This is a genuine phishing email that I recieved, I thought it might be educational to show the things that give it away.
A couple of things gave it away though. Firstly, the grammatical mistakes:Dear E-gold valued member,
Due to concerns, for the safety and integrity of the E-gold
account we have issued this warning message.
It has come to our attention that your account information needs
to be updated due to inactive members, frauds and spoof reports.
If you could please take 5-10 minutes out of your online experience and renew
your records you will not run into any future problems with the online service.
However, failure to update your records will result in account suspension
This notification expires on 48.
Once you have updated your account records your E-gold account
service will not be interrupted and will continue as normal.
Please follow the link below and login to your account
and renew your account information
https://www.e-gold.com/acct/login.html
Sincerely,
E-gold customer department!
"This notification expires on 48" (speaks for itself)
"E-gold customer department!" (surely this should be "customer services" - and why the exclamation mark?).
No professional organisation would allow an email to be sent with those kinds of mistakes.
But the real clincher, is when you right-click on the email and choose "View source". Here is what that link actually is:
For anyone not familiar with HTML code, it displays "https://www.e-gold.com/acct/login.html", which to all intents and purposes is a genuine secure website. But it actually takes you to the non-secure (and unknown) "http://70.86.163.37/e-gold" (the page has benn removed already, so don't bother looking to see what's there).<p><a href="http://70.86.163.37/e-gold/" target="_blank">
https://www.e-gold.com/acct/login.html</a></p>
Always check where links really take you on any email that you have even the remotest suspicion about.
Another good tip, is to enter false details, such as your password, on any page that you get taken to - a genuine site will reject it, but a phishing site will happily accept what you enter, as it cannot know your real details.
Reply With Quote
