I received two fake emails today claiming that they are official emails from JPMorgan Chase Bank. Since it is very likely that I'm not the only one to receive them, I thought that it would be a good opportunity to dissect it to show how phishing emails try to lure Internet users into a trap.
The first and most obvious hint that something is wrong with this email is if you think about the subject of the email.
Do you have an account at JP Morgan Chase Bank? If not, delete the message immediately as it is quite obvious that the message is not intended for you regardless of whether it is legit or not.
Users from outside the United States should delete it as well especially if they only have bank accounts in their country and if the language in that country is not English. If you live in Germany for example, no bank would sent you an email in English unless they know you are an English customer who does not speak German.
It becomes complicated if you are a customer of the bank.
If you do read the mail completely you soon realize that the mail body does not contain a single word about JP Morgan Chase Bank anymore but only about PayPal. The mail ends with 'Sincerely, PayPal Account Review Department'
Those factors are only indicators that something is wrong. Take a look at the only link in that email, it does show a PayPal url, but is it really one? If you hover the mouse over the link the destination of that link is shown in the status bar of Thunderbird.
The link is pointing to a Swiss website and not to PayPal.
The reason is simple: link text can be different than the link url. Link text can be anything while the link url is always the only true indicator where a link is pointing to.
If you visit that link, which should not be a problem if you use Opera or Firefox ,you come to a website that looks like PayPal. Now it is beginning to get interesting, lets take a look at that website and find out about the differences to the original PayPal website and how one would be able to spot them.
The bold indicator is the most important one. If the phishing website would use https you could check the certificate by clicking on the yellow lock to receive further information.
Phishers however mostly rely on users who believe what they see, if it looks like PayPal it must be PayPal.
Password managers can help you protect against many forms of phishing attacks as they won't fill out account information on these sites.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.