Phishing Mail

"Phishing" is a means of fraud where the attacker tries to look like someone else to trick the victim into giving away personal information. For a better explanation https://en.wikipedia.org/wiki/Phishing. This is just a short list of things you might want to know and check based on feedback that we have from our clients.

E-mail Addresses with Spoofed "User Friendly Names"

• E-mail addresses always have two parts separated by an "@" sign, like "bill.gates@microsoft.com".

• But because this looks a bit like machine language there are "extensions" which allow you to set up a "User Friendly" name for yourself and your organization. Then you get a name like "Bill Gates - Microsoft Corporation <bill.gates@microsoft.com>".

  • The real address is the part in the "<>" brackets, ie <bill.gates@microsoft.com>

  • The rest is a "User Friendly" label to make it look nice for the human reading it "Bill Gates - Microsoft Corporation"

  • MANY e-mail programs will display the pretty part "Bill Gates - Microsoft Corporation" and hide the dirty details <bill.gates@microsoft.com>.

  • But you look carefully you should find the 2nd part. Eg by hovering over the address, or when you reply.
• This is one of the simple things that Fraudsters exploit to try and trick the recipient.

  • Eg if you receive an e-mail from "Bill Gates - Microsoft Corporation <fraudster@hacked-mailserver.ru>"

    • You may first notice "Bill Gates - Microsoft Corporation" and think it is a message from your friend William

    • But if you look a little closer you will notice <fraudster@hacked-mailserver.ru>