We receive a number of questions from our customers about various suspicious emails. To help protect your identity and understand how you can avoid being a victim of various forms of identity theft, we’re providing the following common Questions and Answers.
Our first Q and A is the most important and is all you need to stay safe from account and identity theft
A: Phishing, and other email scams, are primarily meant to trick an email customer into providing their account credentials (username and password) to a criminal. Examples we’ve seen include those claiming to be from Bway.net, UPS, the Postal Service, FedEx, banks, credit card companies, social media (Twitter, Facebook), and payroll companies. What they all have in common is the request, either in the email itself or a linked website, for your account information.
A: Criminals want your account information for various reasons. Email accounts are valuable for the following reasons:
A: Change your password immediately and monitor your account. If you have any questions on how to change your password, call us and we can walk you through the process.
A: Files sent via email from people you don’t know. It is becoming very common to combine some of the “phishing” type content with an attached file. The message may promise to have an attached voicemail, fax, or some type of form you need to fill out to “prevent account termination”. Do not open any attached files from people you do not know. Even if you do know them, confirming via phone is helpful, as email addresses are very easy to spoof. Don’t rely completely on virus scanners, they often miss very damaging files. The site Virus Total offers a good tool to check a file against multiple virus scanners.
Below are some examples of phishing scams. Some look legitimate, some have tell-tale signs of fraud.
Various “your email/webmail needs verification/was spamming/etc.” examples:
From: CNetID Mail Alert Notice Date: Mon, 31 Mar 2014 16:42:40 +0200 Subject: Important Notice Hello BwayNET Mail Users Your BWAYNet mail account was used to send fraudulent messages from a foreign IP Address 126.96.36.199 1500H. Therefore we are placing a temporarily restriction on your mail login access till further notice. We urge you to kindly update and keep your mail active for further investigation to be done. Failure to do so,we will be force to charge your mail account as fraud and theft identity and legal steps will be taken. Kindly act fast on this important notification before the investigation is concluded. http://www.bway.net "http://www.doma-i-dachi.xxx.ru/images/phocagallery/ banya%206x5/bway.htm" target="_blank"> Best Regards. WEBMAIL TEAMs 2012 WEBMIL TEAMS BWAY
Email Scam (Mar 13, 2014): "IT HelpDesk" From: email@example.com Date: Thursday, March 13, 2014 at 7:03 AM Subject: IT HelpDesk As part of our duty to strengthening our security and improving your overall mail experience, we have detected your mail settings is out of date. We want to upgrade all email account scheduled for today. To Complete this procedure, CLICK HERE <http://www.leocuerxxx.com.ar/2341> to upgrade your account to Outlook Web Apps 2014. If your settings is not updated today, your account will be inactive and cannot send or receive message any longer. Sincerely, Mail Service Team.
This site has a large collection with explanations: http://www.lehigh.edu/~iniam/phishing/