Upgrade mailbox phishing email states
There are a number of variations on phishing emails warning the recipient that their mailbox is full, and that the recipient therefore needs to click on a link to increase mailbox size. The emails also vary in the targets selected. Over the last few months we have seen Outlook, Gmail and Yahoo email users targeted. The phishing emails proceed along the same lines each time.
Figure A shows one such sample. This one is addressed to an actual email address, which we have blacked out. The subject line of the email is “Upgrade Your Mailbox”, whilst the sender is listed as “E-Mail Administrator”. This particular email is masquerading as the email administrator for a managed services company, although some of the text contradicts this.
The text of the email informs the user that they are required to increase the storage capacity on their email account. The link in the email is contained in a button, with the text “Click here to add up free 20GB storage.” The user is urged to click on the link; otherwise their account will be shut down. The sign off for the email is “Domain Security 2014/2015”.
It is a fairly uncomplicated phishing email. It does set out to deceive the user into clicking on the link by posing as the email administrator, but there are a few signals that this email is not quite right. Firstly, if the email is from a managed service company, then it is lacking in contact details. There is no phone number given and no email address, there is no website address specified either. Secondly, the grammar and general punctuation of the email is very poor.
Finally, the lack of a web address could raise suspicions anyway, but mousing over the link in the email shows it leading to a gibberish site. A well known tactic of criminals is to set up domains that are fake and contain large amounts of gibberish.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service