Wednesday, 28 August 2013

The anatomy of phishing

I just saw a very good example of phishing. Phishing is a technique used by criminals to steal your digital identity. Sometimes it's your banking identity they want, other times it just your email account they want to hijack. Sometimes it's both.

A consumer received the following email:
Hello ,
You are receiving this message because your Gmail Mailbox Quota limit is exceeded. To continue using Gmail,you will need to upgrade your Mailbox Quota(please note this is free). Failure to do so,you’ll be unable to upload additional items to your Drive or photos to Google+, and, after a period of time, incoming messages to your Gmail account will be returned to the sender. Note that Gmail will bounce emails until you rectify quota issue.
It's strongly required that you take action.
Upgrade Mailbox Quota
This message was sent automatically and this mailbox cannot receive replies.
It would be easy to think this was an important issue. Something that needed your immediate attention. I can understand how you might be tempted to click on the link.

If you did, you'd see this:

But the key thing is that the link didn't go to Gmail at all. It actually went to a web site in Austria.

Interestingly if you enter your details (don't panic, I entered random letters) and click the button this is the thanks you get.

The scammers behind this are hoping that you will carelessly type in your email address and, most importantly, your password, not noticing that you're nowhere even close to Gmail. Before you know it they'll have signed on to your Gmail account and your friends will be receiving emails saying you've been on a last-minute trip overseas and have lost all your money and can they please send some to you using Western Union.

The truth is actually simple. Trustworthy organisations like Google and your bank will never send you emails like this, containing links to click. Only criminals do that.

Be careful what you click on!

1 comment:

Kasey Chang said...

It is also worth noting that most people's Gmail account already has 15 GB for free. And how big is one email message?