Wednesday, June 07, 2006

Entry: A good example of "Scam Spam"

DISCLAIMER: I'm REALLY hoping that noone from AEDC comes after me for using them as an example. <:)

Over the last few years, I have observed the steady increase in the amount of "scam spam". Typically, I just ignore the e-mails or have them filtered, however, this time I figured I'd make a post about it just in case there are those out there who aren't suspicious enough about the e-mails that they receive. Here is one such example that I received this morning from "AEDC Federal Credit Union [service@aedcfcu.org]"....






Dear Member,

This is your official notification from AEDC Federal Credit Union that the service(s) listed below will be deactivated and deleted if not renewed immediately. Previous notifications have been sent to the Billing Contact assigned to this account. As the primary Contact, you must renew the service(s) listed below or it will be deactivated and deleted.

Renew Now your Internet Banking and Bill Payment services.

SERVICE: Internet Banking with Bill Payment
EXPIRATION: Jun, 12 2006

Thank you for using Bill Pay Service. We appreciate your business and the opportunity to serve you.

AEDC Federal Credit Union Customer Service

**************************************************
IMPORTANT CUSTOMER SERVICE INFORMATION
**************************************************

Please do not reply to this message. For any inquiries, contact Customer Service.

Copyright (c) 2006 AEDC Federal Credit Union. All rights reserved.


If you look at the sender's address, you'll notice that the domain is aedcfcu.org. Going to this address with a browser actually takes you to a legitimate site for the legitimate company. However, there are some things to look for....
  • Have you ever even heard of this company or done business with it?? If not, that's the biggest clue right there.
  • Notice the line that says "do not reply to this message...contact Customer Service" but yet gives no contact info for customer service. This is something to watch for. However, this isn't always trickery, but...
  • If you hover your mouse over (without clicking on) the "renew now" link, your browser will show you the location of that link. Notice that the domain for the link ends in ".be". That's the country code for Belgium. Plus, you can go to that domain itself (just the "www.schizos.be") and check out the skeezy website that OBVIOUSLY isn't a bank.
  • Always, always, ALWAYS, do the hover test before you click on a link from an unknown e-mail! Another thing to remember - if you do the hover test and the destination of the link looks like gibberish to you, IT'S BAD. In geek terms, they escape out all of the letters so that people can't comprehend the link.
As Peter Vincent, the fearless vampire killer, always says...."Forwarned is forarmed!" ;)

No comments: