Common Characteristics of Phishing Scam Emails
- Unsolicited requests for sensitive information
The entire purpose of a typical phishing scam email is to get the recipient to provide personal information. If you receive any unsolicited email ostensibly from a bank or other institution that asks you to click a link and provide sensitive personal information, then you should view the message with the utmost suspicion. It is highly unlikely that a legitimate institution would request sensitive information in such a way. - Content appears genuine
Phishing scam emails are created to give the illusion that they have been sent by a legitimate institution. The email may arrive in HTML format and include logos, styling, contact and copyright information virtually identical to those used by the targeted institution. To further create the illusion of legitimacy, some of the secondary links in these bogus emails may lead to the institution’s genuine website. However, one or more of the hyperlinks featured in the body of the email will point to the fraudulent website. - Disguised hyperlinks and sender address
Links in phishing scam emails are often disguised to make it appear that they lead to the genuine institution site. The sender address of the email may also be disguised in such a way that it appears to have originated from the targeted company. - Email consists of a clickable image
Some phishing scam emails may arrive as a clickable image file. That is, the entire email consists of an image that contains the fraudulent request for information. These are a particularly dangerous type because clicking anywhere within the email will cause the bogus website to open. - Generic Greetings
Because they are sent in bulk to many recipients, scam emails use generic greetings such as “Dear account holder” or “Dear [targeted institution] customer”. If an institution needed to contact a customer about some aspect of his or her account, the contact email would most likely address the customer by name. - Use various ruses to entice recipients to click
Phishing scam emails use a variety of ruses to explain why it is necessary for recipients to provide the requested information. Often, the messages imply that urgent action on the part of the recipient is required. Some of the most common ruses are listed below. The scam emails may claim that:- The customer’s account details need to be updated due to a software or security upgrade.
- The customer’s account may be terminated if account details are not provided within a specified time frame.
- Suspect or fraudulent activity involving the user’s account has been detected and the user must therefore provide information urgently.
- Routine or random security procedures require that the user verify his or her account by providing the requested information.
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Monday, March 3rd, 2008 and is filed under Phishing Scams.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: How Scammers use Information Harvested from Phishing Scams »
Next Post: Reporting Phishing Scams »
Latest Posts:
