Intro: Do Not Byte on Phishing Emails,
There are many tell tale signs of a fraudulent e-mail.
- Sender's e-mail address. To give you a false sense of security, the “From” line may include an official-looking e-mail address that may actually be copied from a genuine one. E-mail addresses can easily be spoofed, so just because it looks like it’s from someone you trust, you can’t always be sure.
- Attachments. Similar to fake links, attachments can be used in fraudulent e-mails. Never click on or open an attachment. It could cause you to download spyware or a virus. Capital One will never e-mail you an attachment or a software update to install on your computer. In general, never open unexpected attachments from anyone.
- Generic greeting. A typical fraudulent e-mail will have a generic greeting, such as “Dear Account Holder.”
- False sense of urgency. Most fraudulent e-mails threaten to close your account or assess some penalty if you don’t respond right away. An e-mail that urgently requests you to supply sensitive personal information is typically fraudulent.
- Typos and grammatical mistakes. Errors like these are a clear sign the e-mail is fraudulent.
- Treat all links in E-mails as potentially unsafe. Many fraudulent e-mails have a link that looks valid, but sends you to a fake site that may or may not have a URL different from the link. As always, if it looks suspicious, don't click it.
Step 1: Looking Closer.
This email looks so official but it is so deceiving. If you go down and look at "Update and verify your online billing" it is a like to a fake website to steal you personal information. If you hover over the link (DO NOT DOUBLE CLICK IT!!!), you should see where the link actually goes to. Legitimate websites do not have humbers (aka an ip address) before the company name. The second picture shows the actual "Capital One" site. The url as you can see looks like a real website with no numbers in front. You have determined now this is a fake email.
Step 2: Confirming This Is a Fake.
You will want to go to www.netcraft.com and use their web page to determine who the website belongs to. Usually I just take the ip address (just the numbers and dots) to use as input. In this case it is: 126.96.36.199. Let the site do a search. If if were a legitimate site, you would see the information for "Capital One". In this case, no information is given. A dead give away it is a phishing email. Do not delete the mail just yet.
Note: Linux users from the command line can use:
$ nslookup 188.8.131.52
$ nslookup www.capitalone.com
Step 3: What to Do Next?
Every financial site usually has a special page to report emails like this. For your safety is is better to let them deal with it. Besides in some ways they have a duty to deal with phishing emails. For "Capital One" you can go to http://www.capitalone.com/fraud/prevention/phishing.php for more details. In most cases there is an email address to do such reporting and usually is in the form of firstname.lastname@example.org.
Step 4: Do Not Fill Out Forms.
Lastly, a friend of mine sent me this screen shot. You should never fill out forms requesting your private information. Real financial institutions do not send these kinds of requests. Notify the institution immediately.
http://www.fbi.gov/scams-safety/e-scams is a good place to find out about the latest scams.
Good luck and be careful!
Step 5: Just Be a Regular User.
Indirectly attached to this topic is that, some emails could contain malware (software that intentionally will either harm you computer or compromise security). In all my years working as a tech, everyone albeit on Apple, Microsoft, or Linux users want to run as a system administrator, superuser, or root. This is where the user has unlimited power on a system. The shortcoming to this is that if you get an email with malware, the malware has complete control over your machine as if they are at the keyboard. Though there may be some power trip or fear from a Hal of "Space odyssey 2001" experience, it is not in your best interests to be a regular user instead of a superuser.
One way around this is to set up user accounts that do not have system admin powers for everyday use. When you need to go to admin mode, you can run special programs to have limited time in the super usermode. Thereby you reduce your exposure to malware issues. With Microsoft Windows has a "run as" command structure and Linux and Apple have a "sudo" command structure. Getting to know these techniques will save you a lot of heartache.
Two other hints: Change the passwords of all users and disable any guest accounts. Your computer support people can help you with all this.
Step 6: Scam Letters.
This is just a con job. Had not seen one like this is a long time. An email I received.
On behalf of the Trustees and Executor of the estate of late Engr.Theo
Albrecht. I once notify you as my earlier letter was returned undelivered.
I hereby attempt to reach you again by this same email address on the
WILL. I wish to notify you that late Engr.Theo Albrecht made you a
beneficiary to his WILL. He left the sum of five Million, One Hundred
Thousand Dollars only (USD$5,100.000.00) to you in the Codicil and last
testament to his WILL.
Please, if hopefully contacted, endeavor to get back to me as soon as
possible to enable me conclude my job. I hope to hear from you in no
Note: You are advise to contact me with my personal details
I awaits your prompt response.
Yours in Service,
Barrister Thomas Thompson Esq