Phishiology: Forms and Samples of Phishing Scam Messages

Phishiology: Forms and Samples of Phishing Scam Messages

Phishing is the foundation of scam. The success of a phishing message leads to scam.
It becomes Phishing Scam when the two tricks are dubiously interwoven to get your details and your money.

Majority of cyber attacks begin with phishing emails which entice you to click, and majority of such emails use malicious file attachment.

 

So, you want to ask: what is Phishiology?

The collection of examples of such phishing e-mails, text messages, false credit alerts, and other messaging tricks sent to you by cybercriminals for fraudulent activities is what I refer to as phishiology.

Relationship between phishing and scam
Phishing is a ploy scammer uses to get your account details in order to use it for his own advantage.

 

Tools of Phishing message

These are the critical information a scammer needs to successfully launch attack on you:

1. Your name
2. Username
3. Address
4. Phone number
5. Password or PIN
6. Bank account number
7. Debit or credit card number
8. Card Validation Code (CVC) of your credit card
9. Social security number (SSN)

It means the personal information gotten through phishing is used to execute scam, which is a dishonest way of making money from people through a questionable means.
Both involve tricks.

 

Communication channels of phishing scam

• Through social media (twitter, facebook, LinkedIn e.t.c)
• Over the internet,
• Via e-mail,
• Text messages (SMEs)
• One-on-one
• Print: Newspaper/Magazine (some newspapers carry dubious adverts)
• Radio, and
• Television.

 

How cybercriminals operate

Most cybercriminals are experts in hacking; they know how to break weak security walls. They use emails, calls, text messages, spyware, hacking and other means to gain your trust.

We’re in a mobile-world which is one of the reasons we’re more susceptible to attacks because mobile devices have completely changed the way, intervals and how we get information.

And you know the joy of “online hawks”?
They believe that the click rate of their specially-designed dubious messages, in whatever form, is higher on mobile devices than on desktop computers.
Though banks always issue security warnings on how their customers can protect their accounts, taking personal precautions on how to avoid scams is also necessary to securing your account information.

Warning to readers

Please, do not contact any email address herein, even though more than 99.9% of some of them do not have permanent email or telephone address.

 

Forms and Examples of Phishing Techniques

Online thieves work in a sophisticated market structure. They are very cunning and innovative like those who invented the computer, so being smart isn’t enough for you not to be duped.

One of the best ways to beat them is to stay alert, keep yourself updated about new trends. This article has 32 forms and samples of such phishing scams which are:

1. Product Review Fraud

 

IMReport Card says, “…If you do these things we absolutely guarantee that it’ll make your Internet marketing journey easier and more financially rewarding,you’ll earn some extra money (emphasis is mine) using the site, and you’ll be helping lots of other people all at the same time.”
Unfortunately, IMReport Card has had to battle with fraud reviews from who has neither seen nor used a product before which negates the purpose of the firm. They made false reviews because of the extra cash. And false reviews can be misleading and confusing for a prospective buyer from making the right choice.

Here are some countries that have been prohibited from posting comments or earn credits from the use of the site:
• India
• Lithuania
• Malaysia
• Nigeria
• Pakistan
• Philippines, and
• Singapore.
Some users from these countries had been detected for fraud commenting. (Please check the official website of IMReport for an updated list).

But some of them have devised a way around the barrier placed on them. Sophisticated ones among them now resort to using advanced methods.

 

2. Quick action Message

 

You’re persuaded to activate a particular account you’re unaware of when and how you opened it. Such email is tricky that you may say, “Can it be true” thereby clicking through in eagerness to know where you will be led. E.g:

“Hey,

There’s a new system that is literally printing money on demand for all it’s users.
I was lucky enough to secure a private activation key for you.
Click here for Your Private Activation Key

Once you activate the system you will start to receive real money into your account. Go Now To Gain Access

Good luck and I am glad you’re doing this!
Thanks.”

This kind of email is targeted at getting your bank details since you’ll be required to drop your account number, and some other personal details.

 

3. Contract Letter Impersonating Government Officials

 

This is one of the most used scam tactics across the border. The “bad guys” use this to defraud an unsuspecting foreigner who thinks he’s dealing with a real government representative. This takes different forms. They use letter head paper bearing the name of a particular ministry, a name of a minister, or permanent secretary with a forged signature sent to you as fax, or e-mail.

ActionFraud calls this “business opportunity fraud” , where you get a comprehensive list of investment opportunities from which you can take advantage of.

One of the things that makes 419 fraud tricky is the fact that writer of the message follows the trends within government circle.

For instance, if the government is planning to distribute free English textbooks in all the public schools, it’s an opportunity for 419ner to come up with letter head paper of ministry of education, which content will be contract worth millions of dollars.
Which company doesn’t want to expand and explore international opportunities?

How they come up with who to defraud?
They search for international publishers on the website, and they establish contact posing as government representative.
It’s better to use the official website of government ministry than any link sent to you by an impersonator in any kind of business opportunity.

 

4. Escrow Deposit Scam

 

The scammer either acts as the seller or buyer. If he’s buyer, he contacts you saying he wishes to pay through Western Union. Then he goes ahead to forge an e-mail that payment has been made into your account, or saying that your money is being held in Escrow and will be forwarded when the seller verifies they have tracking number.
He’s also the same person that will send tracking number to you for verification.

In this kind of situation, you as the seller may send the goods thinking your money is secured with a reputable company the scammer claimed to have paid.
So, because of the forged e-mail or message sent to you, you too might send the item before you realised it’s a scam.

 

5. Act-Now email.

 

“Hey there!

I’ve sent you private, VIP access yesterday but my records show you haven’t taken action yet 1-time Free Access: Redeem Today.

I need to know if you’re really want to access to this all new commission tool or if I should pass the opportunity on to the next member. Activate Your Download Link Here

Only 24 hours before your link expires!
Hurry!”

 

Watch out:
The email isn’t formal. It’s generic, which is one of the Things to Watch Out For In Dubious E-mail.

Such message has a large number of recipients. Cyber thieves don’t have time to address each recipient by their name. The quickest way is to push their email out en masse to their targets.

It doesn’t want to give you time to think before you click, “horridness” in tone. Even if the message contains your name or addressed to you, you’re still advised to take personal precautions, particularly when the message is requesting you to click a short URL which is now one of their tricks.

Bank Account Update Scam