phishinghook

flickr photo by ToastyKen (I recommend everyone read his story behind this picture – it is about getting phished.)

I had a very interesting email hit my inbox the other day and it is the first time I had ever seen anything like it and so I wanted to share it with everyone.

This is a very unique approach to gaining personal information and for many webmasters this might seem legitimate at first glance.

Take a look:

Dear Manager,

We are a Network Service Company which is the domain name registration center in Anhui, China. On February,24th,2011, We received HUNDI Company’s application that they are registering the name "windowsobserver" as their Internet Trademark and "windowsobserver.cn","windowsobserver.com.cn" ,"windowsobserver.asia"domain names etc.,It is China and ASIA domain names.But after auditing we found the brand name been used by your company. As the domain name registrar in China, it is our duty to notice you, so I am sending you this Email to check.According to the principle in China,your company is the owner of the trademark,In our auditing time we can keep the domain names safe for you firstly, but our audit period is limited, if you object the third party application these domain names and need to protect the brand in china and Asia by yourself, please let the responsible officer contact us as soon as possible. Thank you!

Kind regards

At the bottom of the email there is a name, phone numbers, address and links to a website.  I opted to not click on them.

Now as you read this email it seems very straight forward and it does not ask for any personal information in reply so it can seem very safe.  However, the most creative phishing attempts gain your trust by not asking for that information up front because many of us have gotten smart about those types of attempts.

This scenario would likely work like this.  You make contact with the company who is working to protect your registered domain and a dialog begins.  There may be several emails back and forth before any request for personal info is made.  It is then the phishing takes place and your info is out of your hands.  The Nigerian 419 scams work in a very similar manner.

Could this be an innocent request for info?  I guess so but for me I am going to choose not to engage in dialogs that start like this because it just has too many signs of not being for real.

A small dose of caution and some good anti-malware/anti-virus software will go a long way in keeping your personal info safe.