Email scams may fool users into clicking malicious links
Many workers are used to taking care of personal chores, such as paying their bills online, during work breaks or lunch time, using company computers or their BYOD devices. They may rely on email notifications from the businesses with which you do business, to remind them it’s time to pay. They’re used to getting those notices every month, and it’s easy and convenient to click the link to go to the bill pay page.
However, scammers take advantage of this and send fake notifications such as the two in the screenshots below, that look a lot like the real thing at first glance. The first one purports to be from AT&T.
Just in case AT&T isn’t your cell phone provider, the scammer also sent one that claims to be from Verizon:
Of course, if you look closely, you’ll notice a few clues that all is not as it seems. I glanced at the Verizon “bill” first, since Verizon is my provider and it really is about that time, and [email protected] really is the address from which legit notifications come. However, right off the bat my reaction was “What’s up with this?” because my monthly bill is normally a much larger number than $45.34. That led me to look more closely and of course, the email address was a dead giveaway. It was also an indication that this particular scammer isn’t very smart. Who’s going to think the IRS is sending out cell phone bills now?
If you hover over the links in what are by this time obviously phishing messages, you see that they go not to AT&T and Verizon sites, but to sites outside the country (the .br top level domain in the first one is in Brazil and the .at domain in the second is in Austria). You would have thought they would have used the .at domain for the “AT&T” message, which might have at least fooled a few people.
Of course I didn’t click those links, but my guess is that they take the user to web pages designed to look like the wireless companies’ pages and ask them to enter their user names, passwords and credit card info to be used for identity theft. If this is a particular nasty scam, those pages might also download malicious software to the computer, which could then infect the company network. So be sure to make your users aware of this one, even if they’ve already had more generalized training in avoiding phishing attempts.