If You Want To Be No. 1 Try Netpod.com.ph Now!  02.294.0437  0917.633.5100

How to spot a phishing email with the help of gmail?

 

I my self have been receiving a lot of emails from a lot of people i don't know claiming to be someone from somewhere, offering a reward ,normally a very large sum of money, from a well known respectable institution in exchange of my personal information and sometimes money.

Lets stop there, because that someone that you don't know who is offering you a large amount of money in exchange of your full name, birthday and other personal data is simply after your identity. In this blog i will try to help identify a phising attack or a phising email. 

Now i have here a sample email sent to me with the title “ FBI Warnings: Contact FedEx For The Collection Of Your ATM CARD.” . The header or heading says its from the FBI, the specific division is indicated, complete with office address, and operating hours.

convicingtitle compressedX

 

Below is the photo of the complete header or heading. Note that it claims to be from the FBI or Federal Bureau of Investigation which is a government agency.

 

completeheader compressedX

 

The emails has an offer of $1.5 Million Dollars payable to the beneficiary upon payment of $250 dollars.

 cashoffer compressedX

Personal info required is full name, address and phone number. This email is a bit different because it not only requires my personal info but money as well. Finally the signature, dictates that it is from an agent of the FBI.

 

perosnalinfoandsignature compressedX

This email is a very good example of a Phising email. It utilizes a great Disguise. The email’s title disguises itself by using a concerned approach from a highly trust worthy source . The email claims to be from the FBI telling me to collect my ATM card only from FEDEX another trust worthy name. The title is very important to get the readers interest. This title is not to obvious and utilizes a great disguise.

How to Spot if its a phish?

1. Check the source of the email. It says its from James B. Comey <This email address is being protected from spambots. You need JavaScript enabled to view it.>;. The email uses the domain zenoentity.com . Its not from the FBI, FEDEX , UN and interpol. The email should bear the domain name of the FBI. example is This email address is being protected from spambots. You need JavaScript enabled to view it.

 

domainnotfbi compressedX

  1. Check the domain zenoentity.com by typing this domain name at the google search bar. This domain points to an architectural website. Again, clearly not from the FBI.

    zenoentity compressedX

  2.  

    If you click on the link it will take you to an architectural website. View details below.

    zenophoto compressedX

  3. Click on reply and see where your reply will go. It says it will go to This email address is being protected from spambots. You need JavaScript enabled to view it.Another form of fraud. The reply email should go to the sender email.

     

  4. Type the domain name of the email address on google search. if you type dr.com you will see that it is an online medical related website. Not what is indicated on the email which is the FBI.

    dr.com compressedX

  5. Going further, cicking on the link brings us to aother site which is doctor.com . This is what we call a redirect. So its another website that is not the FBI.
  6. Digging deeper. I invite you to go to https://whois.icann.org

 

with the Help of google

 

1. Go back to the original email and click on the drop down botton tha says more once you hover you mouse. It is located on the top right portion adjacent to the date. Once you clicked on it a drop down menu will appear locate the word "Show Original Message" and click on that.

 

showOriginal compressedX

 

2. A new window will appear with details of the email. This is very handy as it is a detailed view of the screen complete with content detals and content analysis from google itself. Our example email has already been flagged as a spam email by the receiving server. Here is what it looks like.

 

spambayss compressedX