Lately, it seems as though I have been getting a lot more spam in my spam filters than I have had in a while. Yesterday though, I got something new that I thought was worth mentioning. The message appeared to be an IT related newsletter that I actually subscribe to. I don’t want to mention the name of the newsletter, but I will tell you that it wasn’t a TechTarget publication.
At any rate, I was about to click on a story that I wanted to read, and I got distracted. It was just dumb luck that when I turned back toward my computer screen my mouse was still above the link, and the URL was showing. As you have probably already figured out, the bogus newsletter was directed toward a phishing site.
Phishing messages are certainly nothing new, and I like to think that I am up on all of the latest ways to keep myself safe from these types of scams. This one almost got me though. After I realized that the newsletter was fraudulent, I started looking for tell tale signs. The scary part was that the newsletter appeared 100% legitimate in every way. It appears that the spammer took this site’s current newsletter, changed the embedded URL, and then sent it back out while spoofing the organization’s identity. The wierd thing was that I got the fake newsletter before I even got the real one. The two newsletters were identical aside from the embedded URLs.
My point is that you can no longer implicitly trust messages that were previously considered trustworthy. I would never advise anyone to give up the newsletters that they subscribe to. Newsletters are a great way to keep up with the latest information, and I rely on them myself. What I am saying is that it may not be a bad idea to get in the habit of verifying URLs before you click on them, even if the message seems to come from a trustworthy source.