We're seeing a LOT of phishing emails pretending to be from Dropbox.
The general rule is this: The email heading begins: "(name) sent you an invitation"
The body of the email contains a link (to sign up to Dropbox, but as you would (hopefully) guess, it's a bogus link.
Please be aware.
Please do NOT click on links in emails.
Be safe......
Just as a little simple reminder, if you ever receive an email from a courier company, a financial institution, PayPal, Bank, Tax refund, and it starts with the phrase "Dear User" or " Dear Account Holder" ALWAYS be suspicious.
These companies will ONLY ever use your full name, and thus anything else must not be trusted.
That's also not to say you should immediately trust an email from your bank that uses your full name. You should always be suspicious first, because in general, these people will not write to you via email very often, and certainly not for updating your account details by clicking a link.
If you believe the email to be real, the safest option is to go directly to their website by manually typing in their URL into your browser. That way you know for sure it's taking you to the website you expect to be going to.
As ever, be very wary about emails with links embedded that asked to be clicked on.
ALWAYS BE SUSPICIOUS OF EMAILS ARRIVING IN YOUR INBOX
Here's a new one on us. An email pretending to be from Discover.com
Nicely, (or stupidly) they've included a real link to Discover, if you were lucky enough to click that, but every other link re-directs you to a bogus website.
You can see from the tooltip below.
NEVER click links in emails especially from banking and financial institutions.
Be aware....
There are a ton of bogus emails doing the rounds right now designed to appear to come from Santander.
Do not click any links within these emails.
Here are 2 examples:
We've just received 2 seperate emails purporting to be from Google about YouTube
Don't click on any of the links, otherwise you'll be re-dirceted to a malicious site.
Here's a screen shot showing the real URL links (images were prevented from being downloaded for security)
We have received a growing number of emails pretending to be from Linkedin.
These look like Inbox messages, if you're a Linkedin user, but if you click on the link, it re-directs you to a suspicious site. It is not yet clear whether there are nasties downloaded to your computer, but the rule as ever: DO NOT CLICK LINKS IN EMAILS
Best of luck for your safety and security in 2012
We just received a new phishing email today allegedly from the Alliance & Leicester. The worrying thing about this email is that it mentions Trusteer rapport which is a legitimate browser security plug-in designed to work with online banking.
The scammers are clearly across this idea and have included what appears to be a link to download the security plug-in to make your browsing safer.
If you look at the tool tip for the link the mouse over generates, you can clearly see it's not legitimate. Chances are this would download some malware that would allow access to your computer without your knowledge.
Please always exercise caution when receiving emails. The best rule is NEVER trust an email from a bank until you have thoroughly checked it out.
NEVER CLICK LINKS IN EMAILS
Here's another example of a phishing scam received via email.
First and foremost, the biggest clue is the 'Dear Valued Customer' bit.
The next clue, as is the case on almost all of these scams is the mass cc mailing list in the clear.
Finally, the give-away tooltip of the real URL. It looks ok at first glance, but notice the 139689.net bit at the end. That's the actual domain (which is clearly not A&L). Anything before that, i.e the A&L bit with dot whatever can be made up by anybody. It's the ending domain in the URL that is the actual domain it points to.
Hopefully this all helps to keep you alert and easily spot the scams.
Here's a great post over at the Malware Diaries about a recent phishing attempt involving an email reporting that you are due a tax refund:
There are reports of a new email scam pretending to be from Facebook, asking users to check their password enclosed in an attachment, because their password has 'been reset' due to a security flaw.
This plays on the current problem of accounts being hacked, meaning the recipients of such emails are more inclined to believe it.
Please alert all your friends on Facebook and help spread the word.
The scam email contains a zipped file that supposedly contains your new password.
What you're clicking on is actually a password stealer program that could steal not only the username and password of your Facebook account, but also details to other accounts such as online banking.
Please remember that Facebook would never send users such emails.
As ever, please be extremely wary of things arriving in your inbox asking you to open an attachment or click on a link.
Be even more suspicious if the grammar isn't right, which thankfully, it often isn't.
We've received a number of DM's this morning from followers saying:
"hi, i'm 24/female/horny... i have to get off here but message me on my windows live messenger name Paris545love@hotmail.com"
As always, please don't click any links. This is far too obvious to be a real threat we imagine, but some people might be caught out.
People sending out these DM's need to change their Twitter passwords and run anti-spyware scans on their computers.
We're still getting DM's from people who are the victim of a recent phishing scam, whereby they inadvertently send out DM's say " hahah This you??" with a link attachment.
Do not click this link, as it takes you to a fake Twitter login page which steals your information (if you type it in!) and then sends the same link to all the people you're following.
If you're the victim of this, we recommend changing your Twitter password immediately, and running an anti-spyware and anti-virus (from a reputable manufacturer) to check that there's no infection on your system.
Please read our Pop Up Scams page to make sure you don't download a rogue fake anti-virus program.
Read our first post about this.
As a side note, if you're running Google Chrome (or possibly Firefox with NoScript, although we've not checked) then this link attack would have been blocked.
The latest Twitter phishing scam involves a DM reading “lol, is this you”, "you look funny", "haha this is funny" and linking to a site called “bzpharma”, do not click the link.
If you do click the link and then enter your details (but why would you!?) then your Twitter account will be used to send out more rogue DM's.
If this has happened to you, we suggest you log in to your Twitter account and change your password immediately.
In fact we recommend you change you password frequently anyway (a pain, but a safer option)
It seems as though these DM's have been around for a while now, but have suddenly re-surfaced in large numbers recently.
AS ALWAYS: Be very wary and suspicious of any links sent to you, especially if the grammar is slightly odd.
Be even more careful with links that have been shortened, and therefore obscured.
We recommend using Sucuri which shows the real location of a shortened url.
