Don't Be a Victim of a Phishing Email

As defined by google mail, phishing is a form of fraud in which a message sender attempts to trick the recipient into divulging important personal information like a password or bank account number, transferring money, or installing malicious software. Usually the sender pretends to be a representative of a legitimate organization.

I'm writing this blog to share an experience I recently had. You see, this legitimate organization in my case is AlertPay. The above photo is the first email I received from them. It looks like it was sent by AlertPay indeed. However, when you closely look at who sent the email, it makes you suspect something fishy.

Yes, I checked out the site that was indicated there. It was missing an index page at that time. I also tried searching for it under whois and it was definitely not registered to AlertPay.

When you click on that link to confirm your account information, it comes to a page shown below. Take note of the URL shown on the address bar. Now that definitely isn't AlertPay! So beware!

I reported the matter to AlertPay, which seems to be the only thing I could do. Plus, I thought of writing this hub about it. I hope that no one falls victim to this scheme.

If you're brilliant enough to come up with such a scheme, why don't you just use it to do some good for mankind? Such a waste of talent indeed! Tsk!

Here's another email I received today. The email changed the sender address but still not legitimately from AlertPay. Do be careful and double check the sender every time you receive any email that requires you to log into sensitive and important sites.

(Update 2013/01/05) : Note that this is not limited to AlertPay (now Payza) alone. I have received one that was supposedly from PayPal as well. Just be vigilant when doing transactions online. You don't want to fall victim to phishing sites.