Only a few days after the ‘Top 10’ fake messages started appearing, there’s a new phishing message arriving – again it looks like an email from CNN and again Outlook’s Junk Email filter doesn’t consistently detect it.
Only a few days after the ‘Top 10‘ fake messages started appearing, there’s a new phishing message arriving – again it looks like an email from CNN and again Outlook’s Junk Email filter doesn’t consistently detect it.
This time the phishers are basing their message on CNN ‘Custom Alert’ service which does exist. The fake messages come from random and false addresses but look like they might really be from CNN.
The interesting trick is that all, bar one or two, of the links in the message point to the real CNN.com site!
Depending on the message either one or both of the story links will point to a phishing site. The other general links all point to parts of the real CNN site (Privacy statement etc).
Using Outlook Rules
If you wish, you can setup an Outlook rule to handle these pesky messages. Use the same technique as with the earlier ‘Top 10’ scam but use the From line ‘CNN Alerts’ instead.
This works for most people but might be a problem if you really do use the CNN Custom Alerts service.
Phishing scams like this usually go away after a few days or weeks because they work mostly by the element of surprise and before junk email filters catch up.
The simplest solution might be to simply delete each message manually until the automatic systems from Microsoft is updated.
How do you know it’s not real?
Some people asked us how we knew these ‘CNN’ messages were fake if Outlook 2003 and 2007 didn’t detect them? There’s quite a few clues some of which depend on the way you use your email, but here’s some examples (in no particular order):
1. I don’t use either the CNN ‘Top 10’ or ‘Custom Alerts’ service so messages supposedly from them are clearly wrong. (I do subscribe to the CNN Alert service).
2. Receiving more than one ‘Custom Alert’ at a time when I’d received none in the past is a dead giveaway of a phishing attack.
3. The ‘Custom Alert’ stories bear no relation to my real interests.
4. Hover the mouse pointer over any link in an email will reveal the true hyperlink underneath (see the image above). Hovering over the story links in the fake message indicates they are not going to the real CNN site.
5. The ‘From’ name in the email looks sincere but the From email address is clearly not from CNN. We’ve deleted it from the sample above but all the recent ‘CNN’ phishing messages use From email addresses that bear no relation to CNN. They look like either fake or farmed person email addresses.
- Catching ATT bogus messages
- Uniform Traffic Ticket
- Avoiding the ‘Google’ mail hack
- Fake HR emails with virus
- Spam filter update for Outlook 2003
- Do you have the latest Junk Email filter?
- Fake Windows update ignored by Outlook’s email defences
- When Outlook doesn’t detect a spam message
- More ‘news’ spam not detected by Outlook
- Outlook isn’t catching ‘CNN.com Daily Top 10’ phishing trap