Wells Fargo Strongly Recommends… How To spot a phish

“Dear Wells Fargo customer,

Security and confidentiality are at the heart of Wells Fargo. Your details (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption.
We like to notify you that Wells Fargo carries out customer details confirmation procedure that is compulsory for all our customers. This procedure is attributed to a routine banking software update.

Please visit our Customer Verification Form using the link below and follow the instructions on the screen.”

There are several things wrong here, and I hope you detect them. Loyal Friends and True to this series should recognize a couple right away. (And if you remember this recent article, the word “compulsory” might have rung a bell.) Here’s how the e-mail actually looks.

* One BIG clue is that in this case Hotmail has detected the Sender and the true source don’t match. That means the Sender has been “spoofed”. The red shield and warning doesn’t always mean a phraudulent e-mail, but 9 times out of ten it does.
* The next clue is the two “Bcc” recipients.. similar in name, but completely unrelated. Why are they there?
* There is some poor grammer.
* The next clue is that I don’t currently bank at Wells Fargo. I haven’t in, oh, about 20 years.
* Another clue is that e-mail contains a hyperlink (you are always suspicious of e-mail hyperlinks, right?), and that hyperlink is a little bit “off”. Yes, it says “wellsfargo.com”.. but what’s the www4? And all that other garbage?
* (now this is interesting) when you place the cursor on the URL (hyperlink), the actual link– shown in the lower left of the bottom bar of Internet Explorer — are different. Clicking on the link that says “www4.wellsfargo.com/blah blah blah” will REALLY take you to someplace called “online7.wellsfargo.com.bnk7.co.uk/blah blah blah”.
Now.. why would they want to put a hidden redirect as the link? Hmmm?
* And lastly, (as you know) legitimate businessness never send you important information, requests, or “notices” via e-mail.

This is a classic phish. It is an attempt by cyber-criminals to get you to visit a webpage they have created which looks very much like a Wells Fargo web page. On that page you will be asked to enter your Wells Fargo logon/password, all your person information, and banking details. When you’re finished giving your identity away, and handing them the keys to your bank account, you will be thanked for your cooperation and “bounced” to the real Wells Fargo website. Game over.

Surely.. nobody falls for this anymore, right?
Wrong. The cyber-criminals have a harder time moving all the money they steal than anything else.
But, if I clicked the link.. and I filled out the “compulsary” Customer Verification Form.. and basically just handed my information over.. is it really stealing?

Tip of the day: Be savvy. And that means, be suspicious and wary. Look for the tell-tales.

Can I ask you a favor? I am a bit curious as to how Tech–for Everyone readers are feeling about the Olympic Games being held in China, and so I’ve created a very brief survey. Click Here to take survey

Copyright 2007-8 Tech Paul. All rights reserved. post to jaanix

Share this post :

August 10, 2008 Posted by techpaul | advice, computers, cyber crime, how to, Internet scam, Phishing, phraud, security, spam and junk mail, tech | alert, fraud, phish, Phishing, phraud, scam, wells fargo | 2 Comments