Here is the email:-
The phishing message. |
Another important thing to notice in this message is the Sent to: field. Notice how it mentions undisclosed recipients. This is common in such messages. They are sent to a lot of email ids in one go. Hence, hiding the recipients allows hackers to prevent their targets from knowing that this same message has been sent to a lot of users.
The next thing to notice is that this message does not address me by name. This is uncommon for an email company that already has your name. Most companies add the user's name to add a personalized feeling to their messages. This is something that is quite difficult to manage if you are sending the same message to thousands of users.
One of the most common feature of phishing emails is their use of incorrect grammar. This message is no different. The inappropriate capitalization and spelling mistakes like writing the word 'loosing' in place of 'losing' leaves no doubt about its authenticity.
One more important thing to notice is that at the end of this message, there is no mention of the email provider's website. This is very uncommon considering that most email providers leave no stone unturned to brand their messages.
Lastly, the email address to reply to is different from the one with which this message was sent. A proof that the sender of this message tried to spoof the sender id.
The techniques used in this email were typical and hence it should not be difficult for anyone to detect that it is a phishing message. However, cyber criminals are evolving and most of them don't make such common mistakes anymore. You should always use common sense in such situations and never click on suspicious links.