That Email Promising You a Yeti Cooler was a Phishing Email.

If you use Gmail or any of Google’s email services, odds are that you’ve received at least one, and perhaps several, messages promising a Yeti cooler from Dick’s Sporting Goods. 

The pitch is fairly straightforward, if not completely unlikely: the sporting goods chain offers you a $325 cooler in exchange for filling out a survey. What’s less obvious is that it’s actually a fairly sophisticated phishing message that’s been able to bypass Gmail’s built-in spam filters.

Circumventing the spam filters from a tech giant like Google is no mean feat; Gmail is one of the company’s crown jewels, offering easy and secure access to email on a massive scale, typically for free. The senders of the email discovered a glitch in how Gmail’s servers interpret incoming messages and exploited it by way of what’s called HTTP response splitting through compromised Outlook accounts.

While the underlying technology of the Yeti cooler spam may be sophisticated, the message itself was not. Any email message offering high-priced goods for a minimum of effort can and should be designated as malicious and potentially dangerous for both your devices and your data. The next message that manages to make its way to your inbox may be more clever. 

Case in point: The recent massive increase in callback phishing scams, where phony invoices are generated and sent to targets with a phone number to call to dispute the charges. Once a target calls, they’re led through an elaborate scam to steal their data, payment information and more. While there are multiple variants of this scam, Geek Squad and other tech support services are among the most commonly imitated. 

To that end, keep the following in mind:

  • If an offer seems too good to be true, it’s a scam: We all like to feel like our opinions matter, but a $325 gift in exchange for yours isn’t going to happen any time soon. Ditto for AirPods, iPads, Nintendo Switches, etc.

  • Always check the from: field in incoming email messages: If a message claims to be coming from Dick’s Sporting Goods, but the sender email address is kazakhstanfootballman@fdlkjf.kh, it’s a scam message.

  • When in doubt, go to the sender’s website: Hackers can create sophisticated websites and emails that clone major retailers and trusted brands. If an offer or a message intrigues you, go directly to the sender’s website rather than clicking on incoming email links.

  • Don’t think your email provider’s security is infallible: It’s easy to be lulled into a false sense of security by the services provided by the Googles, Facebooks and Apples of the world. Your IT provider, Nodal included, can offer significantly more secure options and solutions to detect incoming phishing attacks, malware and other forms of cybercrime before they ever appear in your inbox.

Worried about phishing emails wrecking your holiday season? Nodal can help with a suite of advanced phishing detection tools that can provide security and peace of mind. Contact us today!