I’ve recently started to monitor a new email account. In fact, I set it up for a local business, so jointly monitoring it for them was the next step.
I was quite surprised (but probably shouldn’t have been) just how quickly email accounts start to receive spam, phishing attempts and other junk email.
Let’s start off by looking at these terms, and then I’ll share with you an example of what I’ve seen recently.
Spam and junk email
These, essentially, are unwanted messages trying to get you to buy something. In themselves they’re not malicious, well, not usually. They’re usually sent out in bulk to a huge recipient list (though you might see the message as being addressed directly to you).
How do people, or companies, get your email address? Sometimes it’s through data breaches from legitimate companies, sometimes it’s from companies that you’ve actually purchased from who have then sold-on your email address as a list to someone else. (And, you’re right, they shouldn’t be doing that without your express permission)
Phishing is different to spam and junk email. It’s trying to get you to do something, or to give up some personal information including, but not limited to, login information to key websites that you use (think online banking, Amazon, etc).
Phishing emails usually appear to come from reputable companies warning you of something, or offering you something… but they just need to check your details first.
When you follow the links in the email, sometimes a pretty good rendition of a legitimate website will appear asking for login information. Typically you enter this correctly but the website either says ‘Thank you, we will be in touch’, or it will say ‘Sorry, you got the information wrong, try again’. The latter of these gets you to repeat the process. This time you’ll be doubly sure it’s correct.
Either way they’ve now captured your login information, and can use it for any purpose they like.
Let’s take a look at this example:
To many people the above looks real. And if this was an important personal email account, or, a business account, you’d almost definitely be tempted to open the attachment and provide the verification information.
But this email, of course, isn’t really from Microsoft. It’s a phishing email to get you to provide your email login details.
Here are the three things that I see that make me super-suspicious of this email:
Grammar and text (including email layout)
Here are just three elements of the email that I’ve highlighted where the grammar/text is terrible.
Think to yourself: Would a company like Microsoft send this sort of email?
Who sent it?
Most email applications allow you to ‘expand’ the display name of an email Into the underlying real email. And as you can see here… it doesn’t really look like an official Microsoft account.
To start with sending an attachment is odd. Why wouldn’t they include a link for me to click on to verify the details that they need? This attachment actually takes you to a fake page to capture your login details, and send them to the attacker.
This is just the beginning
This is just one example of email that I’ve seen in this new (about 2 months old) email account. There are many, many more. The attacks range from people pretending to be your electricity supplier, to Amazon Prime subscription (at a strangely high price) to Apple purchase confirmation.
Dawn has published another article which talks about phishing.
Let me know in the comments if you’ve seen this sort of email, or any other types.