The SANS Internet Storm Center provides a perfect example of how well cybercriminals can replicate genuine emails and use them in their malicious campaigns.
In the images bellow you will find a couple of account information
emails from Verizon Wireless. While one of them leads to the legitimate Verizon website, the other one points to a phishing page that’s cleverly set up to steal sensitive information, or to a domain that serves malware.
So, let’s take a look at the differences.
First, the genuine message contains a balance that could be considered normal, while the phony one lists a balance of almost $2,000 (1,500 EUR). The large amount would probably make the recipient click on the links without giving it too much thought.
The second hint is the missing partial account number that’s usually displayed.
However, the most important clue that can help you identify a scam is the URL address that the links point to. If they lead to anywhere else than a Verizon Wireless website, you’re most likely dealing with a plot.