Description: This passage is mainly about usbank com login. In this passage, the writer shows us what telltale signs prove the email which is not from US Bank and is malicious and helps us recognize what these phishing emails look like.
I’m Cory, one of live securities analysts, today the life security team notices an email arriving in, a lot of people’s inboxes say that it is coming from U.S. bank, we take a look at the email and figure out that it is a phishing email, we think we might share some tips to help you recognize what these phishing emails look like.
Let’s take a look at first glance, this email appears to come from u.s. bank, it asks that you confirm your banking data by clicking the provided link, this should make you suspect this email since most banks never request these banking details randomly via email.
Next let’s look at the link that we see in the email, while the link starts with US Bank, it appears to go to a domain called a banking services dot-com, I will expect a link from u.s. bank to go to u.s. bank com, banking data should happen securely, this link starts with HTTP rather than HTTPS telling me that the link does not use a secure connection.
This email already looks very suspicious and we haven’t even looked at the source code that generates it, looking at the email source code, we can see the real URL that the link redirects you to, I’ll paste it to notepad, so you can see it better.
Looking at this source tag, I can see that the link showing in the HTML email is a front for the real link which goes to a domain in Hong Kong, I doubt US bank emphasis on the u.s, keeps their secure online banking servers in Hong Kong.
Looking at the source a bit more, I can also see the body of the email is a Jif image here, it is fisher who has probably created this as an image based email to help it get past spam filters, so here’s one other interesting tidbit buried within, the source of this email is a little message, we can only speculate whether the hackers are trying to tell us something or whether this is his way of trying to trick spam filters or not.
But let’s take a look at it in short, the message outlines the general geography of Klang estate in malaysia and mentions chastisement for the fascination of a British man, obviously it has no place in a legitimate US bank email, finally I’m going to visit this malicious phishing site to show you what it looks like.
Please don’t do this by yourself, any site that hosts a malicious phishing attack, it can host a drive-by download as soon as I hit the phishing site, I get a pop up warning me that it’s a suspected web forgery, this message comes from Firefox, the second is built-in anti-phishing feature, Internet Explorer 7 has this type of feature too.
I recommend you pay attention to its warnings, however for now let’s ignore it, I’ll go ahead and fill in this sign-on request with some fake credentials, the Fisher is capturing everything that I enter, so if I use my real US bank credentials, he doesn’t have my sign on.
This next page asks me for more personal information, such as the company that I work for, the state that I live in and my email address, but look at the bottom of this page, it says my connection is secured, but that’s a graphic.
If you look at the URL for this page, it says HTTP instead of HTTPS, which tells me that it is not secured, this is another tip-off, this page isn’t legitimate, I hope these tips help you catch the next phishing email, however this example no longer represents the state of the art, and phishing technology clever fishers use much more sophisticated techniques that are harder to detect.
So be careful with the email, if there’s an email message that you’re concerned with, but you want to follow up, don’t click the link in the email rather open your web browser and manually type the URL, you’re trying to visit for ongoing security analysis, you should also check out our podcast radio free security on iTunes C on the wire.