< Back to list

What are examples of Phishing Emails?

Three types of phishing devices are most commonly used: suspicious links in phishing emails, attachments in phishing emails and fake messages. See more information below.

1. Phishing emails – Suspicious links

As the email type implies, suspicious links are inserted into these kinds of emails and recipients are required to click on and visit the links and then input their account information to view orders or samples.

Sometimes these emails will request recipients to download attachments, so it is important that any virus detection is achieved before opening and checking the attachments.

Example 1:

1.png 

 

Example 2:

1.png

 

Next are 2 examples of seemingly ‘normal’ phishing pages – they always ask for account IDs and passwords:

屏幕快照 2015-09-06 下午5.51.41.png

 

屏幕快照 2015-09-06 下午5.52.06.png

Tip: When you received those links attached in the email, you are suggested to input wrong account ID when opening it. If it failed to identify the account name or/and the password was/were wrong, it definitely was a phishing site.  Click to learn more typical phishing sites.

 

2. Phishing emails - Attachments

Normal attachments mainly have these formats: Html, Exe/Scr, Doc Excel, PDF, Zip/Rar.

Among these file types, Exe/Scr documents are most likely considered high risk. We recommend only opening after scanning with anti-virus software.

1. Html ( Web page attachments)

Phishing links are often hidden behind html web page attachments. So, it is strongly suggested that you do not open html page attachments without considering the risks.

1.png 

2. Doc, Excel, PDF Files

Although, these 3 types of attached files usually carry a lower level of risk, they are all capable of carryingmacro viruses. There are still risks in opening these types of files and running the macro orders without first screening them with anti-virus software.

 

Moreover, be aware that even though the attachment itself may pass a virus scan, the phishing links may actually be hidden in the content, so please also be aware of this possibility. 

1.png

3. Zip/Rar Attachments

Zip file attachments or “aggregation” files are often used to carry macro viruses and phishing links. Many email services will automatically treat these attachments as high-risk. 

1.png


3. Fake Messages 

Fake messages are the most difficult kind of phishing emails to handle because recipients have trouble distinguishing fake messages from authentic messages. Those emails also often easily pass standard international email security measures. It is generally understood that there are almost one hundred million fake messages generated on the internet, each day.


1.   How fake messages are generated

All emails are sent through a sending server, so when spammers establish their own illegal server, this becomes a generator of fake messages. This is exactly the same for the illegal factories which produce those fake “brand products”.

Spammers can edit the sender information of any emails they generate in their own server: 

Often recipients say the sender email address is correct and that the suspicious emails are from Alibaba Group. Actually the email address is added afterwards and closely resembles our service email addresses.

1.png


2.   Why it’s so hard to deal with the fake messages:

A. First, there are flaws in the way the internet naturally operates. Spammers have the ability to establish servers of their own, and these servers are hard to track.

B. A lot of members use their company email boxes on a daily basis, but these cannot use the DMARC* protocol to stop fake messages from being delivered. While Outlook, Gmail and other large email service providers use the DMARC protocol, one problem is that these email addresses can easily be imitated.

*DMARC protocol: E-email security protocol rolled out after 15 Industry giants joined forces. They include PayPal, Google, Microsoft, Yahoo, ReturnPath, and more.


3.   How to prevent fake messages:

A.     Try to use DMARC protocol to filter the out any fake Alibaba.com emails

B.     Try your best to always immediately your messages in the Message Center. Normally, only real messages will be in your account and are related to notifications you receive.

C.     Manually checks is the most efficient and accurate way to identify fake emails.

 

Checking for the real sender’s email address

 Many fake messages are constructed through the forging of Alibaba.com sender email addresses, but sometimes these emails leave clues.

  

You can see from the following example that the real sender email address is actually listed behind the Alibaba.com email address.

1.png

 

Other tips:

Sometimes you can only view the Sender in incoming emails and the real email address may be hidden. To check the full address, place your mouse on the sender’s name, and the real sender’s email address should be shown.

1.png

 

Usually, Alibaba.com will never use personal email addresses when contacting our members.

 

  

 

Judging from the links contained in emails

 

As mentioned above, the objective of fake messages is always about how to obtain members’ account information, so the link checking is a very direct and useful way to verify emails.

 

For example, when we put the mouse cursor on the suspicious buttons or links, the whole URL data will show up accordingly. In the screenshot below we can see the domain is mamkerman.ir instead of alibaba.com. Now we know it is a phishing email. By the way, please also be aware we have another domain, which is aliexpress.com.

1.png  

 

When an “Alibaba” email comes in containing an unreadable code, or if it contains unknown attachments, then you can also treat this as a suspicious email as well. Please sign in to the account to check the emails in your Message Center, or you can contact our service team for more assistance.

 

Unreadable or “messy” codes:

1.png  

 

Unknown attachments:

1.png  

 

What can I do if I was a victim of phishing? Click to learn more

 

 

 

 

 

 

 

Is this information useful?

yes
no
Thank you for your feedback!