Phishing Warning

I usually post these things as a humorous thing, to demonstrate how ridiculous they generally are, but this time I’m posting it as an actual warning.

I got this e-mail this morning (posted as an image, to show the whole thing, the link is dead):

 

 

This one worries me because it’s actually pretty well done. The English isn’t ridiculously bad, the grammar is pretty much correct, the “reply-to” address isn’t in nigeria (although it’s probably a dead address, since they chose a different route). It even includes a legit looking logo at the top and a friendly reminder to protect your password to lend credibility.  How ironic is that?

It concerns me that some people with less experience on the net may fall for this one, click the link and enter their information. I did not follow the link to see how professional the actual phishing page itself looks, but if it looks legit at all, some people will fall for it.

This one was easy for me to recognize as a scam because I don’t have a Wells Fargo account. But if someone does have an account and gets an e-mail like this, the biggest indication that the e-mail is fake is by hovering the mouse pointer over the link.

The author of the e-mail can change what text is displayed in the link, while the destination of the link is someplace completely different. Hovering your mouse pointer over the link, causes the actual destination of the link to pop up in a “tooltip” box, or possibly down at the bottom in the status bar.

Here’s what it looks like when I hover the mouse over the link using my e-mail application:

As you can see, the destination of the link has no relationship to what’s printed in the e-mail.  This is an immediate indication of a scam.

I’d be willing to bet that if you reply to this e-mail, you’d get “address does not exist” failure.  They created the “reply-to” address out of thin air, just to make it appear as if the e-mail came from someone at Wells Fargo.  It didn’t.

Here’s the most important tip I can give:  Never, Ever, Ever click on a link from an unsolicited e-mail and enter any sensitive data in the resulting page.

If your bank really does want to verify your information, they won’t send you to some unusual page and ask you to enter your account info, they’ll ask you to log into your account and verify the information there.

If you get an e-mail like this, and you really do think it’s legit, call your bank and ask them if it’s actually from them.  If it’s real, they’ll know it and they’ll be able to tell you so.  Most likely, it’s not…no matter how realistic it may look.

9 thoughts on “Phishing Warning

  1. I received one of these recently.

    The HTML contained:

    <br>To get started, please see:
    <Br><a target="_blank"
    href="http://samplepacks.ca/online/wellsfargo.com/login/&quot;
    >https://accounts.wellsfargo.com/signon?LOB=CONS</a><Br&gt;
    <Br>Thanks,
    <Br>Leah Evans – Wells Fargo Bank Accounts Review Center

    Clearly some demo web site stuff is being used for naughty things. There seemed to be no easy way to tell the owners of that site that they have a problem, either.

  2. I received one of these recently.

    The HTML contained:

    <br>To get started, please see:
    <Br><a target="_blank"
    href="http://samplepacks.ca/online/wellsfargo.com/login/&quot;
    >https://accounts.wellsfargo.com/signon?LOB=CONS</a><Br&gt;
    <Br>Thanks,
    <Br>Leah Evans – Wells Fargo Bank Accounts Review Center

    Clearly some demo web site stuff is being used for naughty things. There seemed to be no easy way to tell the owners of that site that they have a problem, either.

  3. I received one of these recently.

    The HTML contained:

    <br>To get started, please see:
    <Br><a target="_blank"
    href="http://samplepacks.ca/online/wellsfargo.com/login/&quot;
    >https://accounts.wellsfargo.com/signon?LOB=CONS</a><Br&gt;
    <Br>Thanks,
    <Br>Leah Evans – Wells Fargo Bank Accounts Review Center

    Clearly some demo web site stuff is being used for naughty things. There seemed to be no easy way to tell the owners of that site that they have a problem, either.

  4. Good to know. Thanks for that post.
    I don't have a Wells Fargo account, but my daughter does. The DadAlert has gone out for her to read this.

  5. I got some of these From Citi, who runs my Amex card. Was telling me something funny was going on, and could I please contact them by email by way of the helpfully included link? The address looked a bit funny, so I just ignored them thinking it was just really well done. Nearly a month later I finally got a snail-mail letter saying pretty much the same thing. Called to a number off of the last bill, Apparently the emails were the real deal. Stupid, but real. They'd also supposedly called me repeatedly, But never left anything at all on the answering machine. Once I was talking to someone with a pulse and we were both sure of who the other was, I found out someone was running around Taiwan and nearby with my credit card number buying airline tickets and shoes, and it looked a bit funny to them. Only way to tell it was for real was to call them. No useful info by email, nothing at all by phone until I contacted them because they finally decided to spring for a stamp. Everything worked out alright, But Instead of sending an email, or leaving a phone message simply saying "Hi, This is your credit card company's fraud department, could you please find our number on your last bill and call us?" They'll just send out more funny looking emails, and I'm supposed to call about every single one and check if it's for real. It looked like phishing to me because I assumed Citi wasn't dumb enough to send something that looked just like a well done fake, for real. Might be worth a phone call to see if somebody had a big steaming bowl of stupid for breakfast and then decided to tell you about a real problem while looking like a guy with a bunch of $20.00 rolexes pined to the inside of his coat.

  6. Just as a general rule – if "your bank" or "your credit card company" calls and asks you for information such as your account number or security code….don't give it to them. They already have it!

    OTOH, if they call and ask you to confirm information, then they're probably legit. The conversation should consist of them providing information, and you verifying it, rather than you given them *anything* they don't already have. Some scammers are pretty good with the social engineering, so you do have to be careful. Best bet, really, if you get a call, is hang up, and call the number on your card or statement to see if there's really a problem.

  7. Leaving aside the obvious fact that scammers and spammers and ne'er-do-wells the world over latched onto email as the Next Big Thing in September of 1993, or thereabouts, and haven't given up on their dreams of becoming "e-marketing billionaires" yet, and now the Russian Mafia is getting into the act with serious amounts of resources to bring to bear, perhaps, given increasing levels of goobermint surveillance and greater and greater resources being the safest thing of all these days would be not to have a bank account nor a credit card and do all business in cash only.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.