The scammers are resorting to new ways of fooling you

Jul 22, 2008 12:38 GMT  ·  By

According to research conducted by Internet security company TrendMicro, phishers are resorting to new ways of fooling users. The ever present URL to the phishing site has no longer been seen in numerous messages analyzed by TrendMicro. It would seem that instead the user is provided with a legitimate e-mail address.

A run of the mill phishing attempt involves the user receiving a spam message that directs that user to a phishing site. You will receive a message that goes something like "you need to update your bank account info, please click on the following link", but by doing so you will be directed to a web page that looks very similar to the one of your bank. And by filling in the requested information you are only playing into the hands of the phisher.

"But now, there's no URL seen in new phishing email samples we've discovered. They display instead a legitimate email address. This is to trick users that the recipient of the user name and password they will send is a legitimate user, but looking at the source code of the mail, it would go to an individual email address, the phisher's," says Aivee Cortez from TrendMicro.

One such spam message circulating on the Internet lately was informing users that they needed to upgrade their EarthLink account. As you might have already figured it out, the user is not asked to click on a link and visit a phishing site, but instead is asked to forward the username and password of the account to what seems to be the customer support e-mail address. Just to make sure the phishing attempt is successful, the message informs you that your account will be deleted unless you send out that information.

It even goes as far as to say "this is an Administrative Message from EarthLink. It is not spam. From time to time EarthLink will send you such messages in order to communicate information about your subscription." By simply claiming not to be spam and to originate from the actual site, the message seems authentic. But as a rule of thumb you should never send out security credentials such as username and password, no matter who asks for it. It is one of the basic rules of keeping your data nice and safe.