Christmas is less than two weeks away and it’s going to be a busy two weeks with parties, eating, and shopping! Sadly, it is also a busy time of year for scammers out to defraud people who may let their guard down during this hectic season. An HSI® employee recently received one such scam and I’d like to share it with you. The email tells the person that they just purchased a $200 iTunes gift card for someone they don’t know! The instinctive reaction is to click on the ‘Click here to cancel this transaction’ link provided. But there are many red flags that give this phishing email away.
- Our clever employee noticed that this was sent to an email account NOT attached to their iTunes account. This is one of the biggest giveaways and is the first thing someone should take notice of when receiving any email regarding an account they have. Email accounts such as Hotmail, Gmail, and Yahoo are easier for scammers to send mass emails to because they are usually tied to social or entertainment websites such as Facebook or Twitter. Be sure not to use a free account such as these for any subscription, membership, or account that is tied to personal information, especially ones with credit card payment options.
- Hovering over the ‘Cancel transaction’ link showed a site URL that is NOT related to iTunes/Apple.
NOTE: Take your finger away from the click button when hovering over suspicious links so you don’t accidentally click it by mistake.
Opening a browser and Googling “What is delnott.com?” gives a bunch of results that, from reading just on the Google results page, don’t show any relation to iTunes or Apple.
- Anytime you see something that starts with < such as ‘<span style=”color:#3’ – this is broken HTML code. The < and > characters are typically not used in emails or webpages (for content) since they can confuse the browser. This is sloppy coding which you normally would not see from a reliable source such as Apple.
- The invoice showed $$ beside the dollar amount, but was inconsistent throughout the invoice. This is not proper formatting of currency and is a warning the invoice was not generated from a reputable source. Some phishing emails will have terrible spelling and grammatical errors throughout the email, but some have only small ones that gently tug at the mind hinting at a problem. Heed your instincts!
This truly is the most wonderful time of the year, but it can be a perilous one as well. Slow down, think, and take care. We can all weather this holiday season with our wallets and sanity intact!
Here are a few related articles to help keep you safe during the holidays: