Week in review 26 December 2014
This week was a shortened week, owing to the Christmas and Boxing Day public holidays. There was little respite from the deluge of spam emails, however. Following is a synopsis of what we received over the last week. You can view screenshots of the spam emails by clicking on the link to the news stories.
Fake Kogan emails
It all started with fake Kogan emails, telling the user that their order was being held until they provided a few extra items to identify themselves. These extra items included a front and back copy of their driver’s license and a recent utility bill. Needless to say the email is a fake. Kogan have a statement on their website saying that they never will request this type of information via email. As a further indication that the email is false, none of the links point back to the Kogan domain, and the sender’s domain name is very different from the Kona domain name.
Another PayPal phishing email surfaces
PayPal phishing emails have proved to be immensely popular in December. Another surfaced during the week. This one “alerts” the recipient to a possible breach on their PayPal account. The email states that this can be rectified if the user downloads a form, opens the form in a browser, and fills in all the details. The form asks for a long list of personal information, including credit card details. It’s realistic in appearance, but it is a phishing site. Once again, none of the links in the email are to PayPal.
Two more Apple phishing emails
Finally, we finished up with two Apple phishing emails. One was more realistic than the other; however, the second compensated by having a link in the email that looked more realistic. On closer examination the link turns out to be false, but the criminals did expend some extra effort in an attempt to make it realistic. Both the emails are designed to harvest the recipient’s personal details, including credit card details. Once again, the emails pursue the theme that someone has tried to access an account, and therefore the account has been disabled (or locked).
This week has seen lots of phishing emails looking to steal user credentials such as credit card information. None of the emails mentioned above are legitimate; delete them if you receive them.