Phishing

Matt has an interesting post about a phishing e-mail he received trying to trick him into going to a site that claimed to be Windows Update but really wasn’t.

I posted this reply in his comments area, but I thought I would share it here too:

Wow. That is tricky.

The other day, I got this phishing e-mail. It was brilliantly designed. Basically it is made to look like one of those e-mails that are sent to you if you get an e-card from someone. It looked totally legit. Except, I didn’t notice that it said “Hello!” instead of “Hello Chris!” and it didn’t say who sent it, like an e-card notification normally said.

But I didn’t catch it. I was totally fooled and clicked before I saw the URL. Norton thankfully caught the virus and stopped it.

What a scare though. First time I ever fell for an e-mail scam.

To me, it is even scarier then Matt’s Windows Update e-mail. Because at least those who are educated know that Microsoft doesn’t send e-mails about security updates. An e-card…well, who hasn’t gotten one?

Thunderbird will be the first e-mail client to have built-in phishing protection when version 1.1 is released. Gmail already has very good phishing protection on their service. Thankfully, my entire family uses Gmail, so they are well protected from these scams…until the next scam comes along that defeats it.

2 thoughts on “Phishing”

  1. Actually Microsoft does send emails about security updates if you sign up for them, but they’re signed using PGP and only come out around patch time, i.e. the second Tuesday of every month.

  2. I know, I subscribe to those myself. But there is a slight difference in receiving an e-mail that your expecting on a certian date with certain characteristics and an e-mail you never expect and didn’t signup for.

Comments are closed.