Argintenian Phishing attacks. Educate your freinds and family.
Most of us in the tech world know full well what a phishing attack is, but I fear our family and friends still get caught by this easily. It’s very natural to click a link that says, “You need to login to dispute a claim“. It kind of sounds like “Hey, We’re trying to help you here! Log in now.”
Anyway, a coworker got one of these phishing emails, so I decided to share some of the signs that the Argentinians are trying to rip you off.
The email starts off very innocently with:
Dear PayPal Member, This email confirms that you have sent an eBay payment of $47.85 USD to achad13@yahoo.com for an eBay item. ----------------------------------- Payment Details ----------------------------------- Amount: $47.85 USD Transaction ID: 2LC956793J776333Y Subject: Digimax 130 Note: If you haven't authorized this charge , click the link below to dispute transaction and get full refund Dispute transaction (Encrypted Link ) *SSL connection: PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available)
Sound innocent? It seems that PayPal is warning you that a purchase was made with your account. If you in fact you DID NOT make this purchase, a handy-dandy link has been provided (encrypted even!) for you to dispute the claim.
When you click the link, the fishes come up out of the ocean. The first giveaway is the country code of “ar”. That’s Argintena folks. Any time you see a funny domain name extension, you can check out webopedia to see where the site is from.
The second giveaway is the actual address. It includes the name of “cibernetworking”. Who the hell is cibernetworking?
And here it is, our fake phishing site. It looks so much like PayPal, but it’s not. Try clicking some of the links. They don’t even go anywhere! (Whatever you do, DO NOT enter your username and password into this fake web site.)
Remind your family and friends to NEVER click a link on an email that says, “You need to log in to check up on your account”. Always go directly to the site by typing http://paypal.com into your web browser.