Are you a phish?

Which of the following links make you nervous about clicking on them?


Hover your mouse cursor over the link above and without clicking on it, look at the bottom left of your browser window. By looking at the bottom of your browser window, you can clearly see where exactly the link goes


Hover your mouse cursor over the link above and without clicking on it, look at the bottom left of your browser window. By looking at the bottom of your browser window, you can clearly see where exactly the link goes. Note that they are trying to get poor spellers who do not know that the “O” in uOttawa has been replaced by a 0 (zero).  Remember criminals will try to take advantage of all your weaknesses, even poor spelling.


This one is hard to tell for sure. It appears to go to a valid site, however in the parameters there is also a suspicious looking name.  You are probably better to be safe than sorry.

Determine which of these letters are valid

Letter 1
Subject: Unusual activity on your account.

Dear Customer,

We recently noticed one or more attempts to log in to your account from a foreign IP address. If you accessed your account while travelling, the unusual login attempts may have been initiated by you.

However, if you did not initiate the logins, please visit Amazon.Inc. as soon as possible to verify your identity.

This is a security measure that will ensure that you are the only person who can access your Amazon account.

Thank you for your patience as we work together to protect your account.

To get started, please click the link below and login to your account:

Best Regards, Inc. Security Center

  1. You should never click on URLs in unsolicited emails.
  2. Note that the URL is to an IP address, which should make you suspicious.
  3. No matter how much they say, “It is for your own good, for your own safety” do not believe them.
Letter 2
Phishing sample header

Membres Accesd /AccesD members

Cher Membres AccesD: Particuliers et Entreprises
Nous avons rcemment pass en revue nos serveurs, et suspectons que votre compte ait pu avoir t consult par un tiers non autoris. La protection de la scurit de votre compte et du reseau Accesd est notre soucis primaire. Par consquent, comme mesure prventive, nous avons temporairement limit l'accs aux dispositifs sensibles de votre compte DESJARDINS. Veuillez vous identifier en suivant ce lien:
Faites la mise jour maintenant / Update your info now

Dear AccesD Members: Personal and Business 
We recently reviewed our server, and suspect that your account may have been accessed by an unauthorized third party. Protecting the security of your account and of the DESJARDINS network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive DESJARDINS account features. Please fill the form on that link to renew your info.

Update your info now

Conjuguer avoirs et tres
Copyright 2005 Mouvement des caisses Desjardins.
Tous droits rservs


  1. Never click on links in unsolicited emails
  2. Banks never send email such as this, only criminals do
  3. Note the quality of the French.
Letter 3

Subject:  Update your email account

Dear Email Account Owner,

This message is from educational messaging center to all our email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all our  email accounts to create more space for new accounts.

To prevent your account from closure you will have to update it,below so that we will know that it's a presently used account.

We have been sending this notice to all our email account owners and this is the last notice/verification exercise.

Email Username : .......... ......
EMAIL Password : .................
Date of Birth  : .................
Territory      : .................
Country        : .................

Warning!!! ( Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account. Protect your privacy. Logout when you are done and completely exit your browser.

Thank you for  account!
Warning Code: VX2G99AAJ
............................................................................ ............................................................................ NOTE: This message is authorize by the email account protector unit.Notification message will be send back to you after verifying your account before account could be reset. All right reserve.

  1. You should never send any account/password information in an email
  2. The University will NEVER ask for a password in an email.
  3. It is only in English. A big clue.
  4. Looking carefully at this, it just does not look right.
Back to top