Beware Virus-man - he’s out to get you!

Virus emails - speak of the devil


You’ll remember my last blog? You don’t? Well - better check it out - right here.

The blog was a warning about the dangers of the Evil Phisherman - how to avoid being caught out by phishing emails. I promised you that the next blog would be about Email Viruses. Speak of the devil - just this morning, I received just such an email.

And here it is - in all its evil glory


It looks pretty convincing - certainly at first glance. Everything is there that you’d expect. The NatWest branding and strapline, along with numerous references to security. In fact, it really is rather good, until … you look at it more closely. With just a little careful examination, familiar warning signs keep popping up.

Let’s look again -

Now let’s look at these danger signals in turn -

1. The domain name - @natwestmessage.com. Let’s see what the WhoIs Lookup website says...
   
   
   
   
   Well now - isn’t that interesting? The domain name was only registered on the 28th March! Just a few days ago. For a banking brand with NatWest’s global status, don’t you find that a trifle odd, or possibly suspicious? Let’s look at item no. 2 …
   
   
2. The attachment. There’s something you need to know. Banks NEVER send an attachment when the content is confidential. Why’s that? Well - password cracking software is easy to download and to use. So, it would be easy for someone with malicious intent to access a password protected document.
   
   
3. No greeting. Just as with phishing emails, discussed in the last blog, the lack of a personalised greeting is most odd and suspicious. A genuine email will always begin with Dear your name.
   
   
4. Bad Grammar. Look at that comma. There’s a space between it and the preceding word. We all know that’s not right. Do you think NatWest would send out an email with a glaring mistake like that? And it’s exactly the same with …
   
   
5. The expiry date. Really? March 02, 2017? Nearly 13 months before the date of the email itself? I don’t think so!

I’m sure you’ve come to the same conclusion as me. This email is like corked wine. It should be avoided … or you might regret the consequences.