Category Archives: Scam Alert

Can you spot the phish?

Scammers love a good phishing email scheme because they’re so efficient. With the creation of one real-looking message, they can trick hundreds, if not thousands of people into revealing personal information. From banking and credit card information, to usernames and passwords, they do their best to create an email lure to reel you in.

Each phishing attempt can look different from another. Some may include a link, others may have a malicious attachment, and another may simply ask you to reply. With the huge variety of methods out there, are you really sure you can spot a phish?

Test your spotting skills by looking at six different emails we’ve received over the years—which one(s) are real and which one(s) are phishing attempts?

#1

#2

 

#3

 

#4

 

#5

 

And last but not least…

#6

 

So? Did you figure it out?

Here’s the answer:
The only real email in the bunch is the Amazon Gift Card one.

If you’re surprised or guessed any wrong, read on. You’re better off learning from your mistakes here, rather than in the real world.

What makes email 1 a phishing email?

  • The sender’s email address did not match the closing in the body of the email.
  • There is a sense of urgency: a due date and a possibly time sensitive discount.
  • Plus there’s a mistake in the due date: it should 12/04/2016 instead of 21/04/2016

A suspicious attachment like this one:

By itself it is not suspicious; but, when combined with the other suspicious activity, it becomes suspect.  When opened, the document would ask you to Enable Macros. If you do, it will run malware on your machine.

What makes email 2 a phishing email?

  • The sender’s email address did not come from dropbox.com, but claims to be from ‘The Dropbox Team’.
  • The employee getting the email was not in the ‘To’ field, but was BCC’d to hide the recipients.

If the link is clicked, you will be directed to a website on a foreign domain and then prompted to enter credentials for one of many email providers.

  • Once your credentials are entered, the attackers can then use your email to send out more spam/phishing emails.

What makes email 3 a phishing email?

  • The link directs you to a foreign, non-Microsoft domain.  You can see where links send you just by hovering your mouse over the link.
  • They are using a sense of urgency since you are almost out of space​.

What makes email 4 a phishing email?

  • There are misspellings in the email.  Poor spelling or grammar can be an indicator of a malicious email from someone in another country.
  • The email claims to be from USPS, but comes from a different domain.
  • The attachment is malicious and tries to download malware when opened.

What makes email 6 a phishing email?

  • The email is too good to be true and is trying to get you to reply to get a scam conversation started.
  • They are using a sense of urgency with the SOS subject line.
  • The employee is not in the ‘To’ field since all recipients are hidden in the BCC field.

If you ever wonder if an email is for real, there’s an easy way to find out: contact the business who apparently sent the email—but don’t use any of the information provided. Look up the company’s website yourself (don’t use any provided links), and/or give them a call (you should look that info up yourself, too). If it’s for real, someone will let you know.

BendBroadband modem not affected by Russian malware

The Federal Bureau of Investigation (FBI) is asking more than 500,000 Americans to reboot their routers. This is because hackers infected consumer-level routers used in homes and small offices with malware. The incident is believed to be a Russian military-related hacking and has affected half a million routers and storage devices in 54 countries, including… Continue Reading

BendBroadband Phishing scam alert

BendBroadband Phishing scam alert

BendBroadband Customer alert: Phishing attempts are still being reported. These emails ask you to update your payment information including entering your credit card or e-check account info. These emails are NOT from BendBroadband and should be deleted immediately. Do not reply with information or click on any provided links. As a reminder, BendBroadband will never ask for… Continue Reading

How to change your Facebook App settings

How to change your Facebook App settings

Privacy concerns on Facebook have not gone away. Facebook users and government regulators are demanding more transparency. Users need to remember that every action taken on Facebook has privacy and sharing implications. When you take those quizzes that show up in your Facebook feed, play games, or log in to other websites with your Facebook… Continue Reading

Twitter bug exposes passwords

Twitter bug exposes passwords

If you’re a Twitter user, you probably saw the alert advising you to change your password. Take it seriously. The social media platform revealed this month that a bug in the systems left all Twitter passwords exposed in an internal log. Now, there’s no indication that this log was breached or misused, but “out of an… Continue Reading