Phishing is “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.”. Common examples are fake emails from banks or the IRS in an attempt to get your credentials.
A little background before we get started here – I’m in the process of buying my first house here in Kentuckiana. When the process got a little more serious and it came time for documents to be signed and sent off, my realtor told me to be on the lookout for scammers. He mentioned emails about wire transfers and credit card requests but I brushed it off since I figured it was a Nigerian Prince type scam, however it is a little more detailed than that.
At this point I’m in the closing process and tons of documents are going back and forth between myself, my realtor, the bank, and others (insurance company, etc..). I received an email “from” another realtor agency in my inbox and at first glance nothing appeared to be wrong. It was supposedly from a major, reputable realtor in the area and a PDF was attached, looking like many of the emails that are coming to me.
However what triggered my alarms were the format of the email (the logo not loading, the notice text being a different color, the general unprofessionalism of the email). I was very skeptical that this was a real email after looking it over, so I figured I’d see what it was all about. Opening the PDF produces, again, a very unprofessional looking document with the realtor logo pixelated and misaligned at the top. The rest of it was odd but not necessarily alarming.
Clicking the “VIEW .PDF ONLINE” takes you to a website that is blocked by all the major browsers (Chrome, Firefox, Safari, and IE) for being phishing website (which it is), but I wanted to take a closer look so I proceed.
Clicking the login buttons opens a new window with a form styled like the Outlook email login and filling the form out does nothing but (I’m assuming) sends the credentials over to the phisher. While most people would have been stopped by the browser warning, it still goes to show that emails need to be looked at with some degree of caution. What looks real might not be the case.
We all can be subject to phishing/scamming, especially if you don’t know what to look for. I hope my experience can help you recognize any red-flags so you can avoid a scamming disaster.