I recently wrote about phishing around the holidays and while I was working on the piece, I noticed a couple of friends posting recent emails on Facebook. I thought it might be fun to dig a bit deeper into those emails and look at the telltale signs that indicate these are phishing attempts.

Signs of Phishing – Example #1

There are a few things that stand out to me with this email that indicate it isn’t valid.

  • The Subject line.
    1. AMAZON is in all caps. This is not the casing that Amazon uses.
    2. The timestamp is in the future. While it’s entirely true that Amazon may not know your time zone, it’s unlikely that a valid email would ever contain a timestamp that is incorrect, as that causes confusion. In this case, the time stamp is used alongside the word “banned” to create a sense of urgency. When something feels urgent, we tend to rush, which increases the likelihood of someone clicking on a link in this email.
  • The From line.
    1. This email is from [email protected], or rather it looks like it is. This is actually the display name. Looking at this second image makes that much clearer. Additionally, emails from Amazon will typically have an actual display name like “Amazon Answers” or “Amazon Marketplace”.

  • The Body
    1. The grammar and punctuation. “Someone tried to make purchase using your account.” There is no capitalization and “make purchase” is not proper English. One should also question why “security and integrity issues” would lock your account. Similarly, “you should update your information in advice to continue using your account” is not right. What is “in advice?” This is clearly language that has been put through Google Translate or a similar service.

At the end of the day, this email (Read more...)