Fake Notification Phishing
You almost have to admire the gall it takes to use a fake email supposedly warning you about suspicious activity on your account, to trick you into clicking a link that then downloads malware giving someone access to your account. Almost.
I've just recently seen several examples of this email showing up in my inbox:
The first clue was that this supposedly came from the email address info@jepard.cc, which doesn't make sense if it were officially a cPanel email. (Though the "from" name and email are easily spoofed, so can't be trusted at face value anyway.)
Hovering over the links for "This wasn't me", "This was me", and "Why am I getting this email?" (being very careful not click them!) allows the browser to show the address you would be sent to if that link is clicked. Chrome shows this in the lower left corner of the browser. These were the links used here:
Links used in automated emails can be normally long and difficult to read with the human eye... but one giveaway here was that the "this wasn't me" and the "this was me" link were identical. That doesn't make a lot of sense, given what the links are supposed to indicate.
As always, the best rule of thumb for any email like this, is to assume that it COULD be spam or phishing. If you are concerned that a notification is legitimate, always log in directly to your account and look for notifications there, or contact support associated with that account. Only click a link or button in an email if it's a message you were expecting and have good reason to trust.
July 17, 2023 in Email, Security, Spam Hall of Shame.
About Nathan Lyle
Nathan is a father of four, an amateur musician, and an aspiring photographer. He started programming in 4th grade on an Apple II+ and many years later spent much of his college years freelancing website design for college departments. Nathan is a veteran of the Browser Wars, and will gladly talk at length about the changes he has seen in Web technology if you accidentally ask him.
-
Latest Posts…
Facebook May Be Abusing Your Website With It’s facebookexternalhit BotIt’s pretty normal for various online services to show up in your hosting account’s bandwidth logs, thanks to various “bots” […]
Fake cPanel Administrator EmailsI recently received an even more blatant example of phishing in my inbox… it claims to be sent by an admin for cPanel, involving undelivered […]
Universal Analytics is going awayNotice from https://support.google.com/analytics/answer/11583528 Google Analytics 4 is our next-generation measurement solution, and it’s […]