Rebecca Herold – Red-Flag Warning Signs To Spot The Fakes

By   ISBuzz Team
Writer , Information Security Buzz | Jan 20, 2014 03:02 am PST

What are your top 3 tips to help others avoid phishing scams?

The holiday season was also a popular phishing season. There was an upward spike in the number of emails I received that were trying to scam me.  Here are a couple of them, and some of the characteristics that tipped me off to their deception.

You’re Not Costco!

Phishing fraudsters popped their heads into my email inbox hoping to fool me into clicking their links. Had I not known the warning signs of a fraudulent email, I may have done exactly that. Here is a screenshot of the email.









Red-flag warning signs that helped me spot this as a fake:

– The sender’s address is from a domain that is not Costco’s.

– I am a Costco member, and I noticed the order number is not the same format as what they use.

– Although the domain ( actually exists, the business does not have any type of product or service I would have purchased.

– The Costco representative I called said they would never send a message like this, and that they don’t do business with this particular vendor. (NOTE: I tried contacting the business to let him know it appears his email server has been compromised, but so far I’ve not heard back from him.)

– The Costco logo is a little different than the one on the official Costco website.

– There are no details about the alleged order (no order date; no list of the items ordered).

– There are misspellings.

– The 21-percent refund reduction is ludicrous (If something sounds fishy, that’s because it usually is.)

Whose Court?

A few days later I then got this message:

Court 1








The next day I got another notice, from a different email address from the same domain, and the name of the clerk of court had changed:

Court 2








Phishers will often re-send their bogus message more than once if the targeted victim did not react the first (or second or third) time.  They will often change the sender’s email address, or the name in the message, in case that had blocked the message from being delivered based upon the settings of the spam filter.

Other red-flag warning signs that helped me spot these as a fakes:

– I live in Iowa, not St. Louis, Missouri or Illinois. Or any other St. Louis, for that matter. It just did not make sense.

– I’ve not been to St. Louis recently.

– I’ve not been involved in any situation that would require me to be to go to a court.

– Phishers often use attachments; especially zip containers, to deliver their malware.

– The date on the zip container is different from the indicated court date.

– The email is not from a government domain, which would be where communications from such agencies would come from.

– The names in all caps would not be typical of a government message.

What to do

If you receive an email with these types of warning signs and/or others, do not click any links. If you receive it in your work email, consider forwarding it to the person responsible for information security within your organization. That individual can then check it out and determine how to appropriately warn others in your organization to be on the lookout for similar phishing attempts.

Rebecca Herold | The Privacy Professor | @PrivacyProf

To find out more about our panel members visit the biographies page.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x