Is This Phishing?

The purpose of this document is to show ways to spot a Phishing Scam, i.e., email that looks legitimate, from a friend or familiar organization, but is not.

According to the Verizon 2015 Data Breach Investigation Report, 23% of recipients open phishing messages and 11% click on attachments. Nearly 50% of those open emails and click on phishing links within the first hour. Clicking on links in Phishing can give away your email username and password to a scammer.

The following examples show plain, visual cues that should make an alert reader suspicious.

Example 1:
At first glance in the screenshot below, the email as viewed in the Inbox before opening should provoke doubt - legit or scam?

Verification Centre

Red flags even before opening the email:

  • Have you ever heard of an Olympus Verification Centre?
  • “Centre” is spelled in the British style - why would OlympusNet do that?
  • We identify ourselves to customers as OlympusNet, not Olympus.
  • And finally, we will NEVER ask you to verify your account. We already know your account details. If there were a problem, we would call you.

Here is the view of the opened email.

Verify Scam

Red flags:

  • The email comes from cdpt@rocketmail.com. It is not a familiar olympus.net address.
  • The grammar is poor.
  • OlympusNet will not shut down an account without leaving numerous voicemails and sending emails.
  • We will never ask a customer to click on a link unless we have prepared customers ahead of time to expect a link, and explained the purpose of the link. The link in the example is suspicious - it has no recognizable language or explanation.
  • We never refer to Olympus Mail or Olympus.
  • Clicking on Phishing links usually lead to a form to enter your email username and password. Any email that asks you to enter your email username and password is a guaranteed Phish. Always. No exceptions.

Example 2:

At first glance in the Inbox before opening, it’s hard to tell whether this email is a scam or not.

image of Daemon Header

The email opened:
image of Mailer Daemon

Red flags:

  • The email should not be trusted because it requests the recipient to Click Here.
  • The text contains a lot of technical jargon without a reasonable explanation. If you don’t know what it means, it is likely a fabrication.
  • We will never suspend an email account without phone calls, leaving voicemails, and sending multiple emails.
  • You will never have to click something in an email or on a website to get your emails to download.

See the document Use Full Email Headers to Identify a Spam Sender to look at the sender of the Phishing scam shown in the top of this document.