Fake Red Cross emails link to private PayPal account
Posted on 02 July 2012.
A rather generic but well-crafted fake American Red Cross email has recently been hitting inboxes around the world and asking recipients for donations:


As the offered link can be seen leading to a legitimate PayPal account, users might feel safe following it.

Still, the account in question seemingly does not belong to the American Red Cross, but to the owner of the thomasmarch171@gmail.com email address and account.

"Other than a short user-supplied bit of text, there is no indication that Thomas March has any connection with the American Red Cross," Barracuda Labs' researchers point out. "While paypal.com is a well known legitimate website, that means nothing when it comes to the destination of monies transferred."

Even though this particular email doesn't dupe users into sharing personal and financial information, we can safely assume that a donation made here will never reach the Red Cross.

In fact, the organization has its own dedicated, HTTPS protected web forms for donations, and this is the only webpage through which online donations should be processed.

"This underscores one of our primary pieces of advice when it comes to email security," say the researchers. "Never follow links in email. The risk that the link is spoofed is just too great."






Spotlight

The psychology of phishing

Posted on 23 July 2014.  |  Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //