Week in review 19 December 2014
This week we had more phishing emails hit the email filters. Two of the emails looked so similar that we speculated that they were from the same people. Survey emails also appeared, and fake credit card offers used an existing promotion to try to fool people into clicking on links.
Another fake Woolworths survey email
Survey emails have been in high circulation recently. These emails generally follow a similar format, in which the recipient is offered the chance to win gift vouchers if they complete a survey. This methodology is used by online marketing companies as a tactic to entice recipients to fill out surveys, so it’s no surprise criminals try the same tactics. However, whereas online marketing companies can have the legitimacy of their email(s) verified, phishing emails from criminals usually have one or more signs that they are not genuine. These signs may include poor grammar and/or spelling, lack of personalisation, and links that do not lead back to either the company doing the survey or the company that has allegedly commissioned the survey. The Woolworths scam survey email was notable in having absolutely no links back to the Woolworths web site.
More gift card scam emails
Two more scam emails promising gift cards turned up this week. The two emails look very similar when placed side by side; so similar that we speculated that the same person(s) were responsible for both. The first email was supposedly from JB Hi Fi, and promised the chance to win a $500 Gift Card. The email was personalised in this case. All the user had to do was click on the email. But clicking on the links led to a phishing site. Mousing over the links showed a site that was not the JB Hi Fi site. The second email was supposedly from Myer, and supposedly allowed gave the recipient the chance to win a $1000 Myer Gift Card. Once again, the email links did not go back to Myer. Both these emails are false. Delete them if you receive them.
Scam credit card offers
In previous weeks, we mentioned that the Christmas season seemed to be the starting pistol for various scam email campaigns. Starting today, it looks like the Christmas-New Year holiday season starter pistol has also fired. Although to be fair, the email we received is piggy backing on a genuine promotion by the National Australia Bank. The email is quite realistic, but the giveaway is the links contained in the email: none point back to the legitimate National Australia Bank website. There are a couple of other hints that the email is not legitimate, but when in doubt, the best indication is to mouse over the links and check that they are genuine.
This week we noticed a change in the phishing emails. All of them were personalised, to some degree. Take care if you receive unsolicited emails. Always mouse over the links. Don’t download attachments unless you can verify the sender.