Have you received an email advising that your mailbox is almost full? You didn’t click the link in it, did you?
A client of mine received such an email (see below), and queried it with me.
This is spam and an example of many that have been sent out over the past few years to unsuspecting website owners. Spam is inconvenient but usually harmless.
However, some, like this one, can represent a threat. You’ll see from the screenshot that the email contains at least one link that recipients are invited to click. If you click a link in such an email you may allow malware/viruses to be installed on your computer. You might also be directed to a website that invites you to enter some personal details, and maybe a username and password to gain access to your mailbox. This is an example of ‘phishing’ and providing this information will let the perpetrators gain access to your mailbox, from which they can then get hold of (and send emails to) your contacts. You might also have other username and password information sitting in those emails for other services you use… anyway, you get the point!
How to spot a phishing email
There are a number of tell-tale signs that should alert you to the danger in these emails, but busy people don’t always have the time to read things properly – my clients’ initial reaction may well have been ‘I’d better action this quickly as I don’t want to lose any emails’. In the example above…
1. The email came from an email address that is not related to the business. This isn’t always a good indication of phishing, but if you don’t recognise the email address that should cause you to question things a little
2. The spam monitoring had already identified the email as potential spam and placed the ‘[spam]’ tag at the start of the subject line
3. The language isn’t quite ‘perfect’… ‘Click here to reduce size automatically’ is more than a little suspicious
4. The ‘Click here’ link points to a website that clearly has nothing to do with the recipient. Floating over the link shows the target URL as http://kirirumcurtain.com/hi/auto/newp/ii.php?email=[with the email address here]. Googling that domain name shows that it is a site owned by a business in Cambodia (although it looks like it is hosted in the US). Anyone clicking on the URL will trigger a script to run on the target website, and there’s no telling what it could do. So please don’t!
McAfee site advisor warns about this site as a potential phishing site that… “might send your personal information to people online who can use it to access your financial information, or steal your identity.”
If you do happen to click on such a link, our advice would be to run a good virus-checking programme against your computer and change any login credentials that you passed over to the phishing site (and any more that you think might also be compromised).
Let us know if you’ve seen this or other phishing attempts. Did you click the links? What happened to you?