Phishing Confusion Example



So, yesterday I received this email from my Identity Theft Provider. Been with them since 2008 so I know how their emails look. Normally I get the "all clear" signal once a month, but this time there was credit alert on my account so I had my Red Flag Alert Filter on 'high'. Now, I had just applied for a Google Adwords credit card so I knew that would kick off some activity. But check out this email. Of course I hovered my mouse over the link and see what the URL shows at the bottom?

confusing phishing email

The email comes from IDWatchdog.com, but the link inside the email goes to a totally different domain. I am even surprised that this was not trapped by Google as phishing to start off with. This is a legit email from a legit vendor but using a different domain in the URL causes a lot of confusion. They would be better off just saying "log into your account and click on Monitor", because everyone that knows anything about phishing is going full tilt and call their support hotline to check if this is legit or not.

IDWatchdog, somebody listening?




Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews