Phishing Email Methods 

The initial phishing email is designed to entice the recipient to open the email and click on the link provided. The fraudsters use multiple methods to do this, including enticing subject lines, forging the address of the sender, using genuine looking images and text and disguising the links within the email.

1. Deceptive Subject Lines

Phishing emails tend to have subject lines that appear to be genuinely related to who the email is from, in an attempt to entice the user to open the email. For example, subject lines such as “Important notice for all Internet Banking Users”. It is also common for subject lines to carry numerals or other letters to replace characters, in an attempt to bypass SPAM filters, such as capital “ I ” replacing “ l ”. Some phishing emails will deliberately misspell key words to bypass SPAM filters, which most people would not recognize when quickly glancing at the subject line.

2. Forged Senders Address

The forging of the senders address is an easy deception method. There is no guarantee that the address listed as the senders address is genuine. Phishing scam emails will normally have a forged senders address appearing as though the email has come from the company it is claiming to be.

3. Genuine Looking Content

Phishing emails normally utilize copied images and text styles used on the legitimate web site to portray their email as genuine. Many consumers are fooled into thinking an email is genuine simply because it had the banks logo within the email. Some phishing emails also have genuine links to the company's privacy policy and other pages on the legitimate web site. Trusts and authentication marks are also duplicated to build the user's confidence in the authentication of the email.

4. Disguised Hyperlinks

Links within an email are deliberately disguised in another attempt to deceive the recipient. HTML emails may display a genuine URL but when clicked on the hyperlink will take the user to a different web site. For example: a link displayed as “http://www.genuine-site.com” may actually take the user to “http://www.fraud-site.com”

In text only emails, a long URL would be presented with and “@” before the actual web site. For example, a link may be displayed as

“http://www.genuine-site.com-Verify83kcmdj30dk>Secure32902ds;lkjasdfkljad@fraud-site.com”

This would take the user to http://www.fraud-site.com, as this is after the @ symbol. The link may look valid because it begins with the genuine site URL, and contains genuine looking words within the link.

5. Email Form

The email contains a form for the consumer to enter their personal information and click "submit", "send" or "update". Forms within emails utilize script located on a remote server to receive the information and either forward the information to the fraudsters, or place the information in a database for the fraudster to pick up later.

These methods are used by the more complex phishing emails. Some amateur phishing emails may contain poor spelling & grammar, no images and may not even attempt to disguise the URL.

• Anti-Phishing Solutions

  Protect your company

  • Phishing Monitoring & Detection
  • Site Take Down
  • 24x7 Security Operations Centre responds rapidly to Phishing Incidents targeting your company

  Learn More>

   

• FWI Fraud Shield v1.04

  Powerful Anti-Phishing Software

  

   

  Online Privacy & ID Theft Protection.

  Learn More

• Immediate Phish Site Take Down

  Are you currently targeted by an active phishing site?

  • Phishing Sites taken down by our 24x7 Security Operations Centre
  • Take Down within 24h or 50% refund!
  • No long Term Contracts

  Learn more>

• intelliPHISH

  
  

  Exclusive Free Membership: Law Enforcement & FI's:

  • Phishing Basics, Stats, Intel
  • Trend Analysis, Response Tips

  Click Here

• Phishing URL Data Feed

  A Feed of known Phishing URL's 

  Protect consumers from visiting phishing sites by utilising the FWI Phishing URL Data Feed, a Phishing URL Blacklist feed.

   

  Learn more>