Phishing Explained

Phishing, which is a construct of the words Password and Fishing, becomes more and more common on the Internet.
Many Internet users receive daily mails from sites that look as if they come from legitimate companies and services such as eBay or PayPal, or from financial sites like Citibank.
These emails look authentic and direct you to a website that looks like a copy of the original site. They "phish" your login data or credit card information when you enter them on the fake website. Phish in this context means steal by the way.
Once the data has been recorded, which it will when you sign in or enter the data into forms on the site, they can use the information for all kinds of activities, from locking you out of your own account, abusing it to send spam messages, withdrawing funds, or other criminal activities.
The following article can be used as a guideline to distinguish between official mails and phishing mails. It explains phishing in detail, and has tips in the end as well. Before we start, why not take a phishing test and see if you can distinguish between legit mails and fake ones.
The mail
Most phishing attempts start with emails being sent to your account. They look real on first glance, they are sent from an official email address, and they look like official mails most of the time.
Contents may differ. Some may ask you to update account information, verify that the email address belongs to the account, provide financial information or other personal data such as your Social Security Number, or require you to open a document or file on your computer.
What you need to know is the following
- Every email address can be faked.
- Every email can be created to look like an official email.
- Every website can be designed to look like the original.
There are however hints that point you in the right direction if you have to decide if the email you just received is a legit one or not.
Its easy enough to distinguish if you are not a customer of the website or institute. Trash and forget in that case. Its also easy if you receive an email in a foreign language (if you have no contact to that institute in that country). Trash and forget as well. Take a look at the To: Header. Is that your real email address and name? If not trash and forget as well.
Other indicators are if the email does not address you by name, if it contains improper formatting, or spelling or grammar mistakes.
But what if you are a customer?
One indicator that an email may be a phishing email is if you are not addressed by your full name.
Phishing Emails often contain one or multiple links to fake website. Mostly to a site with form fields that prompt you to enter information about yourself and financial date / login data.
Note that some spammers mix legit and fake links in emails to throw you off balance. It is necessary to go through all links to make sure they are all legit.
Lets take a look at an eBay phishing mail. Click on the thumbnail to get a large version of the jpg.
It looks legit, comes from an official eBay address and has some nifty eBay logos in it. It also seems to point to the official website starting with https://signin.ebay.com/..
The trick now is that this is only the link text but not the link itself. If you move your mouse over the link you will see the link address and not the link text. The link address is shown in the status bar of the mail program. It leads to http://200.41.5.40:780/.. which is no official ebay site at all.
Results:
- Link Text and Link point to different websites, no company would link to an IP address.
- The original link is https and the fake one is http. No signup page ever uses only http, well signup pages from eBay and financial ones at least.
Lets take a look at the site that the link points to:
If you look in the address bar you see that you are not on an official eBay site. You also see that its again http and not a https site. I suppose the site will redirect you to the official site once you enter your login data.
If you take a look at the official site and the login screen you see differences:
First, its a https site, second its an ebay.com site and third it looks different than the phishing mail. You can distinguish between fake and real by simply looking at those elements.
Please be aware that it is not always as easy as this example. Phishers begin to use cross-frame phishing to mix official site content with fake site content. A good example of this can be found on the netcraft.com site.
Tips:
- If you are not a customer of the site delete the email immediately. Don't click on the link or reply, or execute any files that may be attached to it.
- If you are not addressed by name, it is likely a phishing email.
- If you are a customer and you are not sure if the email is legit do one of the following:
- Contact the institute by phone or use a contact on the official website ( do not use the email link of course) and ask if the mail is official.
- Instead of using the link provided open the website by typing in the official link there. The site should have news about the email on their starting page. (most of the time). If not, use 2a to verify the email.
There are some anti-phishing toolbars and plugins available but I never needed to use one because all phishing emails are more or less obvious fake if you analyze them.
Update: Most web browsers come with anti-phishing modules nowadays. They do however only protect you against known threats, not threats that have not been discovered yet.
Advertisement
You said that Outlook isn’t your main email client, so which is your main one?
I think its thunderbird
It is Mozilla Thunderbird.
Awesome! This actually solved my problem… what a stupid bug.
If this is the same bug that I’ve encountered, there may be another fix: (1) hover over open Outlook item in Taskbar, cursor up to hover over Outlook window item, and right-click; (2) this should give you Restore / Move / Size / Minimize / Maximize — choose Move or Size; (3) use your cursor keys, going arbitrarily N/S/E/W, to try to move or size the Outlook window back into view. Basically, the app behaves as though it were open in a 0x0 window, or at a location that’s offscreen, and this will frequently work to resize and/or move the window. Don’t forget to close while resized/moved, so that Outlook remembers the size/position for next time.
THANK YOU Claude!!! I could get the main window to launch but could not get any other message window to show on the desktop. You are my hero!!!!
Solved my issue! 6 years later and this is still problem…
Fantastic. Thank you. Size did the trick.
This solved my Outlook problem, too. Thank you. :)
Thank you so much, this started happening to me today and was causing big problems. You are a life saver, I hope I can help you in some way some day.
You are a god – thank you!
thanks a lot…. work like charm.. :-)
Yah…thanks Claude. I’ve been having the same problem and tried all the suggestions…your solution was the answer. It had resized itself to a 0/0 box. Cheers
Excellent post. This had me baffled even trying to accurately describe the problem. This fixed it for me.
Thank you
Thanks a lot for the article. Don’t know why it happenend, don’t know how it got fixed, but it was really annoying and now it works :-)
Thanks a lot. I was facing this issue from past 3 week. I tried everything but no resolution. The issue was happening intermittently and mainly when I was changing the display of screen ( as i use 2 monitors). The only option i had was to do system restore. But thanks to you.
I’ve been tried to sole this problem for 12hours. Your comment about changing the display of screen helped me a lot!! Thanks!!
Thank you…don’t know why this happened but your instructions helped me fix it. Running Windows 10 and office pro 2007
Great tip! Thanks!
Worked for me, too – thank you!!!
It’s Worked for me, too
thank you very much!
I had a similar issue with Outlook 2013 on Windows 10 and this helped me to fix it. Thank you very much!
Thank you so much. Solved!
Considering you published this in 2012, incredible not been debugged by Microsoft.
Thank you again. M
This problem was faced by only one user logging to TS 2008 r2 using outlook 2010.The issue was resolved.
Thanks.
Great tip. Thank you!!!! If it helps, I had to use the Control Key and the arrow keys at the same time to bring my window back into view. Worked like a charm.
Thank you, this worked !!!!
Man, you are a fucking god. Thanks a lot, what an annoying bug!!
Awesome, this post solved the issue. Many thanks!