Quick Learn: Identify a Phishing Scam Example – from Facebook (4/27/18)

Hi Everybody!

Yes. I am Know. You are still waiting for the podcast, and hopefully that happens today, but this is not that. This is a repost from a Facebook post I did back in April. I have again been asked about the validity of an email received. I immediately remember this PSA  I created on Facebook, but it never made it to our website. So, today, I am reposting it here so that it’s easy to find.

—————————-

Scott R. Stimson
April 27, 2018
Quick Learn: Phishing Scam Example – from this morning

Hi Guys,
This morning I received a ‘phishing email’. A phishing email is a scam pretending to be from a legitimate service to get information to scam you. In this case the email came from “Apple Support” (yeah? right!) As I hovered over the delete, I got concerned that some people out there still are without the ability to identify these scam emails. So, for those of you who would like a lesson on how to identify a scam email continue reading (all others remain calm and move on.)

For this lesson, I have provided two images as examples.
The first image is a picture of the email I received this morning –

(Honestly, before I gave it any thought,) I identified this email as a scam by asking myself one pertinent question: “Would Apple ever attach a Microsoft Word document during a correspondence with their customer?” The answer is a pretty strong NO. (Special exception for any specific Office support issues.) There is no imaginable reason Apple would send you a Microsoft formatted document.

The second image is a picture of the attached Microsoft Word document. I took the picture as I was hovering over the “…’Click Here’ to cancel your purchase.” link. You can see that this link doesn’t go to apple.com. It tries to trick you into going to a website you don’t know. If you hovered over the ‘manage your password preferences’ you’d see the same unknown website link….Also, NOTE: preferences is misspelled! Misspelling is almost always a scam email.

Besides the identifiers mentions in the two examples, you can determine if a email is a scam by asking yourself a few questions:

First, (in this case) do you have an Apple account? If you don’t, then the email is probably scam. (and regardless; who cares! You don’t use an Apple account. You don’t care. Delete it!)

Second, who is the email for? Look at the recipient’s address on the email (in the first image, it is ‘mail-appleid@support.com’), if it’s not addressed to the email account associated with your Apple account, then the email is probably a scam.

Third, who is the email from? Look at the sender’s email address (this maybe a little complicated depending on your email client.) I am using Windows 10 email and the actual email address is listed in the header. In this case the sender’s address is: no-replay.thisnotifsusterngesotthereborn2221-lotahuguekan0041@samjapangotham.com . Look at the domain portion of the address (i.e., @samjapangotham.com); this email is probably a scam.

Fourth, WAIT NO! NO FOURTH! At this point you shouldn’t even be thinking about this email because you know it’s a scam! However, people are still reading, and they might try to open the document(s) attached to the SCAM email. The fourth question is: What kind of attachment has been sent? Keep in mind that, Apple is not sending Microsoft Office formatted documents, Microsoft won’t send Google Docs, Google won’t send Apple Pages formatted documents, etc. these companies would only send you something they created. Since, these companies can’t be sure what software you have available, they have two options. One, to include everything in the body of the email message, or two) attach a PDF document (SIDENOTE: PDFs are dangerous, ALL attachments are dangerous.) If it’s not in the body of the message, or the attachment is anything other then a PDF, then the email is probably a scam.

Fifth, (yes we are still doing this) Is the attachment a PDF? All professional services on the internet (such as Apple, Google, Microsoft, etc.) know that PDFs and other attachments are easily hacked and used to scam people. If the email is from one of these services, and it comes with an attachment, then the email is probably a scam.

Sixth, if you are still not sure, then the sixth question is: who can you ask? Seriously, ask me! Or someone like me. In my experience, if it’s a legitimate correspondence, then you have time. Most scams are trying to pressure you into making quick decisions (e.g., “Time is Running Out!!”), but any real service gives you grace periods, so take advantage of that type of thinking and ask someone more knowledgeable. If you have no choice but to act on the email right now, then the email is probably a scam.

Seventh, (then I am done) did you ask somebody about the email? I’ve pointed out a scam email thousands of times, however, in my career (over 30 years in IT), I’ve point out a real email less than 50 times. If you’ve asked someone to check the email for you, then it’s probably a scam.

Well, that’s today’s PSA. Leave me a ‘like’ and a comment if you appreciate these types of lessons. Also, feel free use the comments to add any other tips, experiences, or corrections I should make.

Thank you for your time.
Scott, International Computer Solutions & the San Carlos Computer Club

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.