Phishing emails getting better

So I check my email this morning and I see the following message, which makes me wonder as I had not received any text alert about a payment (which I would normally get).

Email

So I click the email to find this message:

Email Message

So far it looks like a legitimate email. I look at the email address and expand it a little so I can see the real email to make sure as to where it came from. It is then I notice a slight discrepancy.

Full Email

Now last time I checked, Skype and Paypal use email addresses that match their domain, not “Telegraph.co.uk“. So this is quite clearly a phishing email and I haven’t lost any money at all. Inspecting the page a little more the “View Payment Details” link goes to the following URL:

Payment Link

Again both Skype and Paypal I am sure do not use “Malayalicafe.com” as their URL. Now the interesting thing about this email and what made me look at it, was that this did not get picked up by the spam filters at all. Normally these type of emails all get caught but this one did not.

So a quick reminder to make sure before we click anything that the email is from who it is is supposed to be from, and not just by email but by everything about the email too, the headers all the way to the content within the email itself.

Liam Cleary

Liam began his career as a Trainer of all things computer related. He quickly realized that programming, breaking, and hacking was a lot more fun. He spent the next few years working within core infrastructure and security services until he found SharePoint. He is the founder and owner of SharePlicity, a consulting company that focuses on all areas of Technology. His role within SharePlicity is to help organizations implement technology that will enhance internal and external collaboration, document and records management, automate business processes and of course security controls and protection. Liam also serves as the Product Owner for Security at Rencore, where he is helping to develop offerings that help organizations further understand and mitigate security and compliance risks, within SharePoint and Office 365 customizations. His core focus will is to identify, control and protect whether they are full-fledged customizations or out-of-the-box Office 365 functionality. He is also a twelve-time Microsoft MVP focusing on Architecture but also crosses the boundary into Development. His specialty over the past few years has been security in SharePoint and its surrounding platforms. He can often be found at user groups or conferences speaking, offering advice, spending time in the community, teaching his kids how to code, raspberry PI programming, hacking the planet or building Lego robots.

You may also like...