Thursday 9 Oct 2008

Be careful phishing

phishingBeware, some seem so real! Some examples of e-mails I received and you must take care. :evil:

Phishing consists usually of sending a lot of e-mails by masquerading as a trustworthy entity, which often store money (banks, eBay, PayPal ...), asking you to connect your account for fictitious reasons.

The e-mail contains a link to a perfect clone of the original, but that only used to get you personnal usename and password.

Here are 2 examples of phishing I just receive and that you may get too.

The first concerns webmasters using Adsense because it seems to come from the Google advertising program. It invites you to give your credit card number on the pretext you missed a payment!


Our attempt to charge your credit card for your
outstanding Google AdWords account balance was declined.
Your account is still open. However, your ads have been suspended. Once
we are able to charge your card and receive payment for your account
balance, we will re-activate your ads.

Please update your billing information, even if you plan to use the
same credit card. This will trigger our billing system to try charging
your card again. You do not need to contact us to reactivate your

To update your primary payment information, please follow these steps:

1. Log in to your account at
2. Enter your new or updated billing information.
3. Click 'Update' when you have finished.

Advertise your business with Google AdWords.

The link under the text goes in reality to :!:

Here you can notive the usefulness of having a good browser: Firefox warns me with a large red square that the site is counterfeit


The time I write that, the site has benn closed. But it needs just a few minutes to upload again the clone website on another domain. :-|

The second seems to come from UPS United Postal Service, named «[NO-REPLY] UPS Tracking Number 22231875»:

Unfortunately we were not able to deliver postal package you sent on Sept the 18 in time
because the recipient's address is not correct.
Please print out the invoice copy attached and collect the package at our office

Your UPS

In fact, the attachment is not an invoice. This is an executable and a bad virus, of spyware type, designed to transmit everything it can.

Easier to detect: UPS does not send electronic mail and especially if you don't write your e-mail address on the package!

I thought this kind of caution a little unnecessary, but I have seen some people trapped by less that that. :-o

I have another one, from a non-existent consorcium, an obvious trap with an attached malware:

Your internet access is going to get suspended

The Internet Service Provider Consorcium was made to protect the rights of software authors, artists.
We conduct regular wiretapping on our networks, to monitor criminal acts.

We are aware of your illegal activities on the internet wich were originating from

You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.

ICS Monitoring Team


A few simple rules to protect yourself from this:

  • Don't say «usualy my password is stored for this website». If it does not appear, it's because your browser has identified the trick better than you!
  • Don't rely on the address in the brower that may seem real. If you do, remember the domain name is just before the first "slash":
  • The best: totally avoid clicking on links in e-mails. Type the address or use your bookmarks! ;-)

café Did this article help you? 
Buy me a coffee!

Leave a comment (all comments are moderated, don't waste time with spam)

Azure Dev