Beware Links in Emails

I received the following email that looks innocent enough. The links have been removed:

You have received a postcard from a family member! You can pick up your postcard at the following web address:
http://www.postcards.org/postcards/83e1a7a85955ab65e8517a3
If you can‘t click on the web address above, you can also
visit 1001 Postcards at http://www.postcards.org/postcards/ and enter your pickup code, which is: a91-valets-cloud-mad (Your postcard will be available for 60 days.)
Oh — and if you‘d like to reply with a postcard, you can do so by visiting this web address:
http://www.postcards.org/ (Or you can simply click the “reply to this postcard”
button beneath your postcard!)
We hope you enjoy your postcard, and if you do, please take a moment to send a few yourself!
Regards,
1001 Postcards
http://www.postcards.org/postcards/

If you check whois for postcard.org, you receive the following information:

The site of the San Francisco Bay Area Post Card Club (SFBAPCC), where the collecting of old vintage antique postcards is done with passion. Club meetings are held at Fort Mason Center once a month. Vistors [sic] and dealers are welcome.

Postcard.org appears to be a reliable site. The problem is that the links in the email actually redirect to – http://getpostcard.uni.hu/postcard.exe (the link has been removed). Seeing the URL end in an executable does not give me a secure feeling. This is exactly the type of ploy someone would use to get an unsuspecting person to click to run an executable to take over their system. The scammer is hoping to exploit the name recognition to postcards.org to fool the unsuspecting.

This is a typical ploy used by spammers and phishers. You are sent an email, with links that appear to be valid, but when you check the links you are redirected to another site. This is the same ploy scammers use with links to well known banks. You are sent an email that appears to be official, but the links actually have IP addresses in them. Unless you have first hand knowledge of an IP address, I would suggest against clicking these types of links.

As technology becomes more sophisticated, traditional scams become more sophisticated. I wrote about security and Facebook with my post Facebook Paving the Way for Identify Theft.

These types of emails just demonstrate the need to be careful using technology.

Technorati Tags: , , , ,

Advertisements

7 Responses to “Beware Links in Emails”

  1. TGH Says:

    Very common with the eCard sites, Paypal/eBay, and banks. Now even the IRS is being spoofed to try and scare you into clicking on the links in the email. Some quick tips are if the email is generic (Dear Paypal user, a family member, etc.) its probably a fraud. Also, mouseover the links and you should see where the link is really sending you in the status bar of your browser.

  2. teeni Says:

    Yikes. They also included a LOT of links, increasing the chances that someone will click on them. -Eeep!

  3. snoskred Says:

    These types of phishing mails are evil.

    Plus you can’t have any fun with the people who send them, like you can with the Nigerian scammers providing you do it safely. I just got this email from one of the Nigerian Scammers. I had to edit out the part where he told me to do rather inappropriate things to my own Mother.

    YOUR PAPA YOUR MAMA DROP DEAD AND YOUR FAMILY DROP DEAD GIVE THE MONEY TO THE POOR OK AND STOP SENDING MAIL TO ME.

    DIE DIE DIE DIE DIE DIE THIS CHRISTMAS DON’T YOU KNOW I AM A CHAMPION? THAT IS OLD STYLE TRY NEW ONE AGAIN

  4. aaradhana » Beware Links in Emails Says:

    […] Check it out! While looking through the blogosphere we stumbled on an interesting post today.Here’s a quick excerptBeware Links in Emails November 26, 2007 — Thomas [IMG] I received the following email that looks innocent enough. The links have been removed: [IMG] You have received a postcard from a family member! You can pick up your postcard at the following web address: http://www.postcards.org/postcards/83e1a7a85955ab65e8517a3 If you can‘t click on the web address above, you can also visit 1001 Postcards at http://www.postcards.org/postcards/ and enter your pickup code, which is: a91-valets-cloud- […]

  5. Thomas Says:

    TGH – You are right, the generic greetings are telling. Mousing over links to find out the actual site you are redirected to should be standard operating procedure.

    teeni – I would like to think that there aren’t as many scammers out there, but as snoskred’s scambaiting hobby will atest, they are are many out there.

    snoskred – I agree that these scams are becoming more prevailant, and more tricky for the unsuspecting public. I am always impressed by your scambaiting exploits, but this letter seems a little mean. It seams that the lads can dish it out, but they can’t take it.

  6. Виктор Says:

    Интересная статья. Спасибо!

  7. Alex Says:

    Хорошая статья. Спасибо!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: