Go Phish
September 2, 2008 at 8:09 PM
—
Jeremy
I saw this in my email and thought it might make for a valuable lesson.
Now, I actually do have an account at Wells Fargo, and I know that they still use that image as their logo, so this is a fairly convincing thing. Because they used the right return address (alerts@wellsfargo.com), it even showed up in my inbox.
But watch what happens when I mouse over the link they want me to click on:
Did you catch that? Look down to the bottom of the window, where Internet Explorer and Firefox display the address that a link will go to. Where's it going? wellsfargo.com? Look closer.
A domain (the main address of the computer you're going to) doesn't end until you reach the first '/' character. So while they told me I was going to
'wellsfargo.com/signon'
I instead would've gone to
'wellsfargo.com-sign-in.securebank-onlinebanking-wellsfargo.sign-in-cqr-ssl-securedlogin.kaina7.com'
which is almost no doubt some hacker's page where I'd see something very much like the Wells Fargo homepage, but rather than the form accepting my username and password and logging me in, it would just take my username and password and store it so the hacker could later log into my account on the real Wells Fargo homepage.
The bottom line? Always be careful. If you ever receive emails telling you that you need to log in to an account anywhere to verify, correct, update, or do anything else, DO NOT click on any links in that email. Instead, type the address of where you're wanting to go (www.wellsfargo.com in this case) directly into the address bar.
Now you know, and knowing is half the battle.
