How To Report Phishing Emails

posted in: November 2016 | 0

how_to_report_phishing_emails

How To Report Phishing Emails
Tips For Staying Safe Online from Alan Perry
Tech Talk:  CFAX 1070
Live on Saturdays;  10:05 AM – Noon  —  rebroadcast on Sundays; 8:05 – 10:00 AM

 

“Phishing” is the tech term for online scammers who try to lure you into revealing account names, numbers, passwords, and other

gone_phishingconfidential info, which they can use to steal money and/or your identity.

Never click on a link in an email about security, or purchases you didn’t make, that appears to be from a bank or online site where you have an account. Many, like the one below, are “phishing” emails.

 

===============

Personal information error !
TD Canada Trust (service@tdcanada.telefonica.net)  Add to contacts 5:09 AM
To: TD Canada Trust

TD Canada Trust     Easyweb

Dear TD Canada Trust Customer,
During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your account information.
To securely confirm your personal information please click on the link bellow:
[edited out for this email]

Confirm Your TD Canada Trust Account and Sitekey now to enjoy the benefits of online banking and finance to avoid identity theft and fraudulent activities on your account.
Note: We will be upgrading our yearly SSL Encryptedserver to prevent fraudlent activities on your account.
2015 TD Canada Trust Corporation. All rights reserved.
===============

See if you can spot any clues that this is a scam, …

Here are several clues that this is a scam phishing email:
1. The email address which its sent from (Telefonica.net) is an email provider in France, not Canada, and they left out ‘trust’ in the name.
2. The email is sent to TD Canada Trust. They wouldn’t email themselves!
3. ‘Below’ is misspelled.
4. ‘Fraudulent’ is misspelled.

Also, if you were to mouse-over the link they want you to click on, you’d get a pop-up showing that you’d, in fact, be taken to a fake log-in page in France (.fr] !
If you get a phishing email like this, before you delete it, forward it to the security team at the company that it’s supposedly from, so they can trace it and try to catch the sender.
Below is a list of email addresses for the security teams at some of the companies most often spoofed in phishing emails. When you forward emails that you think are phishing attempts to them, do not change the subject line, so the security team members can see what the scammers are using as the email subject!

You should also copy your email to the global Anti-Phishing Working Group (APWG) at  ReportPhishing@APWG.org

If you want, you can copy-and-paste these email addresses into your Contacts list, so they’ll be available anytime you encounter a phishing email in the future!

> Apple/iTunes/iCloud  ReportPhishing@Apple.com
> Microsoft/Outlook/Hotmail/OneDrive  abuse@hotmail.com
> Google/gMail  (they don’t have one)
> Canada Revenue Agency  (they don’t have one)
> Facebook  Phish@FB.com
> WhatsApp  (they don’t have one)
> Dropbox abuse@Dropbox.com
> Netflix phishing@Netflix.com
> Shaw   ReportSpam@shaw.ca
> Telus Fraud@TELUS.com
> Fido InternetAbuse@FidoMobile.com
> Bell abuse@Bell.com
> Rogers abuse@rogers.com
> Skype abuse@Skype.com
> Amazon Stop-Spoofing@amazon.com
> PayPal spoof@PayPal.com
> eBay spoof@eBay.com
> Royal Bank Information.Security@RBC.com
> TD Canada Phishing@TD.com
> CIBC Fraud@CIBC.com
> BMO  Online.Fraud@bmo.com
> Scotiabank  Phishing@ScotiaBank.com
> MBNA  eMail.Fraud@MBNA.com
> Capital One  abuse@CapitalOne.com
> HSBC  Phishing@HSBC.com
> Coast Capital  (they don’t have one)
> VanCity  information_security@VanCity.com
>
 FedEx abuse@Fedex.com
> UPS fraud@UPS.com
> Etsy spoof@Etsy.com

If you have any additions to this list, please forward them to me at TechTalk@CFAX1070.com and I’ll update this list.
Thanks!
Alan Perry
C-FAX 1070 ”Tech Talk” host

Open the full PDF