Anatomy of a Phish – follow up
Last month a wrote about that wonderful world of email spam, specifically phishing emails and how they've evolved and become a little more difficult to spot. You can read it here if you like.
While no one responded, or even tried to post the flaws. I did promise that I'd post the flaws this month. I'll break them down between the obvious and not so obvious, so here goes:
- Subject line - "credit cars account"
- From Field - Chase.com <noreply @ sprint.com>
Not So Obvious
- Body text - The currency symbols and designations. The email puts them in front of the amount i.e. ($USD) 200.00. The correct format is $200.00USD or $200.00 (USD).
- Links - While I was unable to screen capture those for you, they were fraudulent. When you hover over the links the address/es they displayed were not even close to being affiliated with the bank.
- Date format - This can be up for debate depending on the bank but they are using the international date format of day/month/year; when a US bank will in most cases use month/day/year.
The last and most obvious flaw with this email is:
I DON'T HAVE AN ACCOUNT WITH CHASE!