Anatomy of a Phishing E-Mail

It is a never ending battle fending off the efforts of others to get at your personal information. These days the most direct route taken is through your email account.  Phishing attempts in email look very much like they are from the company the email is purported to be from. They use the same graphics, logos, fonts, etc.

You can use your Junk Mail filters to try and keep stuff out of your inbox but stuff will get through. So what do you do?

Well my goal today is just to show you on the surface how you might recognize a phishing attempt without even looking at the intricate details in the properties of the email.  Some of the signals are right there on the surface for you to see and catch.

Take for example this email:

Looks pretty straight forward and I have not been on AOL AIM in a very long time so the premise of the email makes sense. Two things though caught my eye and helped me identify the phishing attempt:

• The email address that this was sent to, which I removed for display, is an email address that I would not have used with AOL AIM.
• By hovering my mouse cursor over the link in the email I see that the link is not to the AOL AIM site. The link actually begins with http://update.aol.com but then it has an additional domain name behind that. Upon initial hover someone might see just that beginning and think the rest is a typical string of characters that are fairly typically in links these days.

So with just those two things I easily ID’d this email as a phishing attempt. Be careful and safe out there. Taking those extra few seconds to look at an email before clicking anywhere. It will pay off by keeping your system clean and running.

See that one email had three very unfriendly friends with it. Now I clicked on that link knowing I was protected my Microsoft Security Essentials – I do not recommend you do that at home no matter what.

Stay safe out there when your on the net or reading email.

Related Posts

• Anti-Phishing Technologies
• Fake LinkedIn Emails
• Twitter Phishing Email Recognition
• Microsoft SmartScreen Helps Prevent Phishing Attempts
• Xbox Live Rewards and Bing Phishing Email Analysis

Richard Hay  (3357 Posts)

Richard is the Owner of WindowsObserver.com and has been involved in tech for over 25 years. His first website – AnotherWin95.com – came online in 1995. Back then he used GeoCities Web Hosting for it and what you see here today is the result of the work he has continued on the site since 1995. In January 2010 his community contributions were recognized by Microsoft when he was awarded the Most Valuable Professional (MVP) Award for Windows Desktop Experience. In January 2011 he was renewed as a Microsoft MVP but in a new category called Windows Expert - Consumer and in January 2012 he received the award for the third time.