How to identify a phishing email

Written on 15 August, 2016 by Diana Le
Categories: General Wholesale | Tags: security

Protecting your personal information

Unfortunately, when you register a domain name it is common to start receiving unsolicited emails and phone calls. This is because the personal details you are required to submit during the registration process, along with other domain information such as details of nameservers, domain registration and renewal dates, become a matter of public record on the WHOIS database – unless you make the decision to purchase privacy protection. While submitting your personal details is a regulatory requirement, you have the right to protect your information by opting for a domain privacy solution.

Failing to protect your domain information also exposes you to the risk of third parties gaining FTP access to your TLD zone files. This is known as the TLD Zone File Access Program provided by many TLD registries such as Verisign. Many third party providers subscribe to this program for the purpose of aggregating and re-selling the data. When used in conjunction with the information available on the WHOIS database, it allows spammers to target new domain registrants. AusRegistry, however, is an exception to this program, which is why you will not often see these kind of scams for .au domains.  

What are phishing emails?

Phishing or spoof emails attempt to trick you into clicking on links which will redirect you to a website and ask you to confirm or update personal information such as credit card details, account numbers, or other information the scam company may already have.

Receiving phishing emails is common, particularly if your domain registration email is public – but this is not the only channel through which these companies can source your contact details, so even with domain privacy enabled, you should still exercise caution when responding to emails online.

Example of phishing email

It is crucial to be able to identify a genuine email from TPP Wholesale. Here is an example of what a phishing email purporting to be from TPP Wholesale might look like:

Phishing Example

Why is this email suspicious?

  • The From address is not from TPP Wholesale
  • There is no TPP Wholesale logo
  • The design is not typical of TPP Wholesale’s
  • The image is distorted

Example of genuine email

Note that TPP Wholesale has multiple email designs which are not limited to the below.

Genuine Example

How do I know if this email is genuine?

  • The From email is legitimate
  • The phone number is correct
  • The logo is legitimate
  • The design is legitimate  

The main points to look out for when identifying a phishing email:

  • Ensure the logo is the official logo/s – you can check the legitimacy on the main website or previous emails
  • Ensure grammar and spelling is correct
  • Ensure the emails are correct
  • Take note of the resolution of the images – some participants may re-use company logos without consent to replicate their emails
  • Check phone numbers
  • TPP Wholesale will never ask for credit card or banking details via email communication