Week in review 23 January 2015
Despite the salutation “Hello Dear” used in one of the phishing emails published this week, scammers aren’t suddenly turning over a new leaf. And they aren’t about to stop targeting PayPal users anytime soon, judging by the two phishing emails we saw this week. Elsewhere, Bendigo Bank users apparently can assist in speeding up an upgrade of the Banks’ online services. And finally, there is a DHL shipment being delivered tomorrow, if you could just fill out a form and install software. Read on to see our week in review.
Fake PayPal email uses eBay phishing bait
It’s the start of a new week, so that means … more PayPal phishing emails. This one was a reasonable effort on the part of the scammers. It informed the recipient that they had paid for an unspecific eBay item, and also included a link if they thought the transaction was in error. Of course, the transaction was false. Clicking on the link takes you to a realistic looking PayPal site, where you have to enter login details and credit card numbers. The trick the scammers use is playing on people’s fears of being hacked. Needless to say, this email is a fake.
Phishing scam targets Bendigo Bank customers
A Bendigo Bank phishing email started up this week. For the benefit of our overseas audience, Bendigo Bank is an Australian Financial Institution that runs a Community Bank program whereby local bank branches are owned and run by members of the community. However, Bendigo Bank still provides the overall services and infrastructure required for the branch to operate. With that in mind, the latest email phish targeting Bendigo Bank customers makes more sense, as it looks similar to a crowd sourcing campaign. The email states that the recipient can assist in an online upgrade of the Bendigo Bank systems by clicking on a link and updating their personal details. The email is a phishing email however. The site is designed to steal user details, including bank and credit card numbers.
Hello Dear begins PayPal phishing email
“Hello Dear”, began another PayPal phishing email. Any feelings of affection though are promptly squashed by the next line: “Your Account Will Be Limited”. But don’t worry; you can fix this by clicking on a link in the email. The site the link sends you too is another phishing site, where you have to fill out your details including your credit card number. It’s a pretty crude phishing email in many ways. The instructions in the email seem to have been added as an afterthought. The link actually precedes the instructions.
Fake DHL shipment delivers malware
And finally there was a DHL shipment notification email. This email informs the recipient that a shipment will be delivered to them tomorrow. But first, the recipient must click on a link and confirm their details. They also need to download some software. It’s all a fake of course, and the software is malware. The site is a phishing site, with the aim of stealing the recipient’s personal information, whilst the malware is designed to hijack the user’s PC.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service