Gone Phishin'

Here's how hackers use email to hijack the unwary.

By: Sean Gallagher
January 22, 2010
Leave a comment
print
Share This Story

Hackers increasingly use a form of con-artistry known as "phishing" to get people to give up their personal information, or download something nasty. Today, the perfect example of a phishing scheme landed in my email inbox:

Dear AIM user,Your AIM account is flagged as inactive. Within the following 72 hours it'll be deleted from the system.If you plan to use this account in the future, you have to download and launch the latest update for the AIM. This update is critical.In order to install the update use the following link. This link is generated exclusively for your account and is available within a certain period of time. As soon as this link is not available anymore you will get another letter.Thank you,

AIM Service Team

This e-mail has been sent from an e-mail address that is not monitored. Please do not reply to this message. We are unable to respond to any replies.

The link, of course, was not to America Online.  It was to a server in Poland, set up to look like it was called "update.aol.com". 

A quick look at the email shows some telltale signs of a phishing attack:

  1. A call to immediate action.  The email says you've got 72 hours to do something, or your AOL instant messaging account is going to be shut down. 
  2. A "do not reply" email address.  The email gives no address to reply to to verify that it's the real thing.
  3. A forged email header.  The "From" in the email was shown as "don'treply@aim.com". But when I looked at the full "header" of the email—you can do this with most email programs—the return path was to an odd email address in Australia.
  4. Irregular grammar.  While this email is pretty well put together, little bits like "the latest update for the AIM" are a tip-off that that this hasn't been through AOL's legal department and editors.
  5. A link to download something unique to you.  If AOL is going to tell you to download something, they're going to direct you to the actual AIM.com website—which is AIM.com.  They're not going to give you a personalized download link. The personalized link in this email passes your email address back to associate who they snagged with the download.

Remember: the best protection against a scam like this is between your ears. If it doesn't make sense, it's probably not what it pretends to be. 

Share Your Thoughts
For your protection, ensure that no personally identifiable information (like full name or email address) is submitted in your comment.

Your Privacy
Trust is a cornerstone of our corporate mission, and the success of our business depends on it. P&G is committed to maintaining your trust by protecting personal information we collect about you, our consumers.
Our Privacy Policy
follow us
Follow Us on Twitter
X
Subscribe to Newsletters
X
MORE ON LIFE GOES STRONG
HEALTH The Radiation Risks of CT Scans
STYLE Must See Movie: "Scatter My Ashes at Bergdorf's" Mulls Over Luxury Shopping, Top Designers
HOME Selling Points in New Real Estate Listings
FAMILY What Is Prosopagnosia? And Does Brad Pitt Have It?
PLAY Summer Festivals: New Haven and Beyond
WORK Virtual Assistant Services for Work-at-Home Moms and Others
About Life Goes Strong Contributors
Newsletter Sign Up Friends
Newsletter Unsubscribe Contact Us
Mobile App Sitemap
iVillage Petside
Momtourage Astrology.com
DinnerTool GardenWeb
© NBC Universal Inc. All Rights Reserved  |  Part of the iVillage Lifestyle Network  |  Terms of Service  |  Privacy Policy
LifeGoesStrong® is a registered trademark of Procter & Gamble