Interesting Phishing Scam

I recently got an email claiming to be from LogMeIn saying they were charging me $999 for 25 computers for 1 year. They wanted me to check the attached invoice. Since I don't have a LogMeIn account I assumed it was a scam and didn't pay it much attention. There were other issues like not mentioning more information about my supposed account with them.

Then, 2 days later I got a second email from the same source, still looking like LogMeIn, claiming they rejected my credit card and I'd better check the attached invoice document. I thought it very clever to followup the first scam with a second one, so I examined the header information.

As the 1s above show, it seems to come from billing at LogMeIn.com. The 2 above shows the subject that they rejected my credit card. However, if you look at the three 3s above, you notice that in fact it came from someone at rmg.com. Had I opened either of the 2 attachments I probably would have been infected with some virus and sent to a malicious site.

Headers are tough to read, but checking them can sometimes be useful. The secret is to start at the bottom. That shows where it left the sender. Then slowly work your way up to where you received it.

My Intellect Email has a tab as shown above.
In Thunderbird it is an option under the View menu.
Using Gmail, you can see the header information by opening the message, pulling down the reply arrow next to Reply and selecting Show Original

More Resources

Google has a list of how to view the header in lots of online services as well as email clients.

Date: March 2015

This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe Search All Articles Browse by Category Security Internet Mobile Business Hardware Fun		Interesting Phishing Scam I recently got an email claiming to be from LogMeIn saying they were charging me $999 for 25 computers for 1 year. They wanted me to check the attached invoice. Since I don't have a LogMeIn account I assumed it was a scam and didn't pay it much attention. There were other issues like not mentioning more information about my supposed account with them. Then, 2 days later I got a second email from the same source, still looking like LogMeIn, claiming they rejected my credit card and I'd better check the attached invoice document. I thought it very clever to followup the first scam with a second one, so I examined the header information. As the 1s above show, it seems to come from billing at LogMeIn.com. The 2 above shows the subject that they rejected my credit card. However, if you look at the three 3s above, you notice that in fact it came from someone at rmg.com. Had I opened either of the 2 attachments I probably would have been infected with some virus and sent to a malicious site. Headers are tough to read, but checking them can sometimes be useful. The secret is to start at the bottom. That shows where it left the sender. Then slowly work your way up to where you received it. My Intellect Email has a tab as shown above. In Thunderbird it is an option under the View menu. Using Gmail, you can see the header information by opening the message, pulling down the reply arrow next to Reply and selecting Show Original More Resources Google has a list of how to view the header in lots of online services as well as email clients. Date: March 2015 This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.
		I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk