Tis the Season for… Phishing

Email from My Bank

496819483I just received an email from one of my banks that wanted me to confirm that I’d transferred money to a Larry Moore for $975. My gut reaction was “WHAT THE Ffff…reak?!!!!” (I didn’t use an expletive; too many people around) I immediately wanted to take care of this fraud. The email gave the following information:

Date: 20/11/2014

To Account: XXXXXXXXXX0029

Amount $975.00

Fee  $0.00

Description: Loan

Confirmation Number: PPEMZ2Z5GT

If you did not send this transfer, Kindly CLICK HERE to cancel the transfer or if you have questions, please call “Bank Name” Online Customer Service at 1-800-956-“####”, 24 hours a day, 7 days a week.

So what’s wrong with this picture? Whatever you might think, I almost clicked the big, blue CLICK HERE link, but then I stopped short and started asking myself some questions like:

1)     Hmmm, I don’t think I’ve ever received emails from my bank at my work email address before?

2)     I wonder if my wife knows anything about this?

3)     Is there some place I can call to get some answers?

I called my wife. She didn’t know anything. I called the 1-800 number on the email and got the business line for a real company, but it wasn’t my bank! Now that I was pretty sure it was a phishing scheme, I thought I’d dig into it a little more.

Phone Call About Malware on My Computer

I decided to let our Security Management Product Manager know about this phishing email, since he sits in the cube next to me. Our Systems Management Product Manager overheard and laughed, then he said he’d received a call this morning from someone telling him that his computer had malware on it. The Product Manager told us, “I just had to have a little fun with this guy from India”, because he knew right away that it wasn’t legitimate.

The man from India wanted him to download some software that would “Clear up the issue with the malware.” That elicited a smile from the group, since we have our own line of antimalware software.

Our Product Manager asked him, “So you’re calling me because you want me to buy some of your malware?

“Yes, that’s right,” answered the man from India.

“Now let me get this straight, you want me to load your malware on my machine?”

“Right, let me give you the link for that.”

“Well that means you ARE the MALWARE!” replied our Product Manager. He had to repeat this two more times before the man from India realized what our Product Manager had said.

“Ahh, mmm,” Click… the man from India hung up.

Precautions You Should Take

Crooks are ramping up their phishing schemes this season and anyone can be a target, but asking a few questions and following safer procedures will keep you away from their spears and barbed hooks. Here are a few things to do:

  1. Don’t click on or download anything until you know that it’s valid – which will require a few more steps.
  2. Make a few calls. If someone calls you saying they’re from your bank and asking for information, simply thank them, hang up, and call your bank back. Don’t give personal information to the bank, unless you initiated the call and you know for certain it’s your bank.
  3. Be a little bit like a detective and ask yourself, “What could be wrong with this picture?” Did you recognize what else was wrong with the supposed email from my bank? For one, the “Date” information in the phishing email was written in the European style of Day/Month/Year instead of the usual US style of Month/Day/Year; and I also noticed the grammatical error of a comma followed by a capital letter as in “If you did not send this transfer, Kindly CLICK HERE.” Automated replies from banks are usually more professional than that.

Stay Informed

There are a multitude of phishing schemes — see Wikipedia or this PCWorld article. This Security Week article is also useful about security training for your users. As we enter the holiday season, what kind of phishing schemes have you recently seen? Being aware of what’s out there is half the battle — asking the right questions is the other half.