.: therapy
breaking the habit :.

detecting bogus e-mails

Friday, 2 May 2008 6:12 pm by noel
posted in tech | tags: ,

every once in a while it happens. i get an e-mail that looks legit but on closer inspection it turns out that its not. here’s one of the ways i find out if an e-mail is bogus or not.

this first e-mail (shown below) appear to be from rapidshare.com — a webhosting provider. the e-mail provides a link to “reactivate my disabled account”. when i put the mouse over the link, the firefox status bar tells me it points to another domain and not back to rapidshare.com. this alone should trigger some alarm bells.

bogus mail

out of curiosity, i clicked on the link and after a redirect it showed me the screen below. note that the page is asking the user’s login details for a rapidshare.com premium account but the real domain name shown on the browser’s address and status bars are not from rapidshare.com but from another webhosting service based in poland (az.pl). the alarm bells should be loud enough at this point.

fake rapidshare

the lesson here is to look before clicking. check if the link points to the proper domain by putting the mouse over the link and see if the status bar is showing the right domain.

this next e-mail (shown below) is a little sneakier and claims to come from e-trade.com — an online financial products and services provider. take note of the difference between the link provided in the e-mail and the one shown on the status bar. if you didn’t see any difference, take a closer look.

bogus mail 2

the difference is that the link’s domain name is etrade.com and the domain name in the status bar is thetemplab1.com. warning bells.

clicking on the link, the browser shows me a page (shown below) asking for the user’s id, password and trader’s password for etrade.com but the domain name in the address bar still shows the wrong domain name. really loud warning bells.

fake etrade

again, look before you click.

note: the target of these phising attempts are the clients of rapidshare.com and etrade.com. rapidshare.com and etrade.com, as far as i know, are legit websites.
disclosure: i am not connected with either company.

you can follow any responses through the rss 2.0 feed. you can leave a response, or trackback from your own site.

leave a reply