Upham's Corner Online

Phishing Scam Email from Mombasa Kenya

This is the story of a "phishing" exercise that almost spelled disaster.  By stealing the email address and standard format of a colleague, the internet thief almost got me to click on a link that looked innocuous enough.   Yet, it turns out the intent of the perpetrator was completely malicious under the pretense of a Google looking presentation.  Everything (almost) looked normal and without thinking, I almost yielded to the scam. 

I write this story to remind myself to be more careful, more circumspect and to not worry about "suspecting" your colleagues but rather suspecting their identities might have been stolen.

Dancing with Phishing Email

This morning I received email from a co-worker who lives on the next street and whom I have known for decades.  So I opened it and followed the instructions shown below.   Why shouldn't I?  Never thought otherwise.

"CLICK HERE."  There was nothing particularly alarming about the email.  I recognized the individual's photo - same one he always uses and, yep, that's his usual email signature - the same one he uses for all of his emails.

Phishing email

Still something didn't seem right.  I have never known him to ask my opinion about his technical work - we're not in the same line of business.  I clicked anyway only to see what appeared to be a Google Doc type of format.  At least that is what I was led to believe.  It looked like he had authorized me to have access to his document. 

Further instructions:  Enter your email address and your password to get access to the document.

"Which email address?" I thought.  "I have many.  How did he know which one of mine to select?  And my password?"

I couldn't remember my password.  "Too much trouble. I'll tend to this business later" I thought and hours passed.

Distracted into Making Mistakes

People who are "more alert" than I am to "fishy" emails would have immediately recognized the key elements that are needed to steal my entire email address book or worse.  The scammer was asking for my email address and the password.  But I was too distracted trying to figure out why my co-worker would have sent me this email in the first place. 

When in doubt, stop! Ask the sender in a separate email if s/he really sent you the email.

Several hours later another email arrived from the same individual:

Email warning

VIPRE Eventually Recognized the Phishing

While my Internet Security software (VIPRE) did not recognize the problem when I first opened the email, it eventually did.  The next time I tried clicking on the link, this is what happened.

Web Forgery confirmed

PhishTank.com confirmed this web address as phishing.

See report:  http://www.phishtank.com/phish_detail.php?phish_id=1755368

PhishTank confirms phishing

Email Header Information

  If investigating the source of email is of interest to you, then viewing the email header can be helpful.  In Gmail, the "more" option provides "View original" which displays the header.  Most of what you see is unintelligible but the email content will be shown in HTML format, displaying, for example, the link. You can also do this by right clicking, copy link and pasting it to a text file.  There will also be interesting IP addresses which you can check on the Internet.

Just wanted to make sure you received the message I tried to deliver to you earlier, but it doesn't seem to have got through. Please view the document i uploaded using Google docs check it out here, CLICK  HERE


and log in with your email
and let me know your opinion on this.

Mombasa Kenya

Advice from Stop.The.Spamers@gmail.com

When sending an email to more than two recipients, please put all of the addresses in the BCC (Blind Carbon Copy) field instead of the TO or CC fields. 

That way, none of the addresses will appear in the computer in-boxes of the addressees, where they are most subject to being hacked. 

Put your address in the TO field.  This will help to reduce spam, which unfortunately is on the rise. 


Mombasa Kenya and Agri Chemicals

Perhaps even more frightening than the phishing threat was looking at the the link:  (no longer active) http://www.farmplus.co.ke   It is an agricultural pesticide company based in Mombasa Kenya.  Watch the chemicals and people applying them in hazmat suits.  Is this what we are eating in this modern era of agri-business?

Posted: March 7, 2013     Nancy J Conrad

Your comments will be posted here and in the Letters to the Editor after processing.


| Copyright © 2010-2018 Uphams Corner News - All Rights Reserved |