I got an interesting email today. It was very official looking and it was from ‘The Electronic Payments Association’, NACHA.org. The subject was ‘ACH Electronic Payment Cancelled’ and the message indicated that a payment I had authorized from my bank account had been cancelled. There were few details, but there was a link to a full report. I noticed that the link was the title of the report (a long number) followed by .PDF.EXE.
This is pure Phishing. Here’s how I knew:
- It was addressed to my business email, firstname.lastname@example.org, an address my bank doesn’t have and that I don’t use for any online commerce.
- I’ve never heard of NACHA.org or the Electronic Payment Association
- If there was a problem with any online banking transaction, I’d expect my bank to contact me
- Finally: and this is the biggie – the link ended in .EXE. That means it was an ‘executable,’ a program. Had I clicked it, it would have installed something on my computer. It might have been a little program that transmits information on all of my contacts to a spammer or it might have been a keylogger that would record my keystrokes in hopes of uncovering my passwords and other sensitive information.
We have all gotten pretty good at ignoring the messages from the doctor or lawyer in some far off land who has several million dollars and needs to temporarily put it in your bank account (and therefore needs your information).
We have gotten pretty good at deleting the message from your bank asking that you reconfirm your login information (your bank would never ask for that online).
We have learned to laugh at the message from the lawyer in the Far East who tells a tale of a distant and previously unknown relative whose entire family was wiped out in a horrible car crash, leaving YOU as the only beneficiary of their multi-million dollar estate. Yeah, right.
But not all phishing messages are that stupid.
I’ll bet for every 100 copies of the message I got today, 10 people actually click the link.
Here’s another that’s not so stupid: it’s the message from the doctor whose name you don’t recognize regarding a payment that you made. Again, there’s a request for information and/or a suspicious link to click.
Or how about this one: the message from a good friend who’s stranded in London or some other vacation Mecca, with no money and no passport, (the victim of theft) asking for cash.
Please be careful with your email. If you don’t recognize the sender, don’t respond or click any links until you at least Google the sender and the subject to see if it’s legit. And be especially careful with links that end in .EXE!