Fake Red Cross emails link to private PayPal account
Posted on 02 July 2012.
A rather generic but well-crafted fake American Red Cross email has recently been hitting inboxes around the world and asking recipients for donations:


As the offered link can be seen leading to a legitimate PayPal account, users might feel safe following it.

Still, the account in question seemingly does not belong to the American Red Cross, but to the owner of the thomasmarch171@gmail.com email address and account.

"Other than a short user-supplied bit of text, there is no indication that Thomas March has any connection with the American Red Cross," Barracuda Labs' researchers point out. "While paypal.com is a well known legitimate website, that means nothing when it comes to the destination of monies transferred."

Even though this particular email doesn't dupe users into sharing personal and financial information, we can safely assume that a donation made here will never reach the Red Cross.

In fact, the organization has its own dedicated, HTTPS protected web forms for donations, and this is the only webpage through which online donations should be processed.

"This underscores one of our primary pieces of advice when it comes to email security," say the researchers. "Never follow links in email. The risk that the link is spoofed is just too great."






Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //