Phishing Email Examples

In: Internet Identity Theft

31 Jan 2011

Examples of Phishing Emails

According to the Wikipedia, Phishing (pronounced FISH.ing) is a form of social engineering, characterised by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords.

COMPUTERWORLD’s DEFINITION: “Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses. These authentic-looking messages are designed to fool recipients into divulging personal data such as account numbers and passwords, credit card numbers and Social Security numbers.”

WARNING: None of the emails below are legitimate emails from the companies they seem to represent. All of them are bogus and attempt to solicit account information from customers of the target companies. No legitimate emails from these companies would ask you to verify your account information in this manner. Note that most of the links in these emails do not go to the real companies websites, but rather to some other website where a fake input form is used to collect the customers account information.

Whenever you are inboubt about an email that appears to come from a company with whom you have an account, do one of the following:

  1. Call the company to verify that the email was sent by them.
  2. Forward the email to an email address from the company that you know is valid and ask for verification. Don’t use any email address that is supplied in the email you received.
  3. Type the company’s URL directly into your Browser’s URL address box (don’t use any links in the email that was sent to you). Logon to your account and check if your account is working properly. Look to see if the company has an address where you can report suspecious emails or mailings and forward the email to that address.

Phishing Email Example 1:

The following example was received 12/14/05 and targets USAA customers. Note that the link provided in the email does not go to a USAA website. However, even if it did seem to point to a USAA website, the link could be descised through several methods using HTML email to actually be pointing to somewhere else so don’t ever assume that the links are really pointing to the legitimate company website even if they seem to be doing so. USAA will NEVER send their customers an email similar to the one below asking the customer to enter their account information for verification.

Dear USAA Member,

During our regular update and verification of the accounts, we could not verify your current information. Either your information has changed or it is incomplete.

As a result, your access to online banking on USAA has been restricted. To start using fully your online account, please update and verify your information by clicking the link below :

http://www.ptcnets.com

Thank you for your prompt attention to this matter.

Regards,
USAA Inc.

Phishing Email Example 2:

The following email arrived 12/15/05 to an email address that is used only by Ezine Publishers requesting a copy of an article from an autoresponder. Thus the email address was obviously harvested from the Internet without any knowledge of its real use. Things that immediately identify this email as a Phishing email include:

  1. The email address to which it was sent. (Only used for articles, thus no account would be associated with this address).
  2. I do not have an account with the Navy Federal Credit Union
  3. The link address in the email does not really point to a Navy Federal Credit Union website. (place your mouse cursor over the link and you will see that the link really points to “http://www.farmaciagalenica.com/imagenes/new/index.asp”

Again, the email below is NOT an email from the official Navy Federal Credit Union website, but rather a Phishing attempt targeting Navy Federal Credit Union customers. The Navy Federal Credit Union would NEVER send out such an email to its customers.


Dear Navy Federal Credit Union customer,
We at Navy Federal Credit Union, would like to remind you that your Navy Federal Credit Union Account has not been updated to the latest Online Access Agreement for Navy Federal Credit Union Online Services.
In order for us, at Navy Federal Credit Union to guarantee your online security, you need to update your account information. We urge you to partner with us to prevent consumer fraud, by going through the 2 steps Wells Fargo Account Confirmation process. This operation involves logging in and confirming your identity over a secure connection at:
https://online.navyfcu.org/signon?SIGNON_XCP=1010

After completing this process, you will be informed that your account has been updated and you will be redirected to the actual Online Access Agreement, for you to review.

Thank you for choosing Navy Federal Credit Union as your Financial Institution.
When you use Navy Federal Credit Union Online ® or Navy Federal Credit Union Business Online ® Banking, we guarantee that you will be covered 100% for any funds improperly removed from your Navy Federal Credit Union accounts, while we are handling your transactions, subject to your responsibility, described below.
© 1999 – 2005 Navy Federal Credit Union Bank. All rights reserved.

Phishing Email Example 3:

I received the following Phishing email on 7/29/06. This is NOT a legitimate email from PayPal®.

If you place your cursor over the link “Click here to update our PayPal account information” you will see that the actual link does not go to a PayPal address, but simply to an IP numbered address “http://80.163.160.10/”

  1. PayPal will not send you an email asking you to update your account information.
  2. If PayPal sends you a link that requires you to enter sensitive information (such as your userid and password when you log on to their site) it will be to a PayPal address with “https:” not “http:” preceeding the address. Https is the secure protocol.
  3. If you have a PayPal account and are in doubt as to whether or not an email actually comes from PayPay, do not click on the link provided in the email, but rather open up your web browser and type www.PayPal.com directly in to the address box. This way, if the link is bogus, you will not go to a fake PayPal page (Phishing websites will steal the actual logos and other images from the legitimate website to creat a look-a-like site, so don’t fall for that trap).

Warning Notification

Dear PayPal® member,

It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website.

If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with our online service.

However, failure to update your records will result in account suspension.

Please update your records. Once you have updated your account records, your PayPal® account activity will not be interrupted and will continue as normal.

Click here to update your PayPal account information

Copyright © 1999-2006 PayPal. All rights reserved.
Information about FDIC pass-through insurance

Phishing Email Example 4:

I received the following phishing email three times on August 8, 06 under three different subject lines. The emails were sent out as untargeted blanket spam hoping to find and entrap some clients of Fifth Third Bank. I do not have an account with Fifth Third Bank, as a matter of fact, I’ve never heard of them!

  • Subject 1: Fifth Third Bank – important fraud alert
    From Sender: FIFTH THIRD BANK, 2006
    <support_reference501146522@53.com>
  • Subject 2: FIFTH THIRD BANK: OFFICIAL INFORMATION
    From Sender: FIFTH THIRD BANK, 2006
    <operate_ref125579746@53.com>
  • Subject 2: Important Account Notice
    From Sender: Fifth Third Bank’06,
    <onlinesupport_id-191767@53.com>

fake phishing email image

While the above looks to be text, it is really an image. In the first email, the image was named basso.gif and in the second it was named chieftain.gif and in the third it was named coverall.gif. If you clicked anywhere on the image, it took you to the following link: <http://www.53.com.wps.portal.secure.aliktauh.net/context.id> which is a fake page hoping you to enter your account information. If had an account with Fifth Third Bank, and entered your account information into the form on the fake website you would have found the money in your account missing in short order. NEVER respond to such emails! THEY ARE ALL FAKE!

1 Response to Phishing Email Examples

Avatar

Identity Theft | ID Theft

February 3rd, 2011 at 1:38 pm

[...] to Recognize Phishing E-Mail: Phishing messages have evolved drastically over the last year, and they are often difficult to recognize. The [...]

Comment Form

About this blog

Welcome to the identity-theft-defence.com! This is a blog where you can find a lof information about how to identity theft!

  • Identity Theft | ID Theft: [...] If you are not familiar with identity theft, also known as ID theft, take a look at “Wha [...]
  • Identity Theft | ID Theft: [...] Credit Report May Show Identity TheftIdentity Theft | ID TheftPhishingFraud Alerts and Identit [...]
  • Identity Theft | ID Theft: [...] Your Credit Report May Show Identity TheftIdentity Theft | ID TheftPhishingFraud Alerts and Id [...]
  • Identity Theft | ID Theft: [...] to Recognize Phishing E-Mail: Phishing messages have evolved drastically over the last year, [...]