Plain-text e-mail clearly shows the link to an illegitimate Website used for phishing. Photo by Bryan Dorr.

Catch a phish with plain-text e-mail

By Bryan Dorr
Oct. 17, 2007, 9:56 a.m. PDT
bdorr@bjdorr.com

An e-mail arrives in your inbox, saying you need to update your account information by “clicking here.” Does that link really go to your bank or credit union’s Website? Most likely, it does not.

Something smells “phishy” here.

A phishing e-mail is disguised to emulate a legitimate website, but the information provided actually goes to illegitimate sites to siphon personal and financial information to commit identity theft and fraud.

In a HTML e-mail, the type of email that provides fancy fonts and splendid graphics, the link simply says “click here.” There may be a pop-up feature that may display the link or the link address in the status bar, usually at the bottom left corner of the window, but usually goes unnoticed.

Some e-mail programs can disable hyperlinks, depending on the program’s security settings.

In the world of boring, generic plain text e-mail, phishing e-mails are easier to spot. Usually next to the word “click here” is the actual link address which one will be directed to provide all the personal information to the illegitimate Website.

In this case, a credit union in Oregon was requesting account information updates or otherwise the account would be deleted. In the plain text e-mail, the link clearly showed the link being directed to a Website address based in Mexico.

If one were to click on the link in the e-mail while viewing in HTML, a Web page would appear as the credit union’s legitimate login page. A good indicator that a visitor is not on the legitimate page is to look at the URL address at the top of the browser in the address bar. In this case, the page was located on the same Website based in Mexico.

E-mail programs can be set to read incoming e-mail in plain text. Mail readers usually have the option to convert the e-mail into HTML while reading the mail. Plain text mail, however, don’t usually indicate photo attachments which may go missed on legitimate e-mails.

In this case, I found that all available links, such as locations, contact and help were redirecting the visitor back to the illegitimate login page.

If you suspect a phishing e-mail, here are some basic tips:
• Do not reply back to the e-mailer at the e-mail address provided.
• Do not click on any links. Links may contain viruses or spywares that can monitor keystrokes.
• Do not enter and submit in any personal information.
• Contact your financial institution by telephone to verify or report the e-mail.

To learn more about phishing, visit OnGuard Online at http://www.onguardonline.gov/phishing.html.

This story is inappropriate and should be flagged for moderation. Please choose from one of the following options:

You have indicated this comment should be removed.

Close

The comment has been submitted for review. Thank you .

Ryan says ... on Thursday, Apr 17 at 5:23 PM

I got that same email today. I googled Oregon Community Credit Union Phish and this site popped up. Thank you! In this email, I was more worried that I actually had an open acct with OCCU, since I live in Central CA. Thanks Again!

larry says ... on Thursday, Oct 2 at 5:41 PM

hello: i would liike to know why? on these presidential and vice presidential debates that the candidates are throwing mud instead of saying what they are going to do about the issues. i think everybody would like to know. zimmerman4551@comcast.net

Add a comment

Name:

Comment: 250 Characters Left

KATU.com and its affiliated companies are not responsible for the content of comments posted or for anything arising out of use of the above comments or other interaction among the users. We reserve the right to screen, refuse to post, remove or edit user-generated content at any time and for any or no reason in our absolute and sole discretion without prior notice, although we have no duty to do so or to monitor any Public Forum.