Filet of Phish – McDonald’s Phishing Scam

appriver’s blog reports a phishing scam which pretends to be a McDonald’s survey.  The fake McDonald’s email offers the recipient a $250 reward for answering five questions.   This is very similar to the recent scam pretending to be a Coke survey. 

The scam starts with this email:

This email takes the victim to what appears to be a real survey:

“Next” takes the victim to the phishing page — where the identity is stolen:

After completing the fake survey, the victim is taken to the real McDonald’s website, thereby reducing suspicion. 

A similar scam is being conducted against McDonald’s in Australia:

I’m not lovin’ this!  That’s why I use eMail ID.

Know Who.  No Doubt.  eMail ID.

FDIC Phishing Scam

When I opened my email this morning, I had a message from the Federal Deposit Insurance Corporation (FDIC), a U.S. government agency, telling me that my account was losing FDIC insurance because of violations of the Patriot Act.  Luckily, the email had a link for me to follow to access the FDIC’s verification system which would allow me to remedy the situation. 

This email turns out to be another clever phishing scam.  If you follow the link, your personal information may be compromised or crimeware may be installed on your machine.  Read the FDIC’s Special Alert. 

 Actually, I was lucky.  Because I use eMail ID, it is easy for me to determine if an email from the FDIC is really from the FDIC.  

When I get an email from the FDIC, I know it is from the FDIC. 

Know who.  No Doubt.  eMail ID.

The Real Thing?

Coca-Cola sponsors the very popular mycokerewards website.  Over 13 million people have registered at the site to get brand loyalty bonuses. If you are a member of mycokerewards, you want to get special offers from Coke – that’s the whole idea! 

Recently, bad guys sent an email pretending to be a survey from mycokewards. 

The link in the email was a classic phishing website.  This email was not the real thing.  

When you sign up with mycokerewards, you want the real thing – the Real Thing in your cola and the real thing in your email.  As this animation shows, when you are using eMail ID, the real thing from the Real Thing is obvious:

When you want the real thing in email, use eMail ID. 

Know It’s Real.  No Doubt.  eMail ID.

White House Phishing Scam

Did the President send you an electronic Christmas card?  Really?  Well, it turns out that criminals spent the holidays impersonating the President of the United States in a clever phishing scheme.  

Like all phishing schemes, this one appealed to the recipients’ desires, fears and curiosity to get the recipients to act. Relying on the fact that people would be inclined to open a message from the President, these bad guys were able infect computers in a handful of U.S. government agencies, the Massachusetts State Police and the Moroccan Ministry of Industry.  The compromised computers appear to have sent information to servers in Belarus.  Alex Cox, principal research analyst at NewWitness, said that this phishing attack appeared to be espionage.

If the smart guys at the National Science Foundation’s Office of Cyberinfrastructure (the agency that issues grants for the development of state-of-the-art supercomputers and other high-end development) can be fooled by a fake email, what chance do the rest of us have?  

Fortunately, we have eMail ID.  I do get email from the President.  I know it is real:

When you get an email from the President, you, too, can know it’s real.  Know who.  No doubt.  Use eMail ID.

01-01-11 “The report of my death was an exaggeration.” ~ Email.

In a widely distributed article entitled, “R.I.P. E-Mail, 1961 – 2010”, Edward Moltzen tells us, “E-MAIL IS DEAD.”   

Maybe Mr. Moltzen should read his email.  During December of 2010, at the time of its supposed death, two studies were released that demonstrated the continuing importance of email.

On December 16, 2010, the Pew Internet and American Life Project released a study of internet usage.  They found that email was the most ubiquitous online activity across all ages. 

On December 29, 2010, ForeSee Results released a study of on-line holiday shopping.  ForeSee found that promotional email had a larger impact on on-line sales than search and social combined. 

Communication Method	% of Sales Influenced
Social Media	5%
Search Engines	8%
Promotional Email	19%

With its pervasive presence and strong resonance with consumers, email remains a robust means of communication for everyone.  Reports of the death of email can only call to mind the response of Mark Twain to reports of his demise.  “The report of my death was an exaggeration.”