Wednesday, January 13, 2010

Phishing and Spoof - Part 2 - Recognize Spoof and Phishing

In previous post I had given a small intro about Phishing and Spoof. In this post I will mention few things to consider by which you can recognize Potential Spoof Emails sent for Phishing.

1) Some of the things to look for when you get an email claiming to be from a Company of which you are a member:
You may get many emails from different companies. But be careful when you get an email asking you to enter some sensitive data.

When you get an Email requesting you to enter some sensitive data by clicking the link in the email, Look for the From Address, From Name, To Address, Sent Date, Full Email Headers, How the Email addresses you, The Data you are asked to enter, The link Text, Linked Address, etc.

From Address and Name:
Some companies usually declare the email addresses used by them to send emails to their members, but in most cases the From Address usually appears as Official Address, as the phishers forge the From Address of the emails. Sometimes the From Address may have little variations and it may not be noticeable easily.

If you get an email claiming to be from a bank to which you are not a member/customer and asks you to verify your account information, then you can blindly tell that it is the Spoof Email which is been sent to you for Phishing.

To Address:
If the email is sent only to you and directly to you, your Email address appears in the To Address of the Email. There will not be any other email address in the To Address of the email.

If there is another address/addresses in the To Address of the email, then you are not the only recipient of the email. Some send the emails by entering the addresses into the BCC Address of the email so that the other email addresses are not displayed.

So please be careful while clicking a link in an email to which you are not the only recepient and your address is not in the To Address of the email.

Sent Date:
Some send the email as Future Dated, eg: the sent date will be any date of the year 2020 etc. Such emails appear at the top of the email list in the Inbox. If the email is sent with a past date, such emails will be at the middle or last of the email list in the Inbox.

Kindly be careful if you get such emails.

Full Email Headers:
It is good habit to look the Full Email Header of the emails which appear to be sent by any Company like banks or shopping or financial services companies as it may sometimes prevent you from Phishing.

Sometimes the From Email Address may be different from Reply To Email Address, Or the Originating domain of the email may be different one. So its better to check for these things.

How the Email addresses you:
Some companies have the policy which mentiones how the member (you) will be addressed in the emails.
Eg: PayPal addresses the members by their Names in their emails. So if you get any email claiming to be from PayPal but it address you in a different way other than your name, say like "PayPal Customer", you can clearly tell that the email is not from PayPal.

The Data you are asked to enter:
Some emails ask you to reply the email with the username and passwords or other sensitive information. But such emails are less nowadays. Kindly go through the Company's Policies and check whether they send any emails asking for sensitive information. Most of the Corporate Companies have a policy that they wont send any emails asking you to send passwords or any other sensitive information.

Some emails may tell you that your account is blocked or has some suspicious activity and asks you to use the link in the email to login to the website. Never click such links. You better use the contact form or support ticket or the Telephone to contact the company as it is more safer. You can also send an email to the email address provided by the Company in their Official Website rather than replying to the sent email or clicking the link in the email.

If you want to login to the Companies Website, kindly open a new browser window and enter the website address of the Company into the address bar and use the login options in the website rather than opening the website by clicking the link in the email.

The link Text and Linked Address (URL):
The Link Text in the email may appear as to be same with the Official Website Address. But the Link Text can be made to link to a different URL.

Its better to scroll the mouse over the Link Text for a while and look for the Text in Status Bar. Usually it will be different from the Official Website Address if it is not scripted to show a different text in the Status Bar. You can even Right-Click on the Link and check the properties of that link and chcek the URL its linked to.

Some use the URL Shortening features and shorten the URL to a small URLs instead of Long ones. Be carful while clicking such URLs. Never enter any sensitive information into the pages which appear by clicking the Shortened URL Versions.

The URLs will be scripted in such a way that it opens in a New Window or Tab and it will not have an Address Bar. Never enter any sensitive information into the page which has no Address Bar and Status Bar and which appears as a resulting of clicking the Link in Email as it can be a Phishing Attempt.

These are only a few of the many things to be considered to recognize Spoof and Phishing. In my next post I will mention a few things by which you may prevent Phishing.
Phishing and Spoof - Part 3 - Few Tips to Prevent Getting Spoofed and Phished

Post a Comment

All the things mentioned in my blog by me are My Opinions and My Thoughts If they are Not Facts.! If anyone is offended by the content, please tell me with reasons.
All Mentioned TradeMarks, Copyrights and Logos etc. belongs to their respective Owners. - kslokesh.com | TERMS AND CONDITIONS , PRIVACY POLICY , DISCLAIMER . FEEDBACK

Lokesh's Blog : blog.kslokesh.com , Hosted on Blogspot.com (Blogger.com). . Domain Registration by x.co/locality | Website by Nanjangud.Net

Back to TOP