Would You Click on This?

The irony was I had to click a link "would you click on this link" to access the story. I actually hesitated!!

Bob-
I get periodic e-mails saying my full name then the wording "your (the month) account statement is here" in the RE space. In the From space it says "PayPal Statements". Is this legit or is this Phishing? It seems strange that PayPal would send such a message. I type in the url rather than using the link offered in the body of the e-mail if i decide to check my account. Given the amount of negative publicity about Phishing it seems impossible that PayPal sends monthly announcements that have a link. On the other hand, corporate America sometimes exhibits symptoms of brain death...so I thought I'd check to see what you, the expert has to say on this one. Thanks!

EDITOR'S NOTE: A quick search tells me that Paypal DOES send these messages, but they could very well be spoofed. You do well to delete them and move on. You can always login to Paypal with a trusted link.

Not exactly a Phishing email, but something that shows up as a new TAB/Screen on my FireFox browser.
"Your FireFox is out of date, Please Click HERE to update to the newest version."
I have simply closed the TAB, but my wife said that she would have clicked on it. I have no idea what it is, but I know it isn't real.
What do you call this? Phishing, or something else?

EDITOR'S NOTE: You are correct. It's basically a full page ad, trying to trick you into installing some nasty toolbar. See http://www.2-spyware.com/remove-outdated-browser-detected.html

Surprised you did not mention that some (free) Domain Name Servers, like Open DNS, block phishing sites, so it is worth changing from your ISP default DNS to one of those.

Another attack that showed up in my email this week, appeared to be from AMAZON.COM regarding "your order" that is about to be shipped. They give a link for details.

Since I DO order from Amazon, I clicked on the link. My malware program went crazy warning me this link had downloaded malware onto my computer, but they had quarantined it. The web site looked authentic, but when I double-checked the email address, sure enough, there were small differences! I've cleaned my computer, and will watch those emails much more carefully now.

In the past couple of weeks I have had three emails, supposedly from T Mobile, Orange and WhatsAp all saying the following:

"This e-mail contains a voice message.
Download and listen to message in attached file.

Sender:
Mobile: +44702*******
Passcode: B7C0A6BD6DBC"

They have zip files attached, which download malware- that can reset your IE homepage, remove gadgets and try to copy contacts. I know this because I use WhatsAp to chat with my daughter and so I foolishly clicked on the zip file - Trend Micro seems to have dealt with it finding 10 virus exe files eg:

"Threat: HEU_AEGISCS927
Source: Threat
Affected Files: C:\Users\Ian\AppData\Local\omlalwmi.exe
Response: Removed
Detected By: Real Time Scan

I won't be clicking on any others!

I actually received my first ever phishing attempt e-mail about six weeks ago. It was supposedly from a bank where I maintain a credit card (no other traditional banking accounts).
It was very sparse looking mail devoid of the more professional looking counterfeit details I've read about, such as corporate headers and logos. It was just a simple text message with a link--Click here to authenticate your account details and ensure your safety--(paraphrased).
And just for good measure, they tossed in a scare tactic, a factual error, and a bit of improper grammar.

Looked like a scam immediately.

The (verbatim) message was:
"We recently reviewed your account, and suspect that your Internet Banking account may have been accessed by an unauthorized third party.
Protecting the security of your account and of the Account is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features."

Well, thanks to sites like yours, I was immediately suspicious. So I used my browser to visit the bank's site. No unauthorized activity at all.
So I called the bank. This had apparently happened to numerous customers in recent days. (I'm guessing that a server which maintained a list of e-mail addresses had been hacked, although the bank did not confirm this.) The bank provided me with their "abuse" page to which I forwarded the phishy e-mail.
Three similar attempts followed in the next ten days or so, each with a slightly different pitch and each slightly more threatening as to the consequences of my inaction in not clicking their "helpful" links. Each of these were also forwarded to my bank for them to investigate.

Thanks, Bob, for helping to keep us all informed.

I did get an e-mail from my phone company (Telus)telling me that my payment hadn't gone through.

When I complaint to telus that there was nothing wrong with my payment set-up they informed me that the e-mail request was bogus.

I changed my password since but every now and then my keyboard/mouse input is unusually slow.

I have run anti-virus and anti-spam software (Spybot & Malwarebytes) but they found nothing.

Posting ads on craigslist is a surefire way to receive spam and phishing emails. Usually the sender has some fake sounding name. Delete. But today I received a bcc: GMAIL message stating it was from the Gmail team, google team. Sender displayed a cute looking Oriental face avatar. Girlsname@gmail.com. said, "You have received a very vital document via Google drive. Follow this link: xxxxx@xxxx" Follow this link to view this document now. Thanks. Powered by Gmail. When I clicked the link, AVG AV went nuts. Quarantine! Not allowed! So it saved my butt.

When I get a phishing email, I forward it along with it's header to:
1) phishing-report@us-cert.gov
2) reportphishing@antiphishing.org
3) spam@uce.gov
And then report it as phishing to Google (via the little triangle next to the reply button)
I recommend that everyone do this.

@Peter loppe; Try awdcleaner. Everytime my web page navigation acts goofy, I run that little free program and cured! It's a stand alone self-updating (when you open it) program that requires you to reboot after use. Unfortunatey, updating is the tricky part for me as I can't read French. So to download the new version 1. click the uppermost right side link on the webpage to access English which helps. 2. open the "how to use adwcleaner" link and download the program from it. A bit complicated procedure but does the job everytime. And yes, Spybot S&D and Malwarebytes do not help with the problem. You can thank me later for steering you there. And thank you Bob R. for all your info.

One of the most dangerous phishing scams is the pop-up dialog that asks the user a YES/NO multiple choice question for installing a certain software.
I would strongly recommend that the user does NOT click on neither of the choices, as even clicking on the "NO" choice can be redirected to the same link as the "YES" answer.
I am surprised that this little spoof is not used more often by hackers... yet!
But for most users, the only alternative is to close the browser (or the tab) altogether rather than answering with either choice! Unless, of course, the user is utilizing a pop-up blocker along with script blocking!

PS: The new FirefoFox version (V26.0) now provides a "Masked Email Address" option, which requires a simple registration with abine.com.

I always hover my cursor over the sender's name, which reveals the address that my click will go to. If it's anything other than an actual site I know, I delete the message. Have the phishers found a way around this?

EDITOR'S NOTE: If you mean hover over the link (not the sender's name) then that can be faked. I would not rely on that.

RE: Paypal phishing email: I always forward that type of email to the appropriate spoofing email address - in this case spoof@paypal.com - and I did send that exact same kind of email to them. Their reply, in part was: "Thanks for forwarding that suspicious-looking email. You're right - it
was a phishing attempt, and we're working on stopping the fraud."

before i started reading was hoping you mention the linkedin attempt & i wasn't dissapointed..otherwise would've said so myself here since i get those all the time.
the way i differentiate these from the real is that in the latter, there's a link to the person's profile trying to connect..

I have recently been receiving emails that appear to be invoices from actual online purchases that I made in the past, only the dates have been changed to be the current date. They use my full name and even appear to have my credit card number, shown in the common "xxxx5145" format. Some of these transactions are two years old some are more current. I assume that these are phishing attempts and have not responded to any of them, but my question is, where are "they" getting these invoices? I don't have them saved on my computer. I run the free versions of avast, malwarebytes and Sophos as you recommend. Thank you for your help!

I've received loads of this stuff ,whether in email or on websites
and after a while you can spot these things quite easily.
For email I always check the source if the mail even has a smidgen of suspicious content as indicated by the subject line or Sender's name.
Examining the Headers will quickly tell you all kinds of info regarding Sender or content.
You can tell if eg your friend's email account was hacked ,so it appears to come from them,
but the header will reveal original IP address.
Just a method I use.

Company computers might have reasons to change pw's all the time, but I've never understood the rationale to change a home computer pw every six months. A complex pw is perfectly good for five months and 29 days, but unsafe a day later?

One exception I allow myself to those rules is when I have just registered on a site, and it sends an email with a link to click in order to confirm registration.

Unless you advise otherwise, it seems to me that there's zero chance that such a mail should be a spoof -- just when you are expecting it. It would take a hacker to take control of the original site, or to build a fake one from scratch -- and direct you to it. Not likely, I think.

Especially if you're registering to PC Super Duper Tips Forum or The Bollingdale's Daily Telegraph.