Cyber Crime Alert – Mailchimp Phishing Emails

by | 16 Oct, 2018 | Latest News

Sadly, phishing is on the rise and below we have highlighted a phishing attempt which almost caught us out.

We are finding more and more impressive [ugh] phishing emails passing through the internet which at first glance look completely legitimate but on closer inspection are actually legitimate fakes. These types of emails are often referred to as “Phishing” or “Spear Phishing” emails whereby the cyber criminals are attempting to steal your login information with the purpose of accessing your other accounts such as email, bank accounts, netflix and gmail amongst others.

Here is an example below of a latest phishing email doing the rounds purporting to be from mailchimp, a very well known email services provider.

If you have a mailchimp account BE VERY WARY OF EMAILS which are asking your to “urgently” login.

At first glance the phishing emails looked legitimate because the cyber criminals have registered a convincing looking domain name called: login-mailchimp.com (which is fake because the real domain is login.mailchimp.com) but looking closer at the email in more detail we can clearly see that this is an attempt for cyber criminals to try and get your mailchimp login details:

  1. The email was sent from a non mailchimp account.
  2. The subject line looks convincing and attention grabbing.
  3. The body of the email again is attention grabbing, trying to prompt you to take action.
  4. The criminals have used an email address we do not even use for mailchimp.
  5. The links in the emails are linking to the fake login page.
  6. The links in the footer of the email are not even clickable.

A further look at the fake login page page shows the lengths the cyber criminals will go to to try and steal your login information.

  1. The domain name where the fake login page is hosted.
  2. The page even has an SSL certificate in an attempt for you to “trust” the page.
  3. The whole login page is a perfect replica of the mailchimp login page.

As you can see this is a very convincing phishing attempt and even here at JUCRA Digital we had to look twice because the email looked so convincing.

Our advice on avoiding phishing scams by cyber criminals who are attempting to steal your login details:

 

  1. Apply to the logic of: “If it’s too good to be true, it usually is“. The email above is proof that you cannot trust emails from the outside world 100%.
  2. Be VIGILANT of ANY emails especially those that are asking you to login somewhere and are displaying a sense of urgency. Most likelihood it’s a phishing email.
  3. DON’T use the same password twice. Cyber criminals use these types of phishing attempts to get a “baseline” of login data to see which passwords you use. They then test those passwords against hundreds of other sites you might be a member of. For example, Netflix, Bank accounts, Gmail, Microsoft, Apple Store, hosting or anywhere they think you might have a login.
  4. Use complicated hard to guess passwords which contain a mixture of characters, numbers and letters, lowercase and uppercase. Also make sure the password is at least 8 characters in length.
  5. Use TWO FACTOR AUTHENTICATION where you can. This is something for more advanced users but essentially even if the cyber criminal has your username and password, they need a physical device to be able to login fully.
  6. Use LOGIN NOTIFICATIONS where possible. As annoying as it might be, if the system supports it and it allows the sending of an email to you every time your account is logged into or changed then you will know right away if your account is compromised.