A phishing e-mail to learn from

A phishing attempt that makes even people who are very good at spotting them pause for a moment and take a good look is a perfect example on which to learn.

Ravi Dehar of OpenDNS shares such an e-mail:

The subject of the e-mail says “Campaign stopped running”, and the standard Google logo, fonts, and color scheme – not to mention the “correct” e-mail address (adwords-noreply@google.com) are used to convince the user the e-mail is legitimate.

But the “Reply to” address, as well as the “From” address, can be faked, so Dehar warns not to use them as a detail on which to decide if an e-mail is legitimate or not.

But a closer look at the e-mail confirms that it is, indeed, a phishing attempt. Spelling and grammar mistakes are an obvious clue – a large corporation like Google would never send out such an e-mail.

The next clue is in the provided link. Hovering above it reveals an URL hosted at google-dn.com – not the correct one. And as a final nail in the coffin, a look in the message details reveals that the e-mail was sent by mail.wisenetworks.co.uk, not Google servers.

Case closed.




Share this