Beware of phishing attemps
-
Hey all,
We just had a user forward us a phishing email which mimics an email from our company. We did not send this email.
Phishing emails are becoming more and more common, but they are always very dangerous. Phishing emails attempt to get you to believe a company sent you an email and always request that you take action on a link provided in the email. When you click, the link redirects you to a website that appears to be from the company sending the email, but is not. If you provide your login details at this website, a third party now has your login information, and access to your account.
There are various ways to spot phishing attempts. I’ll post the sample phishing email forwarded to me this morning below, and will point out how this user knew it was a phishing attempt.
-
Here’s the original email.
Note three things:
-
a poorly formatted image. You can’t guarantee that a phishing email will have something sloppy like this, but often times they do and are the first sign that something is not right
-
the call to action. This email uses a scare tactic in the subject - a threat that your account will be suspended. The message doesn’t explain this, other than to say that your software must be updated. MyVR operates in the cloud, so your software is always up to up-to-date. As such, this doesn’t make much logical sense.
-
the link. The most important sign of phishing is that the URL is not a MyVR URL. This is even more clear in the destination website that you visit when you click the link. I’ll show that in my next comment.
Here’s the email:
-
-
Lastly, note the fake login page that the above link sends you to versus our real login page. This is the heart of the phishing attempt and how you KNOW it is not legitimate.
Phishing page:
Real MyVR login page:
If you’ll notice, the phishing page has a domain name of “myvr.com-update.software” and NOT myvr.com.
The real login page has a domain name of “account.myvr.com”. For me, it also prepopulated my login info (since I am there daily and have this info saved in my browser) - but you may not have this turned on. A phishing site would not be able to prepopulate your data since you are visiting it for the first time.
If that’s confusing, just follow the domain name right up to the first forward slash (“/”).
-
If you are a Gmail user, you can also avoid and report phishing attacks using this guide from Google: https://support.google.com/mail/answer/8253?hl=en
-
General Advisory to Avoid Phishing Attacks
If you receive an email from an online service provider requesting that you sign-in to your account, avoid clicking on links in the email to sign-in. Always go directly to the service provider’s website on your own by typing the website address in your browser. This will ensure you are going to the correct place and not being directed to a spoofed website.
