For all of you out there that would love to win $1M from Publisher’s Clearing House, beware! China is now phishing for your information. I received the following email indicating that I’ve won PCH and I simply need to send them my information.
Congratulation to you, the United States Government in collaboration with the
British government and the World gaming Board have brought to you this great
opportunity as a result of the Publishers Clearing House Lottery held 2011.We
happily inform you that from the Publishers Clearing House Award 2011 held by
United States government in London, Ontario Canada and china, your email
address attach to be the Winning Lucky Number: CACNUK/2011/00892 of the first
set of winners. All email address of winner was announce LIVE in CNN and BBC
All participants who were selected from the World Wide Web of over 1,000,000
email user. So your email is your online ticket that qualifies you for this
draw. You have therefore been approved to claim a total sum of 650,000 USD.
(Six Hundred and Fifty Thousand Dollars), all you need do now is to fill out
the payment verification form and Contact this Email:
(email@example.com) for claims.
PAYMENT VERIFICATION FORM
NOTE: Winner is to keep is winning confidential to avoid fraudulent claim.
Miss. Rose Smith.
Now if you’re a user of Gmail, it gives you the ability to view who the email is going to reply to. Normally you’ll see who the email is from, but this can easily be spoofed. So as I expanded the header to see more details, I see that the email address I would reply to is “firstname.lastname@example.org” and doing a quick lookup on the domain “.cn” reveals it’s a Chinese address.
Based on all I’ve read over the past years, China is working hard to get the worlds information like your personal details as listed above. I’m writing this for a couple different reasons. As most people know nowadays, legitimate companies will not outright ask you for your information like the above has, usually because they already have the information. Why would they ask you for your information if they need it in the first place when you register for their sweepstakes? Secondly, if the reply address is different from the send address that is a little suspect. Third, if you actually read the email sent, I’m sorry but it’s not in English, or at least good English. It more resembles Engrish.
So this an obvious indicator that it’s Spam/a phishing tactic, which has been around for many years. Of course this look like it’s a pretty amateur attempt since they didn’t even attempt to verify the spelling/grammar, let alone use a better ploy. Then again, they’re spamming everyone’s email address so I’m sure there’s going to be some schmuck out there that thinks they’ve really won something valuable. I feel sorry for those people, but what can I do, oh right… I can write an article to better inform people, duh! Oh yeah, and I’ll simply mark the email as spam so I don’t see emails from this address any more.
The morale of the story is, please be careful when you respond to anything like this. Look for the red flags I’ve mentioned above and you’ll be safe. If you use another email program like Outlook, Outlook Express, Windows Mail, there are always ways to check the headers of the email. Just browse through the options of your program to see if you can read the headers to see where the email will go when you reply (aka the reply address). If you ignore what I say, oh well too bad for you.