Phishing warning: ALL-INKL webmail email is not genuine

Warning of all-inclusive phishing mail

It's been a while since I issued the last phishing alert. That in itself is a good sign, because the hosters are more and more eager to filter these mails from the server before they are even delivered to the reader.

Here is an overview of my last phishing attempts:

Fraudulent emails do not come from All-Inkl.com!

Nevertheless, a few of these malicious e-mail copies keep coming through and popping up in my mailbox. Currently a mail that supposedly from the hosting provider All-Inkl.com should come.

Of course sent All-Inkl.com not such emails. In the many years that I've been a customer there, I haven't even received an email relating to the webmail service.

And when emails came that came from the provider, they never had this red header.

Instead of "reactivate now", it is better to read "be cheated now" down there, because the mail supposedly coming from all-inclusive is not from this provider at all.

Instead of "reactivate now", it is better to read "be cheated now" down there, because the mail that supposedly comes from all-inclusive is not from this provider at all.

How to recognize the "bad email"

There are a few unmistakable signs that point to the maliciousness of the mail. I would like to briefly present these to you so that you are prepared in the future and can recognize such fraudulent e-mails yourself:

The first thing I check is the URL that is behind the appropriate links. To do this, move the mouse pointer over the link on the Mac and wait a short time. After a second or two, Apple Mail will now show you the URL that would be visited if you clicked on the link.

In this case you can see that not there all-inkl.com as a domain (the part before the first slash in the URL), but "afoialexiou.gr". The fraudsters have created subdomains so that "all-inkl.com" and "kasserver" appear in the URL, but the correct domain is "afoialexiou.gr" and the top-level domain is ".gr" for Greece.

In a nutshell: The domain does NOT belong to "all-inkl.com", instead the scammers' website is called up (presumably via various redirects).

If you hold the mouse over the link, the real URL that is linked is displayed. In this case "all-inkl.com" appears in it, but the top-level domain in front of the slash is "afoialexiou.gr", which is any Greek domain and does not guarantee all-inkl.com.

If you hold the mouse over the link, the real URL that is linked is displayed. In this case "all-inkl.com" appears in it, but the domain in front of the slash is "afoialexiou.gr", which means any Greek domain and does not guarantee all-inkl.com.

2. No personal address, no customer number

In all the mails that I am All-Inkl.com my name and customer number are included. In this case, there is only my e-mail address, but I don't even use this for All-inkl.com. So I can be relatively sure that the email did not come from the provider, but from someone who only scoured public data on my website.

3. Sender's email address without @ all-inkl.com

If All-inkl should actually write you an email, then the domain on which the sender address is registered is almost certainly "all-inkl.com". For example support@all-inkl.com, but not the nonsense that is mentioned in the mail as the sender and reply-to address.

If you click on the mail address with the right mouse button, you will be shown which mail address is behind the name of the sender.

If you click on the mail address with the right mouse button, you will be shown which mail address is behind the name of the sender.

What are phishing mails?

In this post has already been explained in more detail what these emails are, why they are called "phishing emails" and how they can be recognized.

Nevertheless, at this point the brief information about what the makers of these mails want to achieve: Basically, it is about stealing your access data to a portal or a service.

The scammers pretend to be a company that you know with fake emails and websites and then ask you to enter your login details on the website. These are then of course stored and later the fraudsters can log into your account with the data and do further nonsense.

At the end of the campaign it usually says that the fraudsters get money. Whether you trick this through in-app purchases or transfer directly from your PayPal account to yourself is of secondary importance.

-
Do you like my blog? Then I would be happy to receive a short review on Google. Easy leave something here for a moment - that would be great, thank you!

 

Effectively for free: iPhone 13 Mini and iPhone 13 deals with top conditions at Otelo - Advertisement

Leave a Comment

Your e-mail address will not be published. Required fields are marked with * .