Update Your Account Information – AOL Phishing Example

This piece of spam is interesting, if only because of its rarity. These days we see very little email from the aol.com domain and a lot of that is spam. The formerly ubiquitous Internet gateway has all but disappeared.

AOL may have fallen on hard times lately but that’s not stopping some enterprising phisher from trying to compromise AOL accounts. If you are one of the few remaining AOL users you’ll want to watch out for this scam . . .

Subject: Update Your Account Information

From: Service AOL <Service@AOL.com>

AOL Phishing ExampleThe most outstanding characteristic of this phishing example is the hacked together feel of the HTML. We’ve pointed out previously that one of the telltale features of phishing emails is the lack of sophistication in both the HTML coding and graphic design.

This example uses recognizable elements of AOL’s design lexicon (the logo and the yellow man icon) but in a fairly sloppy way. The part on the left looks like it was chopped out of some other layout, probably a web page, and not really designed to fit this email. The bold, underlined text at the top that says “Dear AOL Member” doesn’t look like the work of a competent web designer and the subsequent text

It has come to our attention that your AOL Billing Information records are out of date. That requires you to verify the Billing Information. Failure to verify your records will result in account suspension.

k the link below and enter your login information on the following page to confirm your Billing Information records..

Thank You

uses the “Comic Sans” font. We don’t have any legitimate AOL messages to compare this to but we’re pretty sure they wouldn’t do this unless they’ve devolved to the point where they’re hiring relatives to do web design.

None of the above proves this message is fake but the “Click here to verify your account” link is pretty conclusive. Checking the link reveals that it actually links to the following URL:

http://www.milapfest.com/templates/ja_purity/AOL/index.html

Don’t be fooled by the directory name /AOL/ waaaay over to the right in the URL. This link will take you to www.milapfest.com not aol.com. We clicked the link and it took us to a fairly mediocre fake web site. (You can copy the link above if you want to see it. Our AV software didn’t find anything wrong with looking at the page. Nevertheless, if you do check out the page you’re on your own. We’re not promising there’s no malware there.)

All in all, this is a fairly mundane phishing attempt. What sets it apart is that it targets AOL. We’re still trying to figure out why anyone would want to compromise an AOL account at this stage of the game. Come to think of it, we probably won’t get any hits on this post either.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , ,

One Response to “Update Your Account Information – AOL Phishing Example”

  1. i dont know what has happened to aol it has become a cpmpletely differnt site to the aol i joined in 2002