Beware: email phishing on the raise

It is approaching Christmas season, and the fraudsters are engaging high gear. Many people are becoming victims of cyber criminals due to outright negligence

It is approaching Christmas season, and the fraudsters are engaging high gear. Many people are becoming victims of cyber criminals due to outright negligence on their part for failure to take basic security precautions.

This is worsened by the human condition of wanting free things always. However, before you rush making more money, first invest in protecting the little you have. Reading this article to the end, could be the investment you need to be safe online.

With the increasing use of the Internet due to reducing costs and ease of access, the risk of being a victim of cybercrime is raising day by day.

Yesterday I received three requests for help from two ladies and man that had been duped by cybercriminals.

The annoying part is that basic and common schemes that have been around for long are used again and again with much success. The implication is that people using the Internet are not learning from experiences.

Case 1; the ‘unclosed’ email in Internet café

A lady, in her late 40’s, realized that she could not access her @gmail.com account on the 19th of November 2013. Her efforts to report the incident to Google.com was unsuccessful, as Google has no way of verifying whether she is the genuine account owner without the right username and password or security question and answer. In addition, Google invested in dual authentications by providing options for users to indicate their phone numbers and alternative email addresses. This particular lady ignored them. Now she wanted help in recovering her account access – a very expensive option.

Most people use Internet café to check their emails and forget to log-out fully when done. The next person on the same machine finds an open account; and if lucky, takes over it as the owner. Although it is now becoming difficult to do so due to some security controls like prompts to re-enter the old password, etc.

Either way, criminals often send out emails purporting that they are stranded in a foreign country and need financial help, requesting that money be sent via Western Union or similar money transfer. This Internet scam is said to have been very successful.

Case 1; the email phishing scam

This is common, yet an old trick. Yesterday, I received an email purporting to be from paypal.com. See below:

From: service@paypal.com [mailto:pay@poal.com]
Sent: Sunday, November 24, 2013 10:03 AM
Subject: Your Account Has Been Limited PayPal ID PP-658-119-347

Identity Issue PP-658-119-347                                               Secure Transaction

https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif” >Please complete the attached form to verify your Profile information and restore your account access.


Personal Information Profile


Make sure you enter the information accurately, and according to the formats required.
Fill in all the required fields.

Dear customer,

As part of our efforts to provide a safe and secure environment for the online community, we regularly screen account activity. Our review of your account has identified an issue regarding its safe use. We have placed a restriction on your account as a precaution.

To lift the restriction we will require some further information from you.

If, once we review your further information and we’re confident that the use of your account does not present a safety risk to our service and customers, we’ll be happy to reinstate your account.

We have sent you an attachment which contains all the necessary steps in order to restore your account access. Download and open it in your browser. After we have gathered the necessary information, you will regain full access to your account.

We thank you for your prompt attention to this matter.


Very sincerely,
PayPal Review Department

This particular email had an attachment.

Look at the “From” field carefully. You will notice the email purports to be from service@paypal.com when in reality it is from pay@poal.com. If you check the domain, www.poal.com, you will realize that is hoax domain.

PayPal alert

Photo: Scam email purporting to be from PayPal.com, when in reality it is from scammers at poal.com. Always place your curser on the email name to see the exact domain the email is coming from.

In this particular scheme, once you click on the attached link, a spyware is downloaded onto your machine. In most instances, such spyware is a key logger, which captures all your key strokes as you type your user name and passwords to your online applications, including pay pal, emails, online banking and etc.

Before you know it, your on-line accounts become compromised.

You must keep alert and have the most up-to-date anti-virus definitions on your machine. Otherwise, no one is safe on-line, including us security professionals. Do not open emails or download attachments from email contacts you don’t recognize.

© Mustapha Mugisa, 2013

Leave a Reply

Your email address will not be published. Required fields are marked *