AOL's Phishing Email!
Wednesday, September 27, 2006
Few days back, I got an email which appeared from AOL , which said the following thing :
Sender : Alerts@aol.com
Subject : Attention : Your AOL Account Could Get Suspended
Body :
# Dear Member:
Thank you for choosing America Online. Unfortunately there has been a
problem processing your billing information for the month of July, 2006.
Please review our billing requirements at KW: Billing. You will be able to
update your billing information quickly and easily using our secure server
web form. Please understand that without promptly updating your billing
information, your America Online Internet service may be discontinued. To
update your billing at this time, please visit our secure server web form by
clicking the hyperlink below.
America Online Billing Services.
We appreciate your business and hope to keep you as a customer for life.
America Online is so easy, no wonder it's number 1 !
Sincerely,
The AOL Billing Services Team
How can I restore my account access?
Please update your billing here: America Online Billing Services. and complete the web form.
Completing all of the checklist items will automatically restore your account access.
© 2006 America Online, Inc. All Rights Reserved
After looking at an email like this, I was shocked and I was about to click on the link to open up the web form but suddenly few point struck my mind and those question or points saved me. Here's the list of the question asked by myself :
1. I've AOL account for over a year now and I'd no problems till this time, then why they have a problem now?
2. I do'nt live in U.S.A. and I do'nt have any dues with AOL too, then why this email?
3. Can it be a phishing email?
As soon as, these three questions struck my mind, I started to find out the genuinity of this email and after running the checks I came to the conclusion that it is one of the phishing email.
How I Found Out That It Is A Phishing Email ?
1. Checking the headers : These days most of the email services show a line next to the sender of the email which says "Mailed-By : xxxxxxx", where xxxxxxx is the name of the server through which the email has been sent. So, if you have a yahoo email account and you send an email to your friend having a gmail account then your friend will see "Mailed-By : yahoo.com" or something similar.
In case your email service provider does'nt show you this line then not to worry, they'll surely allow you to view the actual header of the email, in case of GMail you can see the headers by going into "More Options" and then click on "Show Original".
Here's the part of header of the email I recieved and which gave me the idea that it can be phishing email :
X-Gmail-Received: cdf158ad88ab52ba4269882b075a1e39547e7958
Delivered-To: mayankgupta.com@gmail.com
Received: by 10.48.207.2 with SMTP id e2cs122781nfg;
Sun, 24 Sep 2006 17:02:19 -0700 (PDT)
Received: by 10.70.66.18 with SMTP id o18mr5940508wxa;
Sun, 24 Sep 2006 17:02:19 -0700 (PDT)
Return-Path:
Received: from server.shababserver.com (server.shababserver.com [69.90.171.82])
by mx.gmail.com with ESMTP id 43si2002521wri.2006.09.24.17.02.19;
Sun, 24 Sep 2006 17:02:19 -0700 (PDT)
Received-SPF: pass (gmail.com: best guess record for domain of nobody@server.shababserver.com designates 69.90.171.82 as permitted sender)
Received: from nobody by server.shababserver.com with local (Exim 4.52)
I've higlihted those lines with red which helped me in coming to the conclusion that this email is phishing scam. After looking at it, I thought that in case it is an email from AOL then they'll send it from their server and not from these kind of server. By their server I mean, they'll have a name which will say AOL in it.
I immediatly opened up another email from AOL (the welcome message from AOL) and it showed that it had "Mailed-By : AOL.COM". So, this step only saved me from a phishing scam.
2. Going Directly On the Site and Not using Hyperlink : Although, I cleared up things in the first step only but still I thought that it will be wise to go to AOL.COM and then check up things over there. I checked things there and they seemed correct. I never used the hyperlink given in the email (I have removed the hyperlink in the above mentioned email message), instead I opened another browser tab and directly went to AOL.COM and checked things there. It is always advisable that when you doubt some email then you have to be cautious.
3. Ask the support team : Although, I did'nt performed this step, but you can do this kind of step and that is simply go on the website and send an email through the contact page and ask them in case they've sent you any email like this. Companies like AOL, Google will always return back quickly and mostly with in 24 hrs.
4. Report Phishing : After you are sure that it is a phishing scam then do'nt forget to report the email as phishing scam. You are smart enough but not all are smart enough and can fall in the trap. So, by reporting you'll not only help yourself but you'll help millions others.
I hope that in future you'll be cautious, as I was and remember that do'nt trust any email and always check the headers to ensure the genuinity of the email and instead of following the LINK in the email go to the website directly.
Tags:
2 Comments:
thank you so mucH!! you are saving a lot of people for debt and lossage of money!
commented by 
Anonymous, 7:47 PM
Anonymous, 7:47 PM
I've also received the same email on AOL. When I moved the cursor over the link it read: www.windhamautosales.com
They also tried to get my billing information & threatened to cancel my AOL membership if I didn't update it within 2 days.
JMD of Stoke Mandeville, UK
They also tried to get my billing information & threatened to cancel my AOL membership if I didn't update it within 2 days.
JMD of Stoke Mandeville, UK
