Phishing and other Scams

Important Security Information for Bway.net Customers

We receive a number of questions from our customers about various suspicious emails. To help protect your identity and understand how you can avoid being a victim of various forms of identity theft, we’re providing the following common Questions and Answers.

Questions and Answers

Our first Q and A is the most important and is all you need to stay safe from account and identity theft

Q: How do I protect my accounts?

A: Follow this simple rule: Bway.net (and other businesses) will never ask you to provide login information, passwords, or credit card information via email. This includes an email that asks you to click a link to “update your information”. This simple rule will keep you safe. If you receive an email that asks for this type of information, 99.999% of the time it is going to be fake. Call the sender if you believe there is some reason for the email to be legitimate, but assume it’s a scam. Because it always is…

Q: What is phishing?

A: Phishing, and other email scams, are primarily meant to trick an email customer into providing their account credentials (username and password) to a criminal. Examples we’ve seen include those claiming to be from Bway.net, UPS, the Postal Service, FedEx, banks, credit card companies, social media (Twitter, Facebook), and payroll companies. What they all have in common is the request, either in the email itself or a linked website, for your account information.

Q: Why do criminals want this information? Why is my email account valuable to them?

A: Criminals want your account information for various reasons. Email accounts are valuable for the following reasons:

  • Your email account is often used for validation of other services. For example, if you need to reset your bank account password, your bank will send a verification email to the email address they have on file for you. A criminal in control of your email account can then receive the password reset request and gain access to your bank account.
  • Hijacked email accounts are often used to send out spam since the stolen account is “clean” and will pass through many spam filters.
  • A hijacked email account can in turn be used to “phish” people that you normally correspond with. Your friends will assume the email is from you and provide any requested information or click on links that may contain malware or viruses.

Q: I responded to one of these emails, what should I do?

A: Change your password immediately and monitor your account. If you have any questions on how to change your password, call us and we can walk you through the process.

Q: What are other common threats?

A: Files sent via email from people you don’t know. It is becoming very common to combine some of the “phishing” type content with an attached file. The message may promise to have an attached voicemail, fax, or some type of form you need to fill out to “prevent account termination”. Do not open any attached files from people you do not know. Even if you do know them, confirming via phone is helpful, as email addresses are very easy to spoof. Don’t rely completely on virus scanners, they often miss very damaging files. The site Virus Total offers a good tool to check a file against multiple virus scanners.

Phishing Examples

Below are some examples of phishing scams. Some look legitimate, some have tell-tale signs of fraud.

Various “your email/webmail needs verification/was spamming/etc.” examples:

From: CNetID Mail Alert Notice
Date: Mon, 31 Mar 2014 16:42:40 +0200
Subject: Important Notice

Hello BwayNET Mail Users

Your BWAYNet mail account was used to send fraudulent messages
from a foreign IP Address 130.60.57.144 1500H.

Therefore we are placing a temporarily restriction on your mail
login access till further notice.

We urge you to kindly update and keep your mail active for further
investigation to be done.

Failure to do so,we will be force to charge your mail account as
fraud and theft identity and legal steps will be taken.  Kindly act
fast on this important notification before the investigation is concluded.

http://www.bway.net "http://www.doma-i-dachi.xxx.ru/images/phocagallery/
banya%206x5/bway.htm" target="_blank">
Best Regards.

WEBMAIL TEAMs
 2012  WEBMIL TEAMS BWAY
Email Scam (Mar 13, 2014): "IT HelpDesk"
From: skarleett.cabeza@stantec.com
Date: Thursday, March 13, 2014 at 7:03 AM
Subject: IT HelpDesk

As part of our duty to strengthening our security and improving
your overall  mail experience, we have detected your mail settings
is out of date. We want to upgrade all email account scheduled for
today. To Complete this procedure, CLICK HERE
<http://www.leocuerxxx.com.ar/2341> to upgrade your account to
Outlook Web Apps 2014. If your settings is not updated today,
your account will be inactive and cannot send or receive message
any longer.

Sincerely,
Mail Service Team.

Additional Examples

Banking:
phish-chase

USPS:
phish-usps

UPS:
phish-ups

Ebay:
phish-ebay

Paypal:
phish-paypal

Facebook:

phish-fb2

phish-fb1

 

Additional Examples

This site has a large collection with explanations: http://www.lehigh.edu/~iniam/phishing/