Thursday, May 13, 2010

Alert: Account has been limited - Gumtree Australia

Tonight I received an email purporting to be from Gumtree Australia. I believe this is a phishing attempt as I don't have an account with Gumtree Australia and have never used their service. The following is the body of the email.

Dear Gumtree.com.au Member,

Your online has expired. If you want to continue using our service you have to renew your online

https://secure.gumtree.com.au/sydney/SingIn.php

• Copyright © 2005-2010 Kijiji International Limited.

I decided to investigate further. The link took me to a site and a sub folder http://www.ascetruckeemeadows.org/gumtree/

Checking the site www.ascetruckeemeadows.org showed it had nothing to do with Gumtree.

This appears to be an example of where the site has been hacked and the hacker has placed a sub folder on the site which provides a fake login screen. The fake login screen is designed to obtain a person's Gumtree's sign in details including their emails address/nickname and password.

For those businesses with a site it is important to regularly check your logs for suspicious activity. Hacking of sites is extremely common.

If you receive emails I've found one of the quickest ways to confirm the email is a phishing attempt is to check the link. In Outlook you simply hover your mouse over the link text and the address will be shown. Many free email services don't provide this feature and it is easy for people to be tricked when they can see the address information.

It is a good idea not to click on links in an email. Go to the site you use and enter your details in the site.

You should immediately delete these emails.

- Kelvin Eldridge

No comments:

Post a Comment