Posted by: Karl Smith on May 5, 2011
Example Of A Phishing Email
Once again on this blog I’m going to reveal a REAL example of a phishing email. These emails try to steal your money! To be exact they try to steal your credit card information or your paypal account login information, etc.
The example below is especially useful for anyone who owns a domain name. I have many and this email almost fooled me.
So by carefully reading this blog post… you’ll learn how phishing emails can look like. This is just ONE example.
Subject of Email: Re: Attn: SEOBOOKLETS.com Expiration Soon
This subject line I had to open immediately, because seobooklets.com is my domain, and I DON’T wish that it expires.
Email Body:
Domain Expiration Notice
Domain: SEOBOOKLETS.COM
Bill To: | Invoice # | 1304557832 | |
Invoice Date | May 4, 2011 | ||
Malta, NA | Terms | Net 14 | |
1308 – US | Due Date | May 19, 2011 | |
+356.21464879 | P.O. # | ||
PAY NOW 128 SECURE |
Domain Name | Registration | Price | Term |
SEOBOOKLETS.COM | May 4, 2011 – May 4, 2012 | $75.00 | 1 Year |
Dear ,
This solicitation is to inform you that it’s time to send in your registration for SEOBOOKLETS.COM. We are a submission service and search engine ranking company.
Failure to complete your search engine registration by May 19, 2011 may result in the cancellation of this offer (making it difficult for your customers to locate you using search engines on the web).
Your registration includes search engine submission for SEOBOOKLETS.COM for 1 year. You are under no obligation to pay the amount stated above unless you accept this offer by May 19, 2011. This notice is not an invoice. It is a courtesy reminder to register SEOBOOKLETS.COM for search engine listing so that your customers can locate you on the web.
This Offer for SEOBOOKLETS.COM will expire on May 19, 2011. Act Now!
The blue words were actually links but of course I did not include the links – because the links are THE most dangerous — clicking any link would infected my computer with some spyware or virus.
The most important question: How do I know this is phishing email?
In the first glance I did not realize at all this is phishing until I noticed the price, $75.00. For a domain you only pay around $10 a year.
That raised red flags so I checked the links next, here’s how I did it. Usually this technique alone instantly tells me if an email is real or phishing. Because phishing emails have something very special in the links — and here’s what that’s all about.
If you place the mouse (without clicking!!) on top of a link, you will see in the status bar the actual website you will be sent to if you click on the link.
So when I placed my mouse over the big PayNow 128 Secure link my status bar revealed the website I will be sent to.
Here’s a screenshot:
The website where I renew my domains is namecheap.com yet I will be sent to a different domain as you can see, domainregren.com so this instantly told me this is a phishing email.
So what’s the big take from this?
Read carefully the email if it relates to money: asking for money, paypal, amazon, ebay and so forth. Does email make sense, check carefully, if I didn’t it would have fooled me? Think before clicking links!!
Use the technique I showed you about checking links. This will INSTANTLY tell you if the email is real or phishing. Practice the technique, open a real email that has a link, put your mouse over the link and you’ll see the url in the status bar.
Note: Some of the links for example seobooklets.com link to seobooklets.com which means are 100% Real — this is done to trick you so you Really have to check All links.
Hope this helps you!
Example Of A Phishing Email
- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -
Related Articles:
This Spam Is Written Very Well It Almost Fooled Me!
Tags: phishing email
Hi. I got the same mail this morning(May 15, 2011). The phrases that made my alarm bell ring were “We are … search engine ranking company” and “Your registration includes search engine submission.” I have never made such a contract.
It is not a surprise that the mail *honestly* states that it is just an offer, not a invoice I have to pay. They made an excuse that they were just sending some advertisement of their service so that prosecutors might hesitate to take action.
That what you meantion is quite common, it’s known as the search engine optimization spam. Those who own a website are obviously more likely to get “fooled” by this email.
To tell the truth, I was surprised with the mail at the first glance. Even though the logical part of my mind found that the mail must be a fraud, the mental part wouldn’t completely relieved. Then, I put some words from the mail into google and found this article on your site. I really feel okay now. Thank you!
You’re very right, people have to be very cautious, especially before clicking any links inside emails (like I explained in my post, they can activate viruses).
Had the same “PAY NOW 128 SECURE” phish but when i hover mouse cursor over the link I do not get the id in the address bar. I’m using latest IE. Is there some address bar setting that needs changing? Please advise.
Qwester what email client you use? I just tested IE 9 and Gmail and was able to see the link in the status bar. Try copying the url and just paste it in Notepad or Wordpad then. Right click Copy then Paste.
IE 9 by default the status bar is off yet I could still see url because it popped up as a yellow box. Try enabled status bar, right click at the top (near address bar) and select Status Bar.
Hope it helps.
Karl