My Web Maestro

Fake Email Notifications – Yet Another Phishing Example

Posted on by Nathan Lyle

Yet another example in the long line of emails meant to scare you into clicking a link and giving away the keys to your kingdom... this one mimics notifications sent by some services that let you know when a different location has logged into your account. (Google does this, as does Dropbox, and some others.)

 

The main rule I always remind people of is that it's best to never click anything in an email you weren't expecting.

Aside from that, many of the phishing or scam emails will have telltale signs you can learn to watch for. In the above example, look at these three giveaways:

  1. The "from" email address makes no sense. Not only is the capitalization of "email Admin" mixed, an automated notification would never come from an individual, so "jmacfarla" makes no sense. The email's domain, cpan.org, also doesn't make sense since any large company is very unlikely to be using a .org domain.
  2. By carefully hovering over the main "call to action" button (BUT NOT CLICKING IT) the browser or email program viewing the message may show the link it would take you to if you clicked it - in this case, Chrome shows it in the bottom left corner. As you can see here, it shows an address that is somewhat random since I know I have never been to a website called "karemaxx".
  3. The address listed here is a dead giveaway, since you can't use an email address as the middle or beginning part of any website address.

No spam filtering is ever 100% effective, since the more aggressive it is set, the more likely you are to have legit mail get flagged. As a result, the best protection you have from spammers and hackers is your own understanding and awareness. Being online is like going shopping in a strange city you've not been to before... you want to always be aware of your surroundings, and err on the side of caution.

Unless you prefer walking on the wild side.... lol

Share, email, or print this post...


About Nathan Lyle

Nathan is a father of four, an amateur musician, and an aspiring photographer. He started programming in 4th grade on an Apple II+ and many years later spent much of his college years freelancing website design for college departments. Nathan is a veteran of the Browser Wars, and will gladly talk at length about the changes he has seen in Web technology if you accidentally ask him.

Visit Nathan's Website or View all posts by Nathan Lyle


Permanent link: https://mywebmaestro.com/fake-email-notifications-yet-another-example/
Posted in Email, Security, Spam Hall of Shame

Leave a comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

×