The Latest in IT Security

American Red Cross spam links to Paypal.com

29
Jun
2012

by Dave Michmerhuizen & Luis Chapetti – Security Researchers


Spammers often take advantage of a wide variety of recognizable brands; Microsoft, UPS, banks, even the FBI. Whenever a large natural disaster strikes, such as the recent Colorado wildfires, spammers diversify and send donation emails using the brands of well known charities. A good example of this type of spam recently came to our attention. This particular email is very convincing looking and even includes links that point to a reputable site – paypal.com.

Redcross Phishing Email

(click for full size image)

Clicking the link in the email does, in fact, take you to a payment form on paypal.com. Unlike most spam, your personal information isn’t being solicited, and your credit card is safe. Ultimately, the question you are left with is: just who are you sending money to?

Paypal landing page

(click for full size image)

Other than a short user-supplied bit of text, there is no indication that Thomas March has any connecttion with the American Red Cross. While paypal.com is a well known legitimate website, that means nothing when it comes to the destination of monies transferred. There is no real guarantee that a ‘donation’ made here will ever reach the Red Cross.

In fact, the American Red Cross does not solicit donations in this manner. Instead, the national headquarters and the regional branches all use their own HTTPS protected web forms for donation, such as this one.

Redcross donation form

(click for full size image)

Indeed, the Colorado chapter of the American Red Cross has their own secure donation page.

This underscores one of our primary pieces of advice when it comes to email security. Never follow links in email. The risk that the link is spoofed is just too great. If there is an organization whose web page you want to visit to do business with, or make a donation, manually enter the domain name in your browser. Because of fraud, spam, and examples like this one, most large web sites will not include links in their emails.

Barracuda Networks customers using the Barracuda Spam & Virus Firewall are protected from these emails.

Leave a reply


Categories

TUESDAY, DECEMBER 10, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments