Blue Coat educates users on phishing protection

Early this month, online marketing company Epsilon announced a data breach. The data theft amounted to potentially millions of customer names and email addresses, since Epsilon provides marketing services for over 2000 large retailers, hotel chains, major banks, and many other familiar companies. 

While Epsilon's clients have been proactive in warning their customers to be on the look out for fake emails, it's likely that some users will fall for phishing emails, and click links to sites that are attempting to steal their login credentials. In the old days, phishing attacks usually targeted bank accounts, and the sites were crude copies of legitimate banking sites; now, the bad guys are very good at creating perfect-copy phishing sites. They use (in simple terms) a "skin" of the banking site that leaves its links to real images and other content intact, and just change the location where the login box sends its content. They also go phishing for all kinds of logins these days, not just banking sites. 

To make sure users don't get caught up in any phishing attacks associated with this breach – or any other, for that matter – Blue Coat’s malware research team decided it was a good time to review some of the tell-tale signs of a phishing email. 

Mouse over the link in the email: Even if the email looks authentic, check to make sure the link is really going to the right place. Mouse over  the link in the email (without clicking it!) to see if the link in the status bar is the same destination as the visual text of the link in the e-mail. If they don't match, the email is a phish. 

Watch for really long (and really short) links: Watch out for really long links, with the fake "site" (name of target company) at the beginning, where you'll see it, and the name of the hacked site hosting the phish at the end, where they hope you won't notice it. Also beware of "shortened" URLs (e.g., using sites like bit.ly, ow.ly, etc.) -- it's highly unlikely that a legitimate bank or other company would send you an email using one of these links. 

Look for grammatical and spelling errors: While the bad guys may have developed more sophisticated techniques for creating phishing sites, they generally haven't developed better English. Be on the lookout for grammar mistakes or otherwise "weird" English. Financial institutions that manage billions of dollars tend to not send out emails with subject-verb agreement issues or misspellings of simple, common words.