Phishing, pronounced just like fishing, is a term you must be aware if you use the Internet for any kind of sensitive transactions. You could be at risk of a phishing attack if you use online accounts such as Paypal or your bank account, credit card account, etc.
Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging and it often directs users to enter details at a website.
I had written on How to spot a fake PayPal email in the past and it was well received. Today, I received an improved version of another PayPal phishing attack by email. I think this is another good chance to raise awareness on such attacks and what you should be watching for.
In the past post, we looked at a few clues that gave away the PayPal phishing attempt. The clues in the last email were:
- The link in the email showed the url itself that was suspicious.
- Once you clicked on the link, the url in the location bar was again suspicious. You should never click on these links in any emails that is from a financial place. More about it to follow.
- Some odd looking characters in the web page that were out of place.
Fake Paypal Email
As you could imagine the phishing attempts are getting better and this is what I received this time around.
As you can see they have gotten better. It looks authentic and they are masking the actual url with an real-like PayPal web address in the email while it is not. It’s aimed at naive Internet users and I am sure you know better than to click on it. if you were tempted, there are 2 things that should warn you before you enter your information. Again, remember it’s best practice not to click on the links in any of these emails but just go directly go to the site you have bookmarked.
Here are a few clues that should warn you:
Clue 1: Email address
It is very easy to spoof an email address and make it look like an email came from someone else. But, they didn’t do that either and the from address of this email was from: firstname.lastname@example.org and not a paypal.com address.
Clue 2: Link address
Even though the web address you were about to click on has the words paypal.com, it is actually linked to something else. You could see this by hovering your mouse over the link and looking at the status bar of your browser. Or if you were just click-happy and had clicked on the link in the email, one glance at the location bar in your browser will show that the actual url you are at is:
As you can see, it is very easy to mistake this for being at paypal.com as you see the words, www.paypal.com in the address. But, you are actually at http://lpdutest.com and about to give away your hard earned money to someone there.
There isn’t a clue #3 this time. They have been so meticulous in forging PayPal’s site as you can see below. There aren’t even little details that have been forgotten.
The language change option wouldn’t have worked if you tried but even that’s not enough to raise an eyebrow.
Don’t Click the links in the email
As you can see, once you have missed the first 2 clues which is going to get harder as the phishers get smarter and find new ways to fool us into thinking that the email is from PayPal, there is no turning back.
But, if you get into the habit of consciously avoiding clicking the links in such emails, there is no way they can scam you. Their whole scam relies on the email recipient clicking on the link.
Use a Modern Browser
If you are still using an antiquated browser like Internet Explorer 6, this is a good reason to upgrade now. Any modern browser would warn you against reported phishing sites leaving you a little bit safer. But, only after someone reports about the site. So, it’s not 100% protection but better than nothing.
When I received this email yesterday and I clicked on the link, there was no warning but this morning, Firefox 3 warns me that this is a web forgery attempt.
I tested this in Opera 9.5, Internet Explorer 7 and Firefox 3 and they all warned me against this phishing attempt.
This email could come from not just PayPal but even from your bank, credit card or any other financial institution. Symantec says about 80 percent of brands targeted by phishing attacks were in the financial sector,
Report Phishing Attempts
When I came across this site yesterday, I used the ‘Report Web Forgery’ option in help menu Firefox 3 to report this site. Also, Gmail has a ‘Report Phishing’ option hidden by the more options that you can use to report such emails. (thanks Troy)
As a savvy Internet user, you were probably familiar with this but we all know friends and family who are still oblivious to this fact. So let’s spread the word and help them from getting defrauded.
What do you do when you get such an email?
Update: If you use Gmail, check out the new Gmail Labs feature that helps with identifying phishing emails easily.