UN Sends Letter as Image File – Phishing Example

People attach all kinds of files to their email: pictures of new babies, kids, dogs, cars and whatever; pdfs of contracts, estimates, requests for quotes and other business correspondence; spreadsheets, Word documents, PowerPoint presentations, blueprints, advertising layouts and various other files. What they don’t do is write letters and then send them as image files.

With the exception of the occasional (really lame) newsletter or direct marketing campaign, spam is the only place we see messages that have no text in the body and a normally formatted letter or ad layout in an image attachment.

Therefore, we think it’s safe to say that the following letter is not from the United Nations:


From: united nations <nu03@att.net>

To: undisclosed recipients: ;

UN Phishing ExampleThis message has plenty of email fraud indicators that could be used to identify it as a scam. Even if it was sent as text or HTML the following would mark it as fraud:

  • The from address: united nations <nu03@att.net> – United Nations is not capitalized and why would the UN use an address at att.net, much less the name “nu03”?
  • “Dear Beneficiary” is a frequent phishing salutation.
  • The mention of a large sum of money “US$500,000.00” – We do have to give them credit for getting the comma and the decimal point in the right places (assuming they meant half a million, that is).
  • The request for information in the last paragraph.
  • The South African phone number: + (27) 83 751 9074

There’s lots more but what we mainly wanted to point out the image attachment trick. This is one of those things that help to get the message past some spam filters while at the same time making it very easy for a human to identify. So, even if something like this does slip past your spam filter you can be quite comfortable deleting it on the grounds that nobody sends letters as image files.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: ,

Comments are closed.