Select Page
Delete Notification: example.com

Delete Notification: example.com

Jan 15, 2024 | Emails with dangerous links

Last week, I received an email from an unknown address that spoke about the expiration of my domain XXXXXX.ORG. The name of the domain owner – yours truly – mentioned in the email was correct. The domain name mentioned too was correct. However, the domain expiry date was not correct and that made me suspicious. Also the fact that the email came from an address that did not seem right.

Given below is the copy of the termination warning email as received by me.

Termination  warning Email

Termination Warning
This notice is to inform you that your domain invoice number c062dc6b530846cda8ada11be4fdb2ea is OVERDUE. XXXXXX.ORG expiring on 12 January 2024 is SUSPENDED.
The contact person currently on file is Sanjeev Sharma.
Renew XXXXXX.ORG (Don't' click – link changed)

 

Expiration:
12 January 2024
Legal Disclaimer:
We can not be held legally accountable for any claims, damages or loss that you may incur owing to the cancellation of XXXXXX.ORG. Any such damages may include but are not solely limited to: sales losses, lost data without backups, loss of position in search rankings, lost appointments, undelivered email and any other business, service or technical damage that you may suffer. For further reference please refer section 22.b.3.e of our Terms of Use
Duration:
This is the final message that we are required to communicate with reference to the expiration of XXXXXX.ORG.
CLICK HERE TO RENEW – (Don't' click – link changed)
Unable to click the link? Copy and Paste this into your browser:
https://dangerousdomain.com/cart/c062dc6b530846cda8ada11be4fdb2ea – (Don't' click – link changed)

All web services will be restored immediately on XXXXXX.ORG upon confirmation of payment. We thank you for your cooperation and continued business.

Final Notice sent on January 12 2024

If you are not the intended recipient of this notice for this website please contact customer support immediately.

 

Whenever I get such emails, I always try and check the sender's domain. In this case it was “juhog.com”. The question I ask is – why would someone from this domain send me an email. The red herring's in this case were:

1. The registrar of my domain about which the warning was being given had nothing remotely to do with JUHOG.

2. The domain was good for another few years.

The email was clearly a phishing email, fit for being ignored.

I however did a few things to reconfirm my suspicions. 

I typed juhog.com on my browser. Sure enough there is no website with that name – a good enough indicator that the email and the sender both are bogus.

I then clicked on the Renew Link 

phishing email

Since I am protected by a good anti virus, I got the following message on my browser

Norton Dangerous Website Warning 

If you receive emails from unknown senders:

1. DO NOT click on links. DEFINITELY NOT if you are not protected by a good anti-virus

2.  Ignore such email Better delete them.

Louis Vuitton Bags: Email With Dangerous Links

Louis Vuitton Bags: Email With Dangerous Links

Sep 5, 2022 | Emails with dangerous links

At different points in time, I receive suspicious emails selling Louis Vuitton bags. One such email is given below:

Email selling Louis Vuitton bags

From: Louis Vuitton <lnmjrwlik@gbphni.ru>
Sent: 08 September 2022 14:14
To: sanjiv <xyz@xyz.com>
Subject: Louis Vuitton Bags Up To 90% Off! Top Quality Low Cost! Shop Online Now!</xyz@xyz.com></lnmjrwlik@gbphni.ru>

Louis Vuitton Bags Up To 90% Off!
Top Quality Low Cost!
Shop Online Now!
www.88offbags.com

The funny thing is that when I click on the links, the browser does not display a website, but an error message as below:

Louis Vuitton bags

[the_ad_group id=”45″]

Another Louis Vuitton email that I received is shown below:

From: Louis Vuitton <6s3i@grpofm.ru>
Sent: Tuesday, January 3, 2023 12:21 AM
To: sanjiv <xyz@xyz.com>
Subject: [New Year Sales] Louis Vuitton Bags Up To 88% Off! Shop Online Now!

Louis Vuitton Bags Up To 88% Off!

Shop Online Now!

www.90off-sales.com

In this case too the result was the same. It did not display any website. I wonder why the sender is wasting his time and bandwidth. Unless, he gets a confirmation that the email to whcih he has the bogus mail is valid. And then he will unleash more dangerous emails.

Moral of the story?

Do not open such emails.

And even if you do, DO NOT click on the links.

Email Quarantine Phishing Message

Email Quarantine Phishing Message

Jul 18, 2022 | Emails with dangerous links, Phishing Email

Email quarantine phishing messages contain dangerous links. While talking about phishing , in one of the earlier articles – Fraudulent Email Selling Viagra – we mentioned that many a times you get a suspicious email with dangerous links. The intention of the fake email sender is to get you to click the link in the email

The end objective of this phishing email could be one or more of the following:

1. Solicit your personal information which could endanger your financial security

2. Infect your computer / device with malware for later gains for the scammer.

3. Take over your email or computer to spread malware

Email Quarantine phishing is an example of the phishing email with the objective to get access to your email account. Such an email stating “You have quarantined messages” is given below

Email Quarantine message

This email is purportedly sent from my email server. The email quarantine phishing message sender has cleverly tried to use the images of email servers such as Horde and Roundcube.

In the image above I have marked 3 locations where the person initiating the phishing attack has tried to convince the email recipient about the genuineness of the email

1. My email server domain name is mentioned – as if the email is originating from my own email server. This is a classic email quarantine phishing message. The from email domain however gives away the game. The from email domain is mail-notification.com. More about it a little later (in another article)

2. The email is addressed to me. My correct email address is used. As if the message sender knows my account.

3. Again my email address is used for attention.

The fact that the email is originating from a domain which is not my domain name, made me suspicious.

This suspicion is reinforced when I review the link that the Call to Action – REVIEW – directs to.

email quarantine phishing

Safe browsing extensions are the saviors against Phishing attacks

As you can see, the call to action button – REVIEW – directs to a domain authsvssecure.com. This is different from both my own domain and the domain from where the email has been sent. This is clearly a phishing attack. Ideally one must not click such a link. However, since I was confident that I am protected by an anti-virus, I clicked on the link and as predicted, the Norton safe browsing extension on my system gave me the following warning:

deceptive site ahead

Always browse with protection

It is important that you have the following on your computing and mobile devices:

1. A good anti-virus

2. Safe browsing extension in the browser

There are online predators that we must all be wary of and we must be on guard against them, always.

Viagra Spam Email

Viagra Spam Email

Jul 8, 2022 | Emails with dangerous links

To exploit the sexual fantasies of people viagra spam email is flooding email boxes around the world. These emails always contain dangerous links in their body or accompanying images. These fraudulent emails are quite obviously scams and should not be opened if possible. However, if you are using an email client such as outlook, it is possible that you may see the email in the viewing window! Example of such a fraudulent viagra cialis email spam is given below:

viagra spam email

 

And definitely links in this kind of viagra spam email are not to be clicked under any circumstance.

You can build a strong wall that will protect your health

(what a deceptive subject line!)

viagra cialis email spam

Safe browsing extensions are the saviors against viagra spam emails

However, if you do click accidentally or intentionally such a viagra phishing email and if you are protected with an antivirus you could still manage to remain safe. In the above example, when I clicked the link , I received the following warning:

safe browser warning
The good news is that these days this particular link is broken – perhaps the website no longer exists. That of course does not mean that viagra spam emails will cease to be a menace. They would still be coming to our email boxes linking other dangerous websites.

Always browse with protection

It is important that you have the following on your computing and mobile devices:

1. A good antivirus

2. Safe browsing extension in the browser

It is equally important that:

1. You do not open emails that come from unknown senders. Definitely not such viagra spam emails.

2. Even if you open such a viagra cialis email spam, be wary of the links and attachments within such unsolicited emails. Try not to click on the links in such emails.

3. And even if you feel adventurous and do click on the links in the viagra spam email, ensure that your browser has safe browsing extension activated. And if you do get a warning that the website that you are being taken to is dangerous, DO NOT PROCEED. The fraudulent email sender wants you to do just that. You will end up downloading malware. The damage that it will cause is not worth any good that  viagra may do.

There are online predators that we must all be wary of and we must be on guard against them, always.