Late last week, our 24/7//365 threat monitoring team detected a sophisticated phishing scam that looked like an email from NewEgg.
What is Phishing?
A phishing email is an important-looking message from a bank, credit card company, etc. that urges you to click on a link to update your account. The link takes you either to a fake login screen that will steal your username and password, or to a website that will try to infect your machine with a virus. Most phishing scams address the recipient as "Dear Valued Customer" or something like that, because the scammer does not know your actual name. That's one of the tip-offs.
Do not click on the link or run such an attachment. It is a dangerous virus or other malware.
"NewEgg" Phishing Scam
Although many older phishing scams looked so fake, this one looks legitimate and could fool a lot of people to give away their login or other info.
Although this email looks real at first, it has some clear signs of a phishing scam. For example, it's addressed to "Dear Customer". If this were from NewEgg, they would probably use your name. Also, legitimate companies almost never send you an email with a link to a login screen.
Phishing Email Looks Almost Real
However, this one is a little tricky to recognize as a phishing email. For one, it doesn't have an urgent message telling you to update or verify something with your account. Instead, it makes you think that you ordered something, and provides a few links to click on that look like they'll go to your account.
But they wont. They take you to the scammer's web site, where there is probably a login that looks like NewEgg's. Another difference is that not all of the links go to the scammer's website. Some actually take you to NewEgg, adding to the email's credibility.
Even if all the links in a phishing email look like they go to the real website, be careful. Some are sophisticated enough to make links display the name of the real website when you hover over them, when in actuality they will take you somewhere else where you do not want to be.
That's why we say, never click on the link in an email or run attached software that is asking you about an online account., no matter how legitimate the email looks.
If you're a SpamStopsHere user, you probably won't see these campaigns because we detect and block them very quickly. We don't know if other anti-spam filters have done so.
Send Us Your Spam
If you are a customer, are in a free trial period, or just curious about an email that you think is spam, send it to firstname.lastname@example.org. We monitor email threats 24/7/365, and always appreciate your assistance in making our product even better for you.