Scores of Neteller customers received an e-mail this weekend warning them that their accounts would be closed if they did not provide some pertinent account information before the end of the month. That e-mail was a fake. It is what is known as a phishing scam, an attempt to acquire customers’ personally sensitive information and use that to do things such as drain their accounts of money or steal their identities.
If you received this e-mail, do not do anything it says.
The e-mail is simple and looks very real, right down to the quality graphics and even Neteller’s Facebook and Twitter links. The text is as follows:
Dear [e-mail address]
We would like to inform you that your account is pending closure for failing to accept the new NeteIIer Account Terms of Use and the Privacy Policy until the 31th of January, 2014.
This is your last and final warning. To avoid account closure, please follow the link below and confirm your personal information. Failing to do so until the 31th of January, 2014 will be considered a denial of our terms and conditions and your account will be permanently closed.
The link provided directs people to a site that looks like the real Neteller site, where it requires one to enter their Neteller account information and credit card details. This information, of course, will not go to Neteller, but some criminals somewhere who will then use it for their own benefit, to the detriment of the victim.
While this is one of more convincing phishing e-mails you will see, there is one big clue that points to it being a scam. The e-mail address of sender is “department@neteeler.net,” rather than “neteller.com.” So, not only is it spelled incorrectly, it has the wrong extension. Though it seems obvious, many people might either not think to look at this or skim it so quickly that it looks correct.
This is a good time to point out a few things that often reveal e-mails as phishing scams:
1) Sender’s address is strange or otherwise does not match the company’s typical convention – in this case, the “neteller” domain was spelled incorrectly. Additionally, “department” is an odd local part for an e-mail address; it is way too vague. Often, the sender’s address will be a string of garbage characters or something that doesn’t look like it could possibly really be from the company.
2) Horrible spelling, grammar, and capitalization. This specific e-mail was very well written for a phishing scam aside from the instances of “31th.” Many appear to be written by someone who has just recently learned English, and probably are. An official corporate e-mail will never look like it was written by Google Translate.
3) Threatening tone – most good companies are not going to threaten to do something bad to your account if you don’t click on a link THIS INSTANT. While not every e-mail will necessarily contain good news, it will not be hostile. In the Neteller phishing e-mail, “This is your last and final warning,” and “your account will be permanently closed” are pretty solid indicators of a scam.
4) Mystery link – if you hover your mouse pointer over the link the e-mail instructs you to click (without clicking), you will be able to see the URL its destination web page on the bottom of the screen. If it is not a simple, direct web address for the company in question, it is likely a scam. It will often be some really long URL with dozens of random characters and frequently end in another country’s top-level domain, such as .jp or .ru, instead of .com (or whatever the company actually uses).
5) Greeting is impersonal – you’ll notice that this phishing e-mail greeted the recipient not by name, but by e-mail address. The real company will have your name and greet you with it.
Additionally, and I didn’t want to include this in the above list because it is not necessarily always the case, but companies will not usually ask you to click a link to access your account. There may be links elsewhere in a legitimate e-mail to non-account login pages, but rarely to pages where you would need to enter your account info. And if there is a link like that combined with a threat to close your account, confiscate your funds, or the like, it is almost a guaranteed phishing attempt.
The bottom line is this: if you receive an unsolicited e-mail asking you to click a link and enter login, financial, or personal information, do not do it. If you are not sure if it is real, simply close the e-mail, open up a new browser tab, and navigate directly to the company’s website by typing the URL yourself (in this case, go straight to neteller.com like you normally would). If you are still not sure, just call the company and ask if they sent the e-mail.
Neteller is aware of the phishing scam and is trying to get the site taken down. It has not posted a message on its website to warn customers.