Analysing a Phishing Email

As a Continuation of the article on Bank Phishing Emails - Gens Online Maintenance, We want to take a critical look at the contents of the email, and analyse its contents and the actions behind the phishing email.

It would be noted that this is a definite case of  email phishing or phishing email. An analysis of the email structure, contents and some tips below will help you stay clear from phishing emails.

Useful Tips to help you stay Clear of Phishing Emails

• Senders Email Address: If you notice the sender's address, it came from a website which has no business with the said bank. A quick DNS or Whois Look-up showed the following results:
• Recipient's Email Address: The email address of the recipient (which is "supposed" to be YOU/I ) was simply  used as : Undisclosed  Recipients meaning that the message was sent to you as a "BCC" - Blind Carbon Copy, using a Mass e-mailer or a Mass email sender.
• Email Greetings: If you Bank or  Financial Institution will ever communicate to/with your through email, your First and Surnames MUST be included in the email (as a Security measure) to enable you know that the email is from the Bank or Financial Institution.
• Email Grammatical Structure: While psychologists have noticed that most people that fall for online scams do not "think about grammar or structure" of the emails or letter they receive, where their eyes and brain is attached to is on what to gain from such transactions.

It is to be noted that this email purported to come from a "Bank" asks (the "undisclosed recipient" who is being greeted as "Dear Customer" and not with their real names), for some key information from them.

This will involve you doing the following:

• Download a Form or click on a link - as against making a phone call, going to the Bank website, going to a Branch of the bank.
• Filling a Customer Security Update form: This is one of the worst "stupidity" that one can think of, but the part of the brain that says - "yes this is true" does not want to hear otherwise.
• Psychological Target: These spammers know very well that if they included a BOLD warning, many people may be attracted to do things their way. Note how they used Capital Letters to highlight the warning. but unfortunately, Capital Letter in communication means "Shouting" or emphasis. NOTE: FAILURE CAN RESULT TO PERMANENT ACCOUNT SUSPENSION.
• Email Signature: To further buttress the scam, the sender signed the email with a "generic word". No Bank or Financial Institution will send out such sensitive email without using a "verifiable" Name and Official Designation and even a workable phone number.

Useful Advise

Phishing Website DNS lookup

If you receive any of such phishing emails, always use the cursor and hover around any link on the email, if its pointing to an IP address, its a clear indication of phishing in action. once you click on such links (and if you are lucky to have the McAfee Site Adviser installed in your computer, it will warn you on visiting such sites.

Do not in any way either by a return email or clicking a link, fill any form that involves disclosing your Bank security details to anyone. You Bank can never contact you in such manner and will never ask you about any "sensitive" information about your Bank account on the phone. Be wise and be Warned.

You can visit the following Links to know more about Phishing Emails or Computer Phishing as a whole.