![\"Dissecting](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/dissect.png\")
A Phishing Email Dissected<\/span><\/strong><\/span><\/p>\nKeeping You Safe!<\/span><\/strong><\/p>\n I received a phishing email and, as I always do, I immediately deleted it. Later, I gave it some thought, and I dragged it out of the deleted items folder.\u00a0 I decided to use it as an example for this tutorial to help you keep your identity safe by learning to easily recognize a phishing email.<\/span><\/p>\n A lot of people mistakenly think that identities are stolen when hackers furtively hack into personal computers and reap all kinds of juicy personal information by manually digging through all the files and folders on their personal computers. But honestly, you have a much better chance of winning the MegaMillions lottery. And that is a fact.<\/span><\/p>\n Most hackers “hack” into computers and computer systems by tricking a \u201cphish\u201d into clicking a link in a phishing email that downloads a malware or ransomware app thus infecting the target computer. Some of these malware apps can turn the computer into a zombie allowing the hacker to access databases, passwords, and all kinds of stuff.<\/span><\/p>\n But for most people, the way hackers and criminals steal identities is by tricking the victim into clicking a link in a phishing email that is designed to look like a legitimate email from a bank, credit card company, financial institution, and\/or government site, etc. When the victim clicks the link in the phishing email, the site that opens looks exactly like (or a lot like) the authentic site is supposed to look. The login boxes are on the log-in page as they always are. But in this case, when the victim enters their real username and password into the log-in boxes, wham! They got ya!<\/span><\/p>\n Did the criminal\/hacker actually steal this person\u2019s password and username? No. The victim was tricked into voluntarily giving the criminals everything they need to drain accounts or wreak havoc with credit cards \u2013 or even worse steal this person\u2019s identity and open dozens of accounts using the victim\u2019s name, social security number, home address, etc. And woe, woe, woe are they!\u00a0<\/span><\/p>\n For this today’s example, I\u2019m going to use a phishing email I received recently. Millions of people have Discover Cards and I’m guessing thousands have fallen prey to this phishing scam. But, by no means is this kind of thing limited to Discover, the same thing happens to Visa and Mastercard customers, customers of large national banks, and those using online tax services and government sties.\u00a0 But for today\u2019s example, we\u2019re going to use the Discover card phishing email.<\/span><\/p>\n First, this scam wasn\u2019t even well done. They made mistakes like putting a woman\u2019s name at the bottom of the email. They used English in the body of the email even worse than mine\u2026my dear grammarians.<\/span><\/p>\n You can tell by the way it is written that the authors don\u2019t speak or write English at least not as a first language. But I\u2019ll bet you that more than a few people have been tricked into giving up their Discover account information, simply because they didn\u2019t recognize an obvious phishing email.<\/span><\/p>\n I want to remind you all, once again, always be leery of email from banks, credit card companies, government sites, etc. It\u2019s too easy to fall for phishing scams if you\u2019re careless.<\/span><\/p>\n You can keep yourself a lot safer just by remembering our simple rules when it comes to emails from the government, banks and other financial institutions, credit card companies, etc.:<\/span><\/p>\n 1. A legitimate email from a bank or financial institution will be addressed to you such as \u201cDear JoAnne Miller\u201d not \u201cDear Customer\u201d or \u201cDear Cardholder\u201d or \u201cDear Valued Customer\u201d or worse \u201cTo whom it may concern\u201d.<\/span><\/p>\n 2. A legitimate email from a bank, financial institution, official government site, or credit card company will never ask you to click a link to verify your account or change your password. They may ask you to visit the official site and log in, but they will never provide a link in the email.<\/span><\/p>\n 3. NEVER click links in emails from government Websites, banks, and financial institutions, and\/or credit card companies asking you to take action – for example… “Your password has been compromised. Click here<\/span> to reset your password.”<\/em><\/span><\/p>\n If something in the email seems urgent, and you\u2019re in doubt, visit the site by using the URL you know, for example,\u00a0https:\/\/www.discover.com\/<\/a>\u00a0or\u00a0https:\/\/bankofamerica.com\/<\/a>\u00a0 or\u00a0https:\/\/www.paypal.com<\/a>, etc. And then verify the URL in the address bar \u2013 make sure it starts with\u00a0https:\/\/<\/strong> not http:\/\/. All browsers will show a lock icon in the address bar when you\u2019re on a secure website.<\/span><\/p>\n If you want more details, you can click on the lock and get more information about the site.<\/span><\/p>\n Now on to today\u2019s lesson on phishing \u2014 no pole or bait needed \u2014 just common sense and a couple of functioning eyeballs.<\/span><\/p>\n It all begins with an official-looking email. This scam was a bit sloppy, but many are not. You notice that the email below has two links. One at the top to view the \u201cWeb version\u201d and the telltale click \u201cVerify now\u201d which should be enough to send you scurrying away and sending this email directly to the deleted items folder.<\/span><\/p>\n Here\u2026let\u2019s look at this one up close. Or as I like to say \u2013 let\u2019s dissect it. EB, scalpel, please!\u00a0<\/span><\/p>\n All the Grammar Police who notoriously love to point out my grammatical guffaws, owe me a gold star compared to these crooks! I\u2019ve highlighted \u2013 in green \u2013 things you should note. You sure don\u2019t need me to explain why they\u2019re highlighted, right?<\/span><\/p>\n And look above: These crooks are so sloppy that this email, supposedly from Discover, has the name of some women living in Hawaii at the bottom of it. Who the heck is Joyce Yoshimoto? Will the real Joyce Yoshimoto please stand up!<\/span><\/p>\n We should all drop her a note! Don\u2019t bother. The address probably doesn\u2019t exist or if it does it belongs to Kahlua Kai Kai Funeral Home or Benny J\u2019s Restaurant or the Immortal House of Pink Poi.<\/span><\/p>\n And if for those who are foolish enough to click the link in this phishing email\u2026 they will land upon a very official-looking page complete with an 800 \u201chelp number\u2026which they hope that you don\u2019t call because it\u2019s legit.<\/span><\/p>\n Now, if you were crazy enough to click the link in the email and thus land upon this fake Discover site, you can still save yourself by looking at the URL in your browser\u2019s address bar.<\/span><\/p>\n In my example Discover Card phishing email, if you were to click the link in the email and go to the counterfeit Discover site\u2026 just looking in the address bar in your browser could save you. The URL has nothing to do with Discover.com unless you think Discover should be on a domain called Vonlichten \u2013 and you don\u2019t believe that do you? Plus, there is no https:\/\/ and no lock icon there either.<\/span><\/p>\n An easy way to tell the real domain name is that it\u2019s the name that immediately precedes the dot com, dot net, dot org, dot tv, dot whatever is the domain name. In the example above the criminals hope you don\u2019t see that the domain is vonlichten.com.<\/span><\/p>\n But these folks think they are clever indeed. They stuck the lock icon on the page! (See the screenshot below.)<\/span><\/p>\n How clever. They hope the lock will make you feel warm and fuzzy and you\u2019ll pay no attention to the URL in the address bar\u2026or the criminals behind the curtain.<\/span><\/p>\n I don\u2019t recommend you do this; I recommend you just delete the phishing email and be done with it. But I like to have fun with these idiots. So, when I have time and I get a phishing email, I like to in fake USER IDs, email addresses, and passwords which I create by banging a bunch of keys\u2013 like this:<\/span><\/p>\n ihfidafauoifdifoaifoaierfoaeadsofjaoiuofiuoiauteryheorfafuaopadsuoufa \u2026like that.<\/span><\/p>\n Sometimes I use bad words\u00a0but not today, I don\u2019t want you to think I\u2019m a foul-mouthed son-of \u2026.er \u2026 a bad-word user.<\/span><\/p>\n Don\u2019t be stupid like me, don\u2019t click links in emails that appear to be from your bank or financial institution or your credit card company \u2013 or your government. Just don\u2019t. Don\u2019t toy with phishing sites like me. Like they say on MythBusters \u2013 don\u2019t do this at home. We\u2019re professionals and we\u2019re allowed to do crazy, stupid stuff.<\/span><\/p>\n Remember, follow the three rules below and you\u2019ll end up being safe and not spending weeks or months and hundreds of dollars trying to repair the damage that occurred because you clicked a link in a phishing email, despite our continued efforts to keep you safe.<\/span><\/p>\n Our three easy rules to help you avoid phishing scams<\/span> \u201cDear JoAnne Miller\u201d not \u201cDear Customer\u201d or \u201cDear Cardholder\u201d or \u201cDear Valued Customer\u201d.<\/em><\/span><\/p>\n 2. A legitimate email from a bank, financial institution, credit card company, or your government will never ask you to click a link to verify your account or change or check or reset your password. They may ask you to visit their website and log in, but they will never provide a link in the email.<\/span><\/p>\n 3. NEVER click links in emails from your bank, financial institution, credit card company, or government. If in doubt, visit the bank or financial institutions\u2019 site by using the URL you know, like https:\/\/www.discover.com\/<\/a>\u00a0and then verifying the URL in the address bar \u2013 and make sure it starts with\u00a0https:\/\/<\/strong>\u00a0not http:\/\/. All browsers will show a lock icon in the browser\u2019s address bar before the website\u2019s name or URL (web address).<\/span><\/p>\n And if you copy the Web address from the browser\u2019s address bar you\u2019ll see the entire URL In the above example when I copy and paste the URL (web address) I can see it\u2019s correct:<\/span><\/p>\n https:\/\/www.discover.com\/<\/a><\/span><\/p>\n We want you to be safe without spending hundreds of dollars on identity theft protection that you don\u2019t need. All you need is common sense and the knowledge to recognize a phishing email when you see one. We hope this article helps you and keeps you from being a victim of identity theft and\/or other phishing scams.<\/span><\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":" A Phishing Email Dissected Keeping You Safe! I received a phishing email and, as I always do, I immediately deleted it. Later, I gave it some thought, and I dragged it out of the deleted items folder.\u00a0 I decided to use it as an example for this tutorial to help you keep your identity\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":14573,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3590,1682,1680,1656],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/21396"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=21396"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/21396\/revisions"}],"predecessor-version":[{"id":21397,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/21396\/revisions\/21397"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media\/14573"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=21396"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=21396"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=21396"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"lock-of-safety\"](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/locklock0.png\")
<\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discoverphish-1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discoverphish-2.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-email-joyce1.png\")
<\/strong><\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-page1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/discover-phish-page3.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/fake-lock.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/fake-lock1.png\")
<\/span><\/span><\/p>\n![\"Cloudeight](\"https:\/\/thundercloud.net\/infoave\/images\/2016\/discover-phish-fun1a.png\")
<\/span><\/span><\/p>\n
\n
\n<\/strong>1. A legitimate email from a bank, financial institution, credit card company or your government will be addressed to you with your name such as:<\/span><\/p>\n![\"Secure](\"https:\/\/thundercloud.net\/infoave\/images\/2020\/locklock.png\")
<\/span><\/span><\/strong><\/span><\/p>\n