I received several phishing emails that were designed to get me to open them. Again, social engineering is matching the content and topic to the interests of the recipient (us), in hopes that we will unthinkingly take the actions the bad guys want.
The first email looked like this:
From: “Bank of America Support” <firstname.lastname@example.org>
Subject: Bank of America Don’t share access to your computer with strangers.
BANK OF AMERICA CORPORATION NOTICE:
New certificate is designed to help customers troubleshoot security problems associated with potential risk during online operations.
If you plan to update your online SSL banking, we suggest to install the SSL certificate first.
Read more about installation of SSL Certificate>>
Sincerely, Deanna Donnelly.
2008 Bank of America Corporation. All rights reserved.
First, they did a better job of looking real. The return email address at least looked like it might be real.
Again, fortunately, my anti-spam program flagged this, added "[spam]" and threw it into my spam folder.
Also, I don’t have any accounts at Bank of America, so it’s definitely not real. Another hint is the To address, which is to a non-existent address that has gotten on someone’s spam list.
Interestingly, the "Read more about…" was a link as might be expected. Unexpectedly, though, it had a long, long URL address that ended at a domain called fhievs.com (looks like "thieves" when you read the address doesn’t it. I suspect (I’m not going to try it) that instead of telling me about what an SSL certificate is, it would have tried to download some nasty to me — or perhaps download an SSL certificate for the site in hopes that I would install it.
Of course, their goal was money, by getting my userID and password.
In this case, there was nothing for my antivirus + antispyware program or my firewall program to catch. They would have been called into service if there had been a program downloaded and installed, if I clicked on the email in the link. But, remember, my anti-spam program did spot the email as bogus and flagged it as spam.
That’s one of the reasons why I recommend all of the following: a two-way firewall program (I use Sunbelt Personal Firewall), an always-running antivirus program (I don’t know of any in today’s world that are not — I use VIPRE Antivirus), an always-running antispyware program (I don’t know of any free ones that are always-running — I use VIPRE Antivirus Premium which includes VIPRE and Sunbelt’s firewall), and an anti-spam program (I use PopFile, a free, open-source program).