Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. It’s also used to infect computers with Viruses and Malware. Read more about it at Wikipedia.
Recently, I have seen some very convincing phishing attempts. Today, I received an e-mail subject “Thank You for your Verizon Wireless Payment” with the sender spoofed as “AccountNotify@verizonwireless.com”.
Looks pretty convincing. Let’s take a closer look.
First, the message headers show that the message came from a mail server in Poland.
Second, when hovering over the links in the e-mail (e.g. Manage Your Account Online, View My Verizon Demo, View Terms & Conditions, etc.) the destination URLs were various domains in Poland and Brazil which surely are hosting malware. This can also be seen by doing a View Source on the message itself as below.
Warning: DO NOT attempt to go to that URL!
The single, best thing to remember is NEVER click links within an e-mail. If you receive an e-mail like this and are concerned, open up a browser and manually go to the site (e.g. verizonwireless.com) and sign into your account.
