Phishing Alert: Scam "from" Verizon

A new phishing message "from" Verizon was sent out to the Auburn University community this week. To learn about about phishing, visit http://www.auburn.edu/phishing.

Email Message

Here's a screen shot of the latest email. Can you spot the signs of a phishing attempt?

Today's Phishing Email

  1. Return Address: The email identifies itself as "Verizon Wireless" but the actual return address is "noreply@proarthost.com". Note: This address is being spoofed.
  2. Generic Greeting: Actually this doesn't address the user at all, except as "you" and "your".
  3. Urgent/Threatening Language: "Your profile information is out of date...as soon as possible"
  4. URLs Don't Match: The links says it is "www.verizonwireless.com" but if you hover your cursor over the link you would see the true destination: "http://manz.ro/deutsch/cuve/.v/index.html", which is not a Verizon Wireless page.
  5. Avoid the Obvious: If you don't have a Verizon Wireless account, you should certainly not fall for this.

Landing Page

You shouldn't have clicked the link, but if you had it would have taken you to the following page. This is a clear example of "Spear Phishing". The only individuals being targeted are Verizon Wireless customers. Notice the phishing signs?

  1. Page is Not Secure: Look out! Never log into a website that does not have a proper security certificate. Look for the Lock icon in the address bar (usually should be green).
  2. Bad URL: Check out that URL? That's not the Verizon Wireless website!
  3. This website is very convincing. On the landing page you are only asked for your User ID or Mobile Number which is standard for Verizon.

    Today's Phishing Email

  4. Then it asks for your password. Again, standard for Verizon.

    Today's Phishing Email

  5. Say what!? Now it wants my Credit Card Number, Social Security Number, Date of Birth, and Security Questions???!!

    Today's Phishing Email

    Today's Phishing Email

Did You Fall for It?

  1. Immediately change your Verizon Wireless password and any other accounts that use the same login information.
  2. Contact the Verizon Wireless and let them know.
  3. Run a virus scan of your system using your anti-virus software.
  4. If you believe you may be the victim of identity theft, visit: Federal Commission for Identity Theft
  5. Forward the phishing email "as an attachment" to abuse@auburn.edu and then DELETE the message from your Inbox.
  6. Regularly check your banking and credit card accounts for any unauthorized transactions that may have been initiated by the phishers.

Remember

  • DO NOT reply to email with any personal information or passwords. If you have reason to believe that the request is real, call the institution or company directly.
  • DO NOT click a link in an unsolicited email message. If you have reason to believe the request is real, type the web address for the company or institution directly into your web browser.
  • DO NOT use the same password for your University account, bank, Facebook, etc. In the event you do fall victim to a phishing attempt the thieves will try the compromised password in as many places as they can.
  • DO change ALL of your passwords if you suspect any account you have access to may be compromised.
  • DO be equally cautious when reading email on your phone. It may be easier to miss telltale signs of phishing attempts when reading the email on a smaller screen.

 

Last Updated: August 06, 2014