![\"Dissecting](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/dissect.png\")
Dissecting a Phishing Email<\/span><\/strong><\/p>\nI received a phishing email and, as I always do, I immediately deleted it. Later, I gave it some thought and I dragged it out of the deleted items folder and used it as an example for this tutorial written to help you keep your identity safe by learning to easily recognize a phishing email.<\/span><\/p>\n A lot of people think that identities are stolen when hackers furtively hack into personal computers and reap all kinds of juicy personal information by manually digging through all the files and folders on a personal computer. But honestly, you have a much better chance of winning the MegaMillions lottery. <\/span><\/p>\n Most hackers hack into computers and computer systems by luring a “phish” into clicking a link in a phishing email and downloading malware which kind of turns the computer into a zombie allowing the hacker to access databases, passwords, and all kinds of stuff. <\/span><\/p>\n But for most people, the way hackers and criminals steal identities is by tricking the victim into clicking a link in a phishing email that is designed to look like a legitimate email from a bank, credit card company, financial institution and\/or government site. When the victim clicks the link in the phishing email, the site that opens looks just like (or a lot like) the authentic site is supposed to look. The login boxes are on the log-in page as they almost always are. But in this case, if the victim enters their real username and password, wham! They got ya! <\/span><\/p>\n Did the criminal\/hacker steal this person’s password and user name? Not exactly. The victim was tricked into voluntarily giving the criminals everything they need to drain accounts or wreak havoc with credit cards – or even worse steal this person’s identity and open up dozens of accounts using the victim’s name, social security number, home address, etc. And woe, woe, woe are they!\u00a0<\/span><\/p>\n For this example today, I’m going to use a phishing email I received recently. Millions of people have Discover Cards and probably thousands have fallen prey to this phishing scam. But, by no means is this kind of thing limited to Discover, the same thing happens Visa and Mastercard customers, customers of large national banks, and those using online tax services and government sties.\u00a0 But for today’s example, we’re going to use the Discover card phishing email.<\/span><\/p>\n First, this scam wasn\u2019t even well done. They made mistakes like putting a woman\u2019s name at the bottom of the email. They used English in the body of the email even worse than mine\u2026my dear grammarians. <\/span><\/p>\n You can tell by the way it\u2019s written that the authors don\u2019t speak or write English as a first language. But I’ll bet you that more than a few people have been scammed into giving up their Discover account information, simply because they didn\u2019t recognize an obvious phishing email.<\/span><\/p>\n I want to remind you all, once again, always be leery of email from banks, credit card companies, government sites, etc. It’s too easy to fall for phishing scams if you’re careless.<\/span><\/p>\n You can keep yourself a lot safer just by remembering our simple rules when it comes to emails from the government, banks and other financial institutions, credit card companies, etc.:<\/span><\/p>\n 1. A legitimate email from a bank or financial institution will be addressed to you such as \u201cDear JoAnne Miller\u201d not \u201cDear Customer\u201d or \u201cDear Cardholder\u201d or \u201cDear Valued Customer\u201d or worse “To whom it may concern”.<\/span><\/p>\n 2. A legitimate email from a bank, financial institution, official government site, or credit card company will never ask you to click a link to verify your account or change your password. They may ask you to visit the official site and log in, but they will never provide a link in the email.<\/span><\/p>\n 3. NEVER click links in emails from government Websites, banks and financial institutions, and or credit card companies.\u00a0 <\/span><\/p>\n If something in the email seems urgent, and you’re in doubt, visit the site by using the URL you know, for example, https:\/\/www.discover.com\/<\/a> or https:\/\/bankofamerica.com\/<\/a>\u00a0 or https:\/\/www.paypal.com<\/a>, etc. And then verify the URL in the address bar \u2013 make sure it starts with https:\/\/<\/strong> not http:\/\/. All browsers will show a lock icon in the address bar when you’re on a secure Website.<\/span><\/p>\n If you want more details, you can click on the lock and get more information about the site.<\/span><\/p>\n Now on to today\u2019s lesson on phishing — no pole or bait needed — just common sense and a couple of functioning eyeballs.<\/span><\/p>\n It all begins with a sort-of official-looking email. This particular scam was sloppy, but many are not. You notice that the email below has two links. One at the top to view the \u201cWeb version\u201d and the telltale click \u201cVerify now\u201d which should be enough to send you scurrying away and sending the email to the deleted items folder.<\/span><\/p>\n Here\u2026let\u2019s look at this one up close. Or as I like to say – let’s dissect it. EB, scalpel, please!\u00a0<\/span><\/p>\n All the English police who notoriously love to point out my grammatical guffaws, owe me a gold star when compared to these crooks! I\u2019ve highlighted – in green – things you should note. You sure don’t need me to explain why they\u2019re highlighted, right?<\/span><\/p>\n And look above: These crooks are so sloppy that this email, supposedly from Discover, has the name of some women living in Hawaii at the bottom of it. Who the heck is Joyce Yoshimoto? Will the real Joyce Yoshimoto please stand up!<\/span><\/p>\n We should all drop her a note! Don\u2019t bother. The address probably doesn\u2019t exist or if it does it belongs to Kahlua Kai Kai Funeral Home or Benny J\u2019s Restaurant or the Immortal House of Pink Poi.<\/span><\/p>\n And if for those who are foolish enough to click the link in this phishing email… they will land upon a very official-looking page complete with an 800 “help number\u2026which they hope that you don\u2019t call because it\u2019s legit.<\/span><\/p>\n Now, if you were crazy enough to click the link in the email and thus land upon this fake Discover site, you can still save yourself by looking at the URL in your browser’s address bar.<\/span><\/p>\n In my example Discover Card phishing email, if you were to click the link in the email and go to the counterfeit Discover site… just looking in the address bar in your browser could save you. The URL has nothing to do with Discover.com unless you think Discover should be on a domain called Vonlichten \u2013 and you don\u2019t believe that do you? Plus, there is no https:\/\/ and no lock icon there either.<\/span><\/p>\n An easy way to tell the real domain name is that it’s the name that immediately precedes the dot com, dot net, dot org, dot tv, dot whatever is the domain name. In the example above the criminals hope you don’t see that the domain is vonlichten.com.<\/span><\/p>\n But these folks think they are clever indeed. They stuck the lock icon on the page! (See the screenshot below.)<\/span><\/p>\n How clever. They hope the lock will make you feel warm and fuzzy and you\u2019ll pay no attention to the URL in the address bar…or the criminals behind the curtain.<\/span><\/p>\n I don’t recommend you do this, I recommend you just delete the phishing email and be done with it. But I like to have fun with these idiots. So when I have time and I get a phishing email, I like to in fake USER IDs, email addresses and passwords which I create by banging a bunch of keys– like this:<\/span><\/p>\n ihfidafauoifdifoaifoaierfoaeadsofjaoiuofiuoiauteryheorfafuaopadsuoufa \u2026like that.<\/span><\/p>\n Sometimes I use bad words \ud83d\ude42 but not today, I don\u2019t want you to think I\u2019m a foul-mouthed son-of \u2026.er \u2026 a bad-word user.<\/span><\/p>\n Don\u2019t be stupid like me, Don\u2019t click links emails that look like they came from your bank or financial institution or your credit card company – or your government. Just don’t. Don\u2019t toy with phishing sites like me. Like they say on Mythbusters \u2013 don\u2019t do this at home. We\u2019re professionals and we\u2019re allowed to do crazy, stupid stuff.<\/span><\/p>\n Remember, follow the three rules below and you\u2019ll end up being safe and not spending weeks or months and hundreds of dollars trying to repair the damage that occurred because you clicked a link in a phishing email, despite our continued efforts to keep you safe.<\/span><\/p>\n Our three easy rules to help you avoid phishing scams<\/span> \u201cDear JoAnne Miller\u201d not \u201cDear Customer\u201d or \u201cDear Cardholder\u201d or \u201cDear Valued Customer\u201d.<\/em><\/span><\/p>\n 2. A legitimate email from a bank, financial institution, credit card company or your government will never ask you to click a link to verify your account or change or check your password. They may ask you to visit their website and log in, but they will never provide a link in the email.<\/span><\/p>\n 3. NEVER click links in emails from your bank, financial institution, credit card company or government. If in doubt, visit the bank or financial institutions\u2019 site by using the URL you know, like https:\/\/www.discover.com\/<\/a> and then verifying the URL in the address bar \u2013 and make sure it starts with https:\/\/<\/strong> not http:\/\/. All browsers will show a lock icon in the browser’s address bar before the website’s name or URL (web address).<\/span><\/p>\n And if you copy the Web address from the browser’s address bar you’ll see the entire URL In the above example when I copy and paste the URL (web address) I can see it’s correct:<\/span><\/p>\n https:\/\/www.discover.com\/<\/a><\/span><\/p>\n We want you to be safe without spending hundreds of dollars on identity theft protection that you don’t need. All you need is common sense and the knowledge to recognize a phishing email when you see one. We hope this article helps you and keeps you from being the victim of identity theft and\/or phishing scams.<\/span><\/span><\/span><\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Dissecting a Phishing Email I received a phishing email and, as I always do, I immediately deleted it. Later, I gave it some thought and I dragged it out of the deleted items folder and used it as an example for this tutorial written to help you keep your identity safe by learning to easily recognize\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":14573,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1461,2942,3590,1680,1656],"tags":[283,194,3765,14],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/18598"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=18598"}],"version-history":[{"count":3,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/18598\/revisions"}],"predecessor-version":[{"id":18601,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/18598\/revisions\/18601"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media\/14573"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=18598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=18598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=18598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"lock-of-safety\"](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/locklock0.png\")
<\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discoverphish-1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discoverphish-2.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-email-joyce1.png\")
<\/strong><\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-page1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-page3.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/fake-lock.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/fake-lock1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2016\/discover-phish-fun1a.png\")
<\/span><\/span><\/p>\n
\n
\n<\/strong>1. A legitimate email from a bank, financial institution, credit card company or your government will be addressed to you with your name such as:<\/span><\/p>\n![\"Secure](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/locklock.png\")
<\/span><\/span><\/strong><\/span><\/p>\n