Insidious phish preys on your fears of being hacked

The phishers have a new trick–they send you an email purporting to be from iTunes or Amazon that tells you someone hacked your account and bought something. ‘Just click here and reset your password’. I got one the other day–it looked like this:

Screen shot of Apple Phishing message

Hovering over the iTunes link reveals eurekaequestrian.com, not ‘apple.com’. Apparently Amazon has been having the same problem. Here’s a page from Amazon explaining that they don’t send that kind of email:

http://www.amazon.com/gp/help/customer/display.html?nodeId=15835501

So, in short, it’s really important to read url’s, both the obvious ones (many of us got one today that was ‘wayneedu.zyro.com’) and the ones that only appear when you hover over them. When in doubt, hover. And when in doubt, don’t click.