Detect and report fraudulent AOL emails

Posted Jun 23rd 2008 12:13PM by Laura Peterson
Filed under: Member Education, Announcements, AOL Desktop

Fraudulent email alert

A valiant AOL Beta tester just alerted me to a fraudulent spam email that appears to come from AOL, but is actually spam. I'm passing on what the email looks like, how to tell that it's fraudulent, and some more information for reporting fraudulent emails that appear to come from AOL.

The sender's address is "update@aol.com" and the subject is "AOL Notification: [ Account Update Needed ]". If you see an email with this sender and subject or any other fraudulent email that appears to be from AOL, forward it to TOSReports@aol.com. Below is a screenshot of the email.

Phishing and how to detect it

Attempting to obtain financial and other sensitive information by pretending to be a trustworthy organization via email is called "phishing". "Phishing" is when a spammer literally tries to "fish" for information by baiting an unsuspecting person with an email that looks reputable at first glance.

The good news is that many phishers leave themselves open to detection by including spelling errors and other dumb mistakes on their emails which valid corporate communications would never include. The trick is to be sensitive to these things so you don't get dragged in, just as you would be alert to a possible pickpocket or con artist on a street.

Case in point: spammers hope that you'll just quickly glance at the email and click on the link they've embedded without a further thought. By adding the blue AOL graphics that make the email look fairly professional, they're trying to distract you so you won't notice all the errors that the email contains.

A good rule of thumb: even if you're sure the email is legitimate, read it carefully before taking ANY action! Additionally, AOL would never threaten to suspend your account if you failed to verify your details. (Your account would only be at risk if you violated the AOL terms of service by failing to pay for your dial-up, or, for example, by using AOL to spam other members. You would in most cases be given an opportunity to immediate rectify the situation via a pop-up linking to an official AOL website.)

Here's that email in question with some tips to show you why it's spam and not a real email from AOL.

  • Look for spelling mistakes -- "Informetion", "Dont", and "Decliend" are all red flags. I've circled those above.
  • Look for bad grammar like those areas underlined above: this could include fragment sentences or improper use of punctuation. ("Must a Valid Credit Card" is such an obvious giveaway, but you could miss it if you were reading quickly.)
  • Check out the embedded link by HOVERING over it with your mouse. (Don't actually click on it!) When you hover over the link, the hidden URL will appear in your mouse tooltip, which I've circled above. This one is definitely spam because the hidden URL contains a Russian domain (the .ru part). Compare this to the URL AOL uses for billing: bill.aol.com.
  • Don't enter credit card information anywhere until you've been asked to validate your identity. This is why you have a unique account security question (e.g. "what is your favorite movie or book?") that you set up as part of your billing details.

    This article from AOL Help contains some additional information on reporting suspicious scam emails.

    Remember: take the time to read all emails thoroughly before clicking any links or taking any action! Report phishing and fraudulent emails to tosreports@aol.com

    Be safe!

    Laura

    ___

    Laura Peterson

    AOL Desktop Team Blog Directory

    •

Reader Comments (Page 1 of 1)

Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br> tags.

New Users

Current Users

Resources

Most Commented Posts

Most Commented On (7 days)

Most Recent Comments

Recent Comments

Blogroll

About The Team

Laura Peterson is a Principal Product Manager in AOL Products and the lead product manager on the AOL Desktop software. She works with AOL Product Development, Product Design, Quality Assurance, AOL Beta, Marketing, and AOL Help to create, talk about, launch, and support the AOL software! She also responds to as much member feedback and questions as she can via email, IM, and, of course, the blog itself. Walking the hallways of AOL since 2003, her previous assignments include work on the AOL 9.0 Optimized toolbar, AOL's voice services products, and other software releases such as 9.0 VR and the first AOL Mail and AIM Gadget.

Doran Butuche is the lead product manager on Desktop Gadgets, those cool mini-applications that live in the Vista Sidebar, where he is responsible for product definition and management.

Summer is a Sr. Manager for AOL Member Communications. While she has no ties directly to the product development team, she has been a contributor to many AOL blogs over the last few years and is excited to bring a non-product team perspective to the Desktop blog.

Subscribe

Subscribe to AOL Desktop Blog News & Updates

Feed by Mail:

© 2008 AOL LLC. All Rights Reserved

Get the behind-the-scenes perspective on Windows Desktop Application development at AOL. Learn about new features, and provide feedback and suggestions to the people who build AOL software.