Well, I guess it was just a matter of time, but today I got my first phishing scam disguised as a Yahoo! Search Marketing customer email:
Very clever, oh devious ones! What are some of the tell-tale signs that this message is NOT from Yahoo!? Here’s what to check for:
- No “To” Address. Always be suspicious if you do not see your email address or name in the “To” field of an email header. Yahoo! Search Marketing obviously has your email address on file if you are an advertiser.
- Title Doesn’t Match the Copy. The headline of this email tells me to renew my account, but the body of the email discusses signing up for SMS account alerts that will come to my mobile phone.
- Link is not to Yahoo.com. Always a dead giveaway of phishing scams, rolling over the “Click here to activate ‘instant sms alert’.” link shows that the destination link is http://nanoyahoo.tkqlhcip.com, not yahoo.com.
- Doesn’t Address Me by Name or by “Advertiser”. Every email I’ve ever received from Yahoo! Search Marketing has addressed me generically as “advertiser”, but never “member”. Yahoo! is not a membership program.
- Incorrect Yahoo! Branding in the “From” Address. You will NEVER catch Yahoo! referring to itself as Yahoo (without the exclamation point). That is incorrect branding.
There are many other generic, common phishing tactics that may appear in similar emails you may receive supposedly from Yahoo! Search Marketing. Luckily, we’re all too smart to fall for these phishing tactics! Search marketers, keep an eye out for these phisihing emails. Take that, bad guys!