As part of my usual updates and sharing of Phishing emails I receive in my junk folder in addition to my previous entry on phishing. Here is an interesting new find I got recently, so as claimed by Singnet themselves.
This email is smart by using your email’s domain and top level domain (usually in the format domain.tld) and verifies it with a list of valid ISPs before replacing all references to “itself” as singnet.com.sg (in my particular case) and send them to you formatted and “personalised”. Kinda neat, but should seriously do better in the design section or at least know the ISP customer contact protocol, and even corporate colours which Singtel uses very strongly in all emails they send. This one made it’s way automatically into my outlook junkmail folder, though I kinda fished it out for dissection while going through for any legitimate emails in the junk folder before emptying it everytime. This one is worth noting however.
Similar with most phishing emails, this one has it’s sender email masked as firstname.lastname@example.org, which bares no relation to your ISP so it will be already a big giveaway, let be the email masquerading as one from Singnet, M1 or even Starhub, they can actually fool more users if they were to replace their formatted name as the name of ISP, but with all fake emails, there will usually one or two little differences which any veteran will recognize in an instant anytime.
Since this one is targetted at Singapore users, you should take note of this email to date and be vigilant on it, especially inexperienced or new users on the internet.
Remember Singnet or any ISP, let be online banking services, given DBS, UOB, Paypal etc will NEVER ask you for your Userid and password through email at all, no matter how real or true the email will claim to be.