Русский 
English 
中文 
भारतीय 
Eesti 
Español 
Deutsch 
Български 
Türkçe Do you remember a cat from the cartoon Shrek? Well, it demonstrated very vividly what results you could get using psychological manipulations trying to psyche others up.
We mentioned this cat for a reason. Maneuvers demonstrated by this fictional cartoon character frauds use in real life and sometimes on a vast scale. You are lucky if you have never received e-mails informing that your e-mail has been hacked or similar notifications.
Frauds easily get the required information trifling with human affections and using reactions that appear in the state of fear, pity and other difficult to control emotions.
Today we will discuss how not to be deceived by fishing tricks in e-mails.
Frauds usually pursue a couple of aims: first, to get a password from an e-mail to delve later through your letters; second, to force a user to download a file full of explosives (virus): as a rule, it is a file inducing a user to take actions which are always in favor of frauds.
Hacking services are widespread; well, I requested to hack my own e-mail with no problems!
You will see the results below; the most important thing you have to realize is that nobody is authorized to give you via e-mail instructions on what you shall do, otherwise the harm can be irreparable…
Below you will find many screenshots with comments.
So, let’s begin.
Gmail – Documents
On the screenshot below you can see that the letter was sent from the gmail.com and contains information about some “important” documents. If you click on the documents you will be redirected to a fishing-page:
КАРТИНКА
Although when you hover a cursor over a document it shows the address neo4-yandex.ru, you will be redirected (the page contains a sniffer) to the absolutely different page: s-mail-google.com/myaccount/ru/index.php?id=&/id=20154748705121097
КАРТИНКА
Have you noticed the old Google logo on the fishing-page? This is the old logo. Probably you haven’t paid attention, as 99% of users; however, the logo has been changed long time ago. These details can save you from much trouble. Since crooks update their fake pages very rarely, it is easy to identify them.
Let’s continue:
Your message has not been delivered - Gmail
When you send an e-mail to a foreign address, gmail will send you a message that your e-mail has not been delivered. It is useful, but frauds use this feature as well.
КАРТИНКА
Typical reaction is to click and see what letters haven’t been delivered, but here again you have to deal with redirection:
s-mail-google.com/myaccount/ru/index.php?id=&/id=20154748705121097
Gmail – You have to change a password urgently!
This type of notifications influences mistrustful users, which represent the vast majority: “Your password is hacked!”
КАРТИНКА
And again, while clicking-through to change a password, a user falls into a trap by opening a fishing page.
Gmail — E-mail blocking
You receive a notification that you disserved somebody and your e-mail will be blocked if you won’t eliminate the cooked-up charges. You are honest! Certainly, you will click and… here is a surprise!
КАРТИНКА
First of all, the logo is again old and after clicking on “disproof” you will be redirected to a fishing-page which is designed as a personal page:
КАРТИНКА
Gmail – You are blocked for spamming!
You receive a notification that you are a malicious spammer so your account has been blocked. Now you have the only solution. You have to confirm your account:
КАРТИНКА
What do you see? The same old thing: the old logo and a redirect-page:
s-mail-google.com/u/0/accounts/index.php?id=&/id=d7115e86e7423e7aea202cebf544de21
Needless to say, it is a fake!
Gmail — You are in the black list!
You were added to a black list and the situation is “very serious”.
Actually, when you decide to solve the problem you will be redirected to the same page:
google.mail.com.ru-id322322.ru/?login=YWtzZWthdHlhfGFrc2VrYXR5YUBnbWFpbC5jb20=
It can be any other address, but the idea is the same.
КАРТИНКА
Gmail — Space extension offer
This one is the front-runner among all fishing-pages. They imitate quite well all Google interfaces and selected domains, but with a logo they fail again; however, the page is very realistic, at least not the standard one:
КАРТИНКА
A login is visible and it is clear that a user is run out of space…Apart from the logo, it is easy to be hooked…
КАРТИНКА
Gmail — Commercial
A letter with a business proposal, or a price-list, or requisite details:
КАРТИНКА
КАРТИНКА
Next: a redirect-page and a familiar account-page with a renewed logo. It looks like they have recently updated the page.
КАРТИНКА
Mail.ru — An official paper
A letter looks similar to the previous variant with numerous possible versions, however the idea is still the same – “open me.”
КАРТИНКА
КАРТИНКА
КАРТИНКА
The most dramatic thing is that after redirection you enter password in autopilot mode because the login is given - it is your login:
КАРТИНКА
Mail.ru — Non-delivered mail
Very nice service informs you about missing the most “important” letter and offers a method to read it. To make a letter trustworthy they included odd squiggles, titles and indistinguishable characters to accelerate your “click”:
КАРТИНКА
Having clicked you can see a familiar page where you enter a password in autopilot mode:
КАРТИНКА
Mail.ru — You have to extend your e-mail capacity (space)
A very credible fishing-page, success probability is around 95%:
КАРТИНКА
When you click-through, you will be redirected to a page where you are offered to extend a volume (space) of your e-mail:
КАРТИНКА
Here is an example of a similar letter:
КАРТИНКА
КАРТИНКА
Mail.ru — Security
How will you react on a letter which notifies you that your e-mail has been hacked and you have to change a password? The logic answer is “I will change”, but it will be a huge mistake as you will send your password to swindlers:
КАРТИНКА
There was a fishing-link, but I cannot demonstrate it as it doesn’t work anymore.
Yandex — Security
You are complained about! Confirm your account or it will be blocked… How do you like it? Here it is:
КАРТИНКА
Click-through and you are redirected to a page where everything is prepared for fishing out your password:
КАРТИНКА
Now about malicious files
Internet-crooks are not stupid; as a rule, they are highly educated with knowledge of practical psychology. Using chaos in financial and political spheres when ordinary people are scared of various state and parastatal financial authorities as well as judicial and executive authorities, frauds send very bold letters offering to install different codes on websites. For example, a letter with an approval of a website by the Federal Supervision Agency for information Technologies and Communications (be sure, it is nonsense):
КАРТИНКА
And here is not less bold and daring a letter from the “arbitration tribunal” with a link to a cryptolocker:
КАРТИНКА
Here is one more masterpiece: a letter informing that you have taken a loan. Most users will panic! Click-through takes you to a CryptoLocker.
КАРТИНКА
Finally, safety instructions:
If a letter obliges you to an immediate action you must become alerted. Try to verify on your own, and if you are not enough competent ask for professional help.
- If you have doubts about a letter – delete it.
- Suspicious link may lead to very sad results. Do not click on links in letters you are not certain about.
- Courts and banks rarely use e-mail: for the most part they prefer phone calls or regular mail.
- Almost all mail services offer two-tier authorization – we recommend using this option.
Do not let anybody befool you!
Good luck!
