Phishing season seems to be upon us. My partner’s Hotmail account has been hit with a number of phishing attempts. Some of these phishing attempts are rather elaborate and could easily fool someone who doesn’t know better. The purpose of this post is to hopefully prevent you or your loved ones from falling for two of these phishing attempts.
The latest phishing scam was a spoof of Revenue Canada saying she could get her refund instantly by clicking on the provided link. Since it is tax refund season this attempt could be quite tempting to click on. But whatever you do, DO NOT CLICK ON IT. At worst you will download a virus, but even more damaging is you tell the spammer behind the phishing attempt that your email address is alive and you could be in for a flood of other phishing attempts.
Phishing by Fax
This morning in my Gmail account I received an email message that I had received a fax message with 3 pages in it from jConnect, an online faxing service. Normally I would automatically trash these messages, but just last week I received a legitimate identical looking email from this same outfit at my work email. But something still seemed off about the appearance of this email that screamed “phishing” to me. So, using the developer function of “Inspect element” in Chrome I discovered that the email linked not to jConnect but to dropbox and was a .zip file. To the uninitiated a fax coming in a zip file may seem normal, but chances are it is a trojan horse virus in the zip file. The simple act of inspecting the element before downloading saved me from accidentally downloading a virus to my laptop.
So a word of warning to anyone who receives an email saying they have received a fax. DO NOT CLICK ON IT, it could be a trojan horse virus just waiting to get downloaded. Or even worse, you could be broadcasting to the phishing community, “Hey, I’m gullible enough to open your email, so send me more!”
Have you encountered a phishing attempt? Please share your experience in the comments below.