Don’t be a phishing scam victim, 5 tips to stay safe
Phising attacks are very common. I get one or two every day. I feel bad for the thousands of people who lose their identity or their money as a result of these scams.
What is a phishing scam?
A Phishing scam is an attempt to trick people into giving out personal information including passwords, social security numbers, passwords and credit card information through messages pretending to be coming from a trusted source like your bank.
Let’s walk through a phishing scam and how to detect it
About two weeks ago, I got this email
At first glance, it seemed like someone had made an unauthorized purchase through my PayPal account. The message is powerful because it relies on creating emotion to reduce our level of scrutiny and it seems like a legit email including the footer from paypal.
However, there are three very clear indications this is a phishing scam.
First, the sender email address. This email was sent from PayPalDisputePayments@nindyemot.com email address, not from PayPal.
Second, the email very visibly offered the option to dispute a transaction, even from the email address itself, which is not common in transaction confirmation.
Third, and most important, is the action expected from users. The ‘dispute transaction’ button seemed not very professionally made. The most important part is hovering over it (not clicking) and Outlook (and most other web mail clients) will show you where this button will take you.
In this case, the button takes you to a bit.ly URL, not to PayPal, which is a huge red flag.
Bit.ly is an URL shortener, which also helps hide the actual URL. There are many URL shorteners, some used by social media sites like Twitter and Quora, and most of them are used for good purposes when sharing links to pictures on posts on social media.
However, a bank, or PayPal in this case, will most likely never user a link shortener.
Bit.ly has a way to show what URL it points to, by simply adding a plus sign at the end of the URL. Using this method, I found the Bit.ly URL redirects to http://redirect-updates.ml . The domain .ml is from Mali, a country in Africa. With this information, one can very safely conclude this is a malicious phishing attempt that is sending people to a site in Mali. This site will most likely attempt to steal your PayPal credentials and potentially other personal information and security information.
I am not brave enough to visit the site myself or even the site where the email is hosted. Sophisticated malicious sites can infect your computer by simply visiting them, through attacks in the site code. It’s safer not to visit URLs you don’t trust.
What is even more troubling, is that over a thousand people have fallen victim to this phising attack, as one can see from the Bit.ly tracking info
Phishing scams are not limited to email. They can be sent via text messages, like the one below, or any means of communication.
Some will be made more professionally than others and will closely resemble communications sent by your trusted source. I have even seen phishing scams that look like online stores selling attractive products, only to steal your credit card information at checkout.
Five recommendations to stay safe and avoid becoming a victim of phishing scams:
1. Be suspicious of anything that looks out of the ordinary. Inspect email sender information. Scams will arrive from your friend’s email addresses if their accounts have been compromised, so be careful about any message that does not look like something like what a friend would send to you.
2. Inspect links in an email, see where they go. Be cautious about URLs that closely resemble a valid site. Attackers often try domain names that look very similar to a valid URL. For example:
- www.paypa1.com — note the number one is being used instead of the letter ‘L’
- paypal.com.site.ml — in this case the site you are being sent to is ‘site.ml’ not paypal
- paypal-resolution.com — companies will rarely use a domain like this.
3. Don’t visit sites you don’t trust. If you learn about a new site that sounds interesting, do a bit of research first to find out if it is a legitimate site or a scam.
4. To be safe, don’t click on ANY links in an email. If you get a message from a payment service or your bank, close the email, then open a new browser window and go to your bank’s website, where you will be able to review information and take proper action.
5. Share these basic steps with others. The most technologically challenged people are usually the first victims.
I hope this helps you and your family stay safe. Have a wonderful 2017!
