New SPAM: Your receipt #336722045566
I got an email at work today that turned out to be a scam but it had me going for a few minutes. It looks like the image at right and appears to be an iTunes Receipt.
Why it took me in:
Like many phishing scams, this one works by appearing to be a company I do business with. The bank phishing scams look like the bank's home page but only work if you have an account with that bank. The recipient is then fooled into revealing user name, password and account information thinking they are logging into a familiar site.
This email uses the same principle as phishing site use but in a different way. It looks like a receipt for a service I might have used. Since it appears to come from a familiar source, I looked at it rather than just sending it to the spam bucket. The content of the receipt then leads me to believe that several hundred dollars were charged to my account. All of this was to get someone to click on any of the numerous links on the page.
Signs to look for:
In all spam messages, there are clues or signs that the message is a bad one.
First clue: recipient. The message is not addressed to me but some one else. While this is common in an email group, it is a red flag for personal things like receipts.
Second clue: arithmetic fail. The receipt does not add up. The Order Total is not the sum of the order. For some reason, spammer are unable to add or spell.
Third clue: improper date format. Look at the Receipt Date: 1/10/10. To me that reads like January 10, 2010 rather than October 1, 2010. Spammers also have a hard time with locale.
Fourth clue: links. There are numerous links on the page like http://www.apple.com/legal/privacy/. Yet each link goes to fnkmonmg.info ( do not click on it or go there). Before clicking a link, make sure it goes where it says it does. Hover over the link and check the status bar to see that it is really going where you think it does.
Obfuscated links is a common and easy thing to do and is indeed the point of the whole spam message. The point is to get you to go to this site where all sorts of bad things might be waiting. The spammer is going for an emotional response that will get you click before you think.
What should you do?
If you get something that does not make sense, check the website itself. Do not use the links in the email but use the links you normally use to access the site. Simply doing this will assure you that all is in order with your account. Also, must browsers will have some sort of phishing and blocking plug-ins; use them.
Every email you get should be considered suspicious. Look them over using the 4 clues above before clicking on any links an email contains.