 
Good luck!
Userlevel 7
Badge +56
Hello rjh and Welcome to the Webroot Community Forums.
 
No you should be fine only if the page opened and you put in your personal information and details that's how one is affected by Phishing emails and the Fake Websites because of them! Here is some great info: http://en.wikipedia.org/wiki/Phishing
 
TH
Userlevel 7
Badge +56
@ wrote:
Sneaky gimmick. Glad you caught it!
Thanks Alex I got 4 more over night I report them all to Microsoft as they can add them to the Junk email definitions for Outlook!  abuse@messaging.microsoft.com
 
From Microsoft:
 
"This is an automated reply from the Microsoft Forefront Online Security, Spam Analysis Department.  No additional correspondence will be sent to you.
 
We appreciate your spam submission.  You will receive this auto-reply message only once per day if you submit multiple emails for evaluation in a 24 hour period.   Additional information is as follows:
 
* Spam submissions are processed seven days per week with new spam rules pushed out continuously.  Time frames for rules on individual submissions vary depending on the quantity and quality of submissions.
 
* As new spam rules are set globally for all customers, please be aware that not all individual spam submissions result in a new spam rule.
 
* It is critical that when reporting spam that full Internet headers are included.  This may be done by sending the offending message as an attachment along with the full original Internet headers; OR by using the Junk-Email Plug-In (as made available for some Outlook 2003+ users depending upon your organization).
 
*In order for automated spam processing to take place, spam submissions should be sent in individually.  Please do not forward multiple spam mails in one individual message.
 
Thank you for assisting us in controlling unwanted email!
 
Microsoft Forefront Online Security"
 
TH
Userlevel 5
If you need to know more about phishing, please check out: http://www.antiphishing.org/resources.html
Userlevel 7
When you say "gain access," what you're really talking about is a trojan, rather than a phishing scheme. A phisher is trying to get you to do something like enter your password into a fake form, ala "Sign into this supposed UPS site to track your package"-type fake emails. A trojan on the other hand would be something you are tricked into running that gives unauthorized access to your computer to someone.

It was good to check in with Webroot since you were concerned, but the indication from what I'm reading is that the page failed to load, and you were neither presented with a form in which to enter a password, nor prompted to run an executable. Probably the phishing site in question was already shut down by the time you clicked the link. In any case, WSA itself protects you against either kind of threat, phishing or trojan, and since it didn't pop up and say it found something bad, the indication is that there was nothing bad there to protect you from. Plus, support took a look for you as well. I think you can rest assured that you don't need to worry about it. That's what you've got Webroot for 😉
Userlevel 7
The following is a update on Phishing
(The psychology of phishing)
"Comment"  Interesting read on one of the biggest security issues today, Phishing emails are more sophisticated and complex....what makes us vulnerable humans are conditioned to click on links
=================================================================================================
by Mark Sparshott - EMEA Director at Proofpoint - Wednesday, 23 July 2014.
 
Phishing emails are without a doubt one of the biggest security issues consumers and businesses face today. Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.

While these emails can take more time and effort on the hackers’ side, there is no doubting the fact that provide a much bigger return on investment.

Cybercriminals understand that we are a generation of clickers and they use this to their advantage. They will take the time to create sophisticated phishing emails because they understand that today users can tell-apart spam annoyances from useful email, however they still find it difficult identifying phishing emails, particularly when they are tailored to suit each recipient individually.
 
Help Net Security/ Full Read Here/ http://www.net-security.org/article.php?id=2078
 
Userlevel 7
Badge +56
Thanks Alex! I have been getting allot of Phishing emails from so called YouTube and when you click on the link it takes you to an online Pharmacy, looks real doesn't it? It had my real email address in which I removed from the picture and as you said it's something I never signed up for! :@
 
Cheers,
 
TH
 
EDIT: And see the second picture when I hover over the link!

 
http://img849.imageshack.us/img849/2039/capture0703201213404pm.jpg
http://img14.imageshack.us/img14/975/capture0703201220104pm.jpg
Userlevel 5
Wow, that's crazy. Thanks for sharing this!
Userlevel 7
Badge +56
Thanks Alex! Here is another one and Outlook 2010 has a warning on this one! And notice the time it's about 6 hours early to my time! And notice the link this time when I hover over it! And also the third picture I have converted to Plain Text!
 
TH
 
http://img442.imageshack.us/img442/2721/capture0703201290404pm.jpg
 
http://img834.imageshack.us/img834/4729/capture0703201291415pm.jpg
 
http://img163.imageshack.us/img163/4037/capture0703201292313pm.jpg
Userlevel 7
Thanks, RWM.
 
That is very useful information and I will be submitting one for an old school email account that has had this problem for months!
Userlevel 1
Badge +3
I got a NACHA ACH phishing email yesterday.  I am normally very vigilant about emails....but this one had some info that seemed to connect to a recent transaction I had made.... and I took the bait.  I clicked on the "Details" link.  The link did not open. (....cannot display this webpage...)  Within a half hour, I had contacted Webroot and sent them my logs.  They found no problems.  I am still nervous tho.... Since the webpage did not open, does that mean the phisher did not gain access, or does just the fact that I "clicked" on the link make me still vulnerable?  I am thinking about wiping my hard drive and starting over.... Although if my hard drive has been copied already, that would be a waste of time... 
Userlevel 1
Badge +3
Thank You.
Userlevel 7
Badge +56
Your very Welcome. ;)
 
TH
 
 

Reply