Since real offers for discounts are extended by large companies frequently, when an email like the one shown below is received, a great temptation exists to, at a minimum, check it out. Fortunately, I noted things about the offer that made me suspicious.
Examine the following email. It is missing graphics expected in an advertisement from a company as big as CVS but it is identified as an offer. When most of us think we are going to get something for nothing, we stop being suspicious and become more interested in collecting. The areas are shown in red. If you click on either link, you will get a virus.
To be absolutely certain that I was correct about this being a phishing email, I went to the “real” CVS site and searched for “Bonus No. 4983947” and the results of the search is shown here:
As you can clearly see, there was no offer at the “real” CVS as the email promised so the email I received was definitely an attempt at gaining access to my computer.
Good antivirus software protection would prevent our being able to access “bad” pages like the one being discussed even when we try. Of course, no antivirus program is perfect. They protect us by blocking access to the sites.
The best way to protect yourself is to simply use your head. In addition to graphics not being as expected from a large company like CVS, what else about the email provides “alarms”. Look at the “From” segment which reads “From: CVS~Bonus [mailto:CVS_Bonus@lameweb.review]”. I would have expected that segment to read @CVS.com or something similar but one could conclude, accurately in some situations, that CVS simply hired a Marketing company to send the email. Next, look at the “unsubscribe” segment which looks like:
*****Dismiss this solicitation at###– http://checkit.pointsgiftbased.date/left
First, the wording just doesn’t look right. Something like “unsubscribe” was expected.
Finally, look at the address information provided:
*****2218 Suspendisse Ave***Hamme-Mille***Belgium***7239
The sender of this phishing email apparently either was hurriedly sending the emails and forgot to change the address to something in the United States or thought it wouldn’t be noticed. The very fact that any country outside the U.S. is referenced anywhere in the email should create concern.
We have seen hundreds of these emails over the last week or two. They are coming from Walgreens, Costco, Marriott, CVS, Walmart, Amazon, and other widely recognized companies. We are getting calls from customers who get the viruses associated with clicking on the links. If you receive one of these emails, please do not click on the links. If you think you are already infected with a virus, please give us a call: 281-554-5500.
In summary, be sure you have a good antivirus which was properly installed and is up to date and just read all emails advertising something free or a huge discount with suspicion to help keep your computer free of infections. There are situations where simply opening the email is adequate for receiving an infection. Your best bet is to delete without opening.
Read more about Phishing Emails and other types of viruses and malware on our site here: Viruses and Malware
Ron Jones, Owner