Beware Virus-man - he’s out to get you!
Virus emails - speak of the devil
You’ll remember my last blog? You don’t? Well - better check it out - right here.
The blog was a warning about the dangers of the Evil Phisherman - how to avoid being caught out by phishing emails. I promised you that the next blog would be about Email Viruses. Speak of the devil - just this morning, I received just such an email.
And here it is - in all its evil glory
It looks pretty convincing - certainly at first glance. Everything is there that you’d expect. The NatWest branding and strapline, along with numerous references to security. In fact, it really is rather good, until … you look at it more closely. With just a little careful examination, familiar warning signs keep popping up.
Let’s look again -
Now let’s look at these danger signals in turn -
- The domain name - @natwestmessage.com. Let’s see what the WhoIs Lookup website says...
Well now - isn’t that interesting? The domain name was only registered on the 28th March! Just a few days ago. For a banking brand with NatWest’s global status, don’t you find that a trifle odd, or possibly suspicious? Let’s look at item no. 2 …
- The attachment. There’s something you need to know. Banks NEVER send an attachment when the content is
confidential. Why’s that? Well - password cracking software is easy to download and to use. So, it would be easy
for someone with malicious intent to access a password protected document.
- No greeting. Just as with phishing emails, discussed in the last blog, the lack of a personalised greeting is
most odd and suspicious. A genuine email will always begin with Dear your name.
- Bad Grammar. Look at that comma. There’s a space between it and the preceding word. We all know that’s not
right. Do you think NatWest would send out an email with a glaring mistake like that? And it’s exactly the same
- The expiry date. Really? March 02, 2017? Nearly 13 months before the date of the email itself? I don’t think so!
I’m sure you’ve come to the same conclusion as me. This email is like corked wine. It should be avoided … or you might regret the consequences.
- Difference between POP3 and IMAP 10-05-2018