Who Else Wants To Learn Internet and Computer Tips ANYONE Can Understand and Use?

A blog by NoAdware™ anti spyware software downloaded over 40 million times in 100 different countries.

Example Of A Phishing Email

Increase Font Size Decrease Font Size

Posted by: Karl Smith on May 5, 2011

Example Of A Phishing Email

Once again on this blog I’m going to reveal a REAL example of a phishing email. These emails try to steal your money! To be exact they try to steal your credit card information or your paypal account login information, etc.

The example below is especially useful for anyone who owns a domain name. I have many and this email almost fooled me.

So by carefully reading this blog post… you’ll learn how phishing emails can look like. This is just ONE example.

Subject of Email: Re: Attn: SEOBOOKLETS.com Expiration Soon

This subject line I had to open immediately, because seobooklets.com is my domain, and I DON’T wish that it expires.

Email Body:

Domain Expiration Notice

Domain: SEOBOOKLETS.COM

Bill To: Invoice # 1304557832
Invoice Date May 4, 2011
Malta, NA Terms Net 14
1308 – US Due Date May 19, 2011
+356.21464879 P.O. #

PAY NOW 128 SECURE

Domain Name Registration Price Term
SEOBOOKLETS.COM May 4, 2011 – May 4, 2012 $75.00 1 Year

Dear ,

This solicitation is to inform you that it’s time to send in your registration for SEOBOOKLETS.COM. We are a submission service and search engine ranking company.

Failure to complete your search engine registration by May 19, 2011 may result in the cancellation of this offer (making it difficult for your customers to locate you using search engines on the web).

Your registration includes search engine submission for SEOBOOKLETS.COM for 1 year. You are under no obligation to pay the amount stated above unless you accept this offer by May 19, 2011. This notice is not an invoice. It is a courtesy reminder to register SEOBOOKLETS.COM for search engine listing so that your customers can locate you on the web.

This Offer for SEOBOOKLETS.COM will expire on May 19, 2011. Act Now!

For Domain Name:
SEOBOOKLETS.COM
PAY NOW 128 SECURE
optoutnow

The blue words were actually links but of course I did not include the links – because the links are THE most dangerous — clicking any link would infected my computer with some spyware or virus.

The most important question: How do I know this is phishing email?

In the first glance I did not realize at all this is phishing until I noticed the price, $75.00. For a domain you only pay around $10 a year.

That raised red flags so I checked the links next, here’s how I did it. Usually this technique alone instantly tells me if an email is real or phishing. Because phishing emails have something very special in the links — and here’s what that’s all about.

If you place the mouse (without clicking!!) on top of a link, you will see in the status bar the actual website you will be sent to if you click on the link.

So when I placed my mouse over the big PayNow 128 Secure link my status bar revealed the website I will be sent to.

Here’s a screenshot:

Status Bar of Google Chrome

The website where I renew my domains is namecheap.com yet I will be sent to a different domain as you can see, domainregren.com so this instantly told me this is a phishing email.

So what’s the big take from this?

Read carefully the email if it relates to money: asking for money, paypal, amazon, ebay and so forth. Does email make sense, check carefully, if I didn’t it would have fooled me? Think before clicking links!!

Use the technique I showed you about checking links. This will INSTANTLY tell you if the email is real or phishing. Practice the technique, open a real email that has a link, put your mouse over the link and you’ll see the url in the status bar.

Note: Some of the links for example seobooklets.com link to seobooklets.com which means are 100% Real — this is done to trick you so you Really have to check All links.

Hope this helps you!

Example Of A Phishing Email

- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -

Related Articles:

How To Report Fraud Spam

This Spam Is Written Very Well It Almost Fooled Me!

Example Of A Phishing Email

Tags:

Tell a Friend

6 Comments

  1. Htsuji, May. 15, 2011:

    Hi. I got the same mail this morning(May 15, 2011). The phrases that made my alarm bell ring were “We are … search engine ranking company” and “Your registration includes search engine submission.” I have never made such a contract.
    It is not a surprise that the mail *honestly* states that it is just an offer, not a invoice I have to pay. They made an excuse that they were just sending some advertisement of their service so that prosecutors might hesitate to take action.

  2. Karl, May. 15, 2011:

    That what you meantion is quite common, it’s known as the search engine optimization spam. Those who own a website are obviously more likely to get “fooled” by this email.

  3. Htsuji, May. 15, 2011:

    To tell the truth, I was surprised with the mail at the first glance. Even though the logical part of my mind found that the mail must be a fraud, the mental part wouldn’t completely relieved. Then, I put some words from the mail into google and found this article on your site. I really feel okay now. Thank you!

  4. Karl Smith, May. 16, 2011:

    You’re very right, people have to be very cautious, especially before clicking any links inside emails (like I explained in my post, they can activate viruses).

  5. qwester, May. 17, 2011:

    Had the same “PAY NOW 128 SECURE” phish but when i hover mouse cursor over the link I do not get the id in the address bar. I’m using latest IE. Is there some address bar setting that needs changing? Please advise.

  6. Karl Smith, May. 18, 2011:

    Qwester what email client you use? I just tested IE 9 and Gmail and was able to see the link in the status bar. Try copying the url and just paste it in Notepad or Wordpad then. Right click Copy then Paste.

    IE 9 by default the status bar is off yet I could still see url because it popped up as a yellow box. Try enabled status bar, right click at the top (near address bar) and select Status Bar.

    Hope it helps.
    Karl

Leave a comment