Phishing Scams are Getting Even Smarter

It used to be easy to spot a phishing scam. Now, phishing scams are getting smarter and clever. We’ve spent all month talking about phishing scams. Now take the test. Take a look at the email below. At first glance, the email looks relatively trustworthy and is a decent replica of a DHL Delivery Report. Check again. There are a few pieces that give it away. Can you spot the tell-tale signs of a phishing email?  

(Hint: If you click the photo, it will open in another tab for easier viewing.)

  1. File Type. The first one is easy. We even highlighted it for you. Take a closer look at the file attachment. The file type is expected to be a .pdf, and it almost is. They tried to trick you by including _pdf as part of the file name, but that doesn’t make it a .pdf document. The actual file type is .7z (a compressed or zipped file type), which will probably download a virus onto your computer as soon as you open the attachment.
  2. Dear Customer. The email is addressed “Dear customer,” which may not seem that bad, but if DHL actually has YOUR parcel in their office, wouldn’t they address you by name? They have the wrong address, not the wrong name, right?
  3. Logic? Not to mention, have you ever heard of mail couriers emailing you to let you know that a package failed to ship? I don’t know about you, but usually the package is returned to sender and the person or company that tried to send the package emails you about the mistake. We should be wary about things that just don’t seem right.
  4. Grammar and Syntax. The last piece is actually just poor execution on the scammer’s part. You may have noticed, but thought nothing of it. Take a closer look at the content of the email. Did you notice the awkward spacing between “Dear” and “Customer,” the lack of a space in “office.Our,” and the missing period after “customer” at the end of the message? There are also plenty of syntax and grammar problems with this email. This scammer obviously didn’t bother to proofread the email before sending it out, despite the amount of time they spent trying to make it look like a legitimate DHL email.
  5. Looks Real. They even included a “Fraud Awareness” link at the bottom. Don’t be fooled. No doubt the scammer simply copied the actual footer from a DHL email. If a user were to click one of the links, they would probably download more viruses.

A note of caution: If you use your E-town network username to access another website (a practice which ITS strongly discourages), do not use the same password for both accounts. Some websites are more prone to being compromised than others, and you don’t want the phishers to find your network username AND password through another site. Use unique passwords for every account on different websites. NEVER SHARE YOUR PASSWORD WITH ANYONE. ITS WILL NEVER ASK FOR YOUR PASSWORD.

Now you know these phishing scams are getting smarter. It doesn’t take much effort to spot the giveaways though. If you receive a phishing email, or think it may be a scam, forward the email to mailcop@etown.edu. We’ll take care of the rest for you.