Phishing scams are easy to catch when they’re filled with spelling mistakes, look terrible and, most importantly, are from a recipient that is very unlikely to contact you by email. But what happens when the phishing email looks just like the real thing, and is from a business who emails you regularly? We’ve had a look at the EE phishing email scam, and how you can avoid falling for it.
What is a phishing email?
A phishing email is an email sent by someone looking to exploit the recipient, by pretending to be a person or organisation that the recipient is familiar with. By masquerading as a large and trustworthy business, the sender attempts to convince the recipient to click a link within the phishing email.
This is usually achieved through scare tactics, such as threatening the recipient with an overdue payment, or through rewarding the recipients, such as offering a prize, a tax rebate, or some kind of monetary benefit.
Once the recipient clicks the link in the email, they might be taken to a fake login page, where they’ll be prompted to input their personal details. These can then be used in order to hack into a victim’s email, and use that to access accounts like PayPal, Amazon, eBay or banking apps. Sometimes, the page may even ask for bank details directly.
Clicking a link in the email might also trigger a download of malware onto the victim’s computer or device. This can then collect information in the background, which can then be used to exploit the victim for financial gain.
How can you identify a phishing email?
Although all phishing emails are different, some of them do have similar hallmarks. When the phishing email is not written in someone’s first language, you might notice spelling mistakes, or odd sentence structure. You might notice that the design looks a little off; the logo might not look quite right, for example.
You might also notice that the sender’s email address doesn’t seem right; particularly if it doesn’t feature the business’ name. However, it should be noted that email addresses can be hacked too; just because the email address looks right, that doesn’t mean an email is legitimate.
There might also be a time limit on how long you have to click the link, or enter your details; and a threat of what might happen if you don’t respond before the time runs out.
Taking a look at the EE phishing email
Phishing emails are getting more and more convincing, and that’s evident in this phishing email from someone pretending to be EE. First of all, the design of this looks fairly good; the colour scheme is consistent throughout, the logo is a good enough quality to appear legitimate. At first glance, this email seems to be from EE.
However, phishers want to convince you at a first glance, because the longer you spend looking at a phishing email, the more the cracks start to show. This is our first tip for spotting emails like this; you have to take your time. Have a good read through everything that has been said. The faster you read, the more you’re likely to panic and act without thinking; the slower you go, the more likely you’ll spot a fake.
Our first indication that this might not be from EE is the email address: firstname.lastname@example.org. As well as managing to be the blandest email address ever created, this also falls down at the first hurdle; there’s no mention of EE in the address itself. Another red flag is .info; very few brands use this, and are more likely to use .com or .co.uk.
We’ve also got a very strange subject line. It features a ‘Re:’ despite the fact that they aren’t replying to an email we’ve sent. It also lists the full date in a sentence of its own, which doesn’t quite seem to fit. The first paragraph also sounds a little strange, and this continues into the ‘Recent events occurred’ section.
When you’re reading an email and trying to discern whether it is legitimate or not, it’s useful to think about the amount of people at the organisation that must have to sign off on something before it is sent to a customer. Is it likely that EE would use the phrase, ‘Recent events occurred’ as a way to explain that a payment couldn’t be processed?
The reasons that they give for this failed payment are also a little odd; if you’re paying by direct debit, your card expiring should not be an issue. ‘There’s a problem with your bank,’ is also strange, particularly when we move onto the action they’d like you to take.
There are conflicting instructions in this email; one is to update your billing details, one is to confirm your account, and one is to ‘Authenticate Now’, whatever that means. This is another big red flag that this email doesn’t come from EE; any email from your phone company is likely to be clear and concise in what they need you to do. Finally, we have the scare tactics; we must ‘complete the process’ (another instruction) or risk ‘disconection of service’ (disconnection is misspelled, which is another indication of a scam).
What to do when you receive a phishing email
When you receive an email like this, do not click any links in the body of the email. Send it to your Junk folder. If you do think that it could be legitimate, find the contact number of the organisation online and give them a call; they’ll be able to confirm whether your payment has gone through or not. Do not use a phone number listed in the email; otherwise you’ll end up chatting to the phisher.
Tweet us @TranscenditUK