It is Black Friday! And We are in the Season to be Scammed! A few moments ago (I am typing this as fast as I can) I received the following phishing email:
It's call to action is the claim Dick's (insert jokes here) Sporting Goods decided out of the blue to give me a Yeti cooler if I just click on the "Confirm Now!" link. I usually would spend the time (see the last phishing article I wrote) and look at the email's source to see if it has any interesting teltale signs of phishing. But, this phisher is so lazy he does not deserve a deep dive on the email. So, let me count the ways this is a scam:
- Why would Dick's want to send me a cooler? They do have a store here but I make my point not to go there. So they do not know I exist... unless they bought my name off a list. If that is the case, I feel I should ignore them even more.
- Why is the name in the return address "Dicks SportinGoods" (blue line) instead of "Dicks Sporting Goods"?
- Why is the domain of the return address celimopafeseda (red line)? I could say that I could not find that domain registered anywhere I bothered to look (spent some extra time I really did not need to for this article), but let's be honest: this has nothing to do with dicks.
- If I had spend time and looked at the email's header, I would have seen it was sent through outlook.com. But I will not. I am not saying mailed through Outlook is a telltale of a phishing email but I do not like how the path it took while inside their network is obscured. Still, short post this is.
As a result, I think we can safely label this as phishing and move on.
I am disappointed for the lack of pride this phisher has. Do you think some other phisher will redeem my faith on them or is this the best I can expect this Friday?