Irish firm warns of ways in which scammers try to get your passwords

Have you received an email purporting to be from iTunes checking if you bought a game off them?  Or a bank email, asking for you to login to "verify" your account?

If you've followed the instructions, you may well have unwittingly handed over your password to scammers, an Irish internet security firm has warned.

ESET Ireland reports that there has been a surge of phishing emails redirecting users to faked banking, PayPal and Microsoft account sites for harvesting login details.

"Although a surprisingly large number of people still use passwords like “12345” or “password” for their various accounts, cybercriminals have taken an easier route than trying to hack into peoples’ accounts," says Urban Schrott, IT Security and Cybercrime Analyst with ESET Ireland.

Said Mr Schrott, the cybercriminals simply send out emails that pretend to be coming from legitimate sites, notifying the user of some unusual activity, and ask them to confirm or deny that activity by 'signing into the service'."

The problem is that the service in question isn’t actually there, but is a faked site instead, which diligently logs all usernames and passwords entered and delivers them to the happy scammers.

In the past weeks, ESET Ireland has received several different emails of the same nature, Mr Schrott says, and here are some examples:

 

1. An email purporting to come from Bank of Ireland, claiming your account requires an update and providing a fake link “Click here to complete update”. The email has some bad spelling errors which give it away.

 

2. An email pretending to be from iTunes, thanking you for purchasing “World Of Go” for €9.65, then adding “If you did not authorize this purchase, please visit the iTunes Payment Cancellation Form within the next 12 hours in order to cancel the payment,” which requires you to “log in” to the fake iTunes site.

 

3. An email looking like a detailed payment receipt, mimicking PayPal, with all the usual PayPal visual clues, claiming you paid $208.00 USD to Agoda Company online hotel booking site, adding “If you haven't authorized this charge, click the link below to dispute transaction and get full refund - Dispute transaction (Encrypted Link).” The link, of course, isn’t encrypted and simply leads to a PayPal lookalike login harvesting site.

 

4. An email abusing Microsoft’s name, with the subject line “Microsoft account unusual sign-in activity” that claims they detected unusual sign-in activity into your account, supposedly from South Africa, which is meant to make people suspicious, then offering a solution “If you're not sure this was you, a malicious user might have your password. Please Verify Your Account and we'll help you take corrective action.” Of course the only action they’ll be taking is signing into your account with the login details you just provided.

 

What should you do?

 

First of all, stay informed. The scams you know about are less likely to catch you off guard.

“We regularly keep you updated on our blog.eset.ie,” says Mr Schrott.

He said it is important to read such mails carefully, checking for clues.

“If the email had spelling errors or used poor language it is likely faked. A lot of the scammers come from countries where English is not their first language and they give themselves away,” he said.

 Also goes for similar scams as Gaeilge, where they likely used Google translate to try to fool native Irish speakers.

Do not click on links in emails. Even if you do have a Microsoft account and are alarmed by such an email, open your browser and go to Microsoft site directly. Also make sure the website’s address looks correct. In the case of the faked Microsoft one above, the website address read “yazarlarparlamentosu.org”, which is clearly not “windows.microsoft.com”

“If you suspect you may have fallen for one of these tricks, change your passwords. To be sure, change them at regular intervals anyway.

"If the email you received looks like it’s coming from your bank, pick up the phone and ring them instead of just clicking. They’re accustomed to scams like these and will advise you appropriately," Mr Schrott concluded.

* For more info on the latest threats, go to: blog.eset.ie