Be aware of a number of fraud or spam emails that have been circulating on the Internet recently. This type of email has already affected the some of world’s leading websites including Yahoo, EBay, Amazon, etc.
The people who send these emails hope that unsuspecting recipients will reply to the email or click on a link contained in the email, and submit sensitive personal information in fake feedback forms.
The key to reducing the effect of this type of email is awareness, education and vigilance. Be cautious when responding to any email request for sensitive personal information.
I would like to share my own Experience. I received a mail from Paypal asking me to immediately login to my account or else my account will be suspended.
PayPal Scam
That was really surprising for me, as in last few months I am using PayPal, so I looked into mail more deeply and find it a fraud mail. I would like to share my findings with you, which you should also consider, if you receive any mails which are asking you for immediate action to enter your sensitive Bank Details or any other Financial Information.
1. From Email Address:
From Email Address is from abuse-paypal.com. You see there is a hyphen ( – ) between “abuse” and “Paypal.com”. Whereas, if it is Sub-Domain there should be Dot (.) between these two words. So Writer has tried to play tactfully as very few people will observe it.
Dot Vs Hyphen
However, it should be noted that, its very easy to forge “FROM” Email Address. Most fraud email senders may send emails with forged email addresses-some of them appear to be real email address.The “From” field of an email can easily be altered – it is not a reliable indicator of the true origin of the email.
2. Hidden Hyperlink:
When I took mouse on the link, which this mail asked me to click on and login, it showed, that text shown is different than Hyperlink hidden under this text. Almost All good Email Clinets show actual hyperlink in status bar.
Hidden Hyperlink
So What happen actually is? when you click this link, it takes you to a site that is 100% looks like Paypal Login Page. And when Information is entered, it store at some Remote Server. And then this information is used to access your PayPal Account and make transactions. And What you get in the end………………….? A breath-stopping Credit Card Bill.
Technically it is called Phishing, Just like Fishing.
Phishing Definition:
Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick you into giving up sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure the recipient into updating their personal information on fake, but very real looking, Web sites. More information on phishing can be found at the Anti-Phishing Working Group, and there are a number of examples and resources available at the Wikipedia Phishing page.
There is Another way, these Fraud Websites can steal your information, that is Malware.
What is Malware?
Malware is software designed to harm your computer or steal your personal information without your knowledge. Attack Sites are Web sites that try to infect your computer with malware when you visit. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Attackers will often hack a site to turn it into an Attack Site, and sometimes the Web site’s owner won’t even know that this has happened. You can learn more about Attack Sites and malware from stopbadware.org, a partnership among academic institutions, technology industry leaders, and volunteers committed to protecting Internet users from threats to their privacy and security caused by bad software.
Some of the Characteristics of Fraud Emails are:
1. Non-personal, general greetings
Most fraud emails start with a general greeting such as “Dear Member” or “Dear User” etc, while emails from legitimate source generally start with your First name and Last name.
2. Stress urgency and threaten your account status
3. Claim your account was suspended or that you need to verify your account by inputting information about your member ID and password or credit card without any explanation of the reasons;
4. Try and scare you into “urgent action” by threatening that your account will be suspended or closed if you do not follow their instructions and submit sensitive personal information as soon as possible.
5. Include incorrect English, unprofessional expressions
6. Make reference to a User Agreement in order to seem more legitimate
7. Fake links or URL address
8. Fake feedback forms
Many fraud emails ask you to submit sensitive information such as member ID and password, credit card details etc by clicking a link or completing a form which is very similar with actual. Through this ploy, the perpetrators attempted to hijack private and confidential information.
Dear Iqbal Khuram,
Thanks a lot for your information!
It is too bad when meet this kind of things ,
3 days before I recieved an email from friends and after open it my computer can not work again ,
it is virus! My god ,really angry!
How can we avoid to recieve this kind of email ?
I do not have the idear now!
Regards
Hellen
Hi Halen
You should use a good antivirus solution. Most of good AV solutions like mcafee check the emails and block them if they contain any virus.
Also if you are using outlook, use high security from tools, so that it block scripts from running on your computer and give you a warning.
I hope it will help you.