I get those emails that look like they come from my bank asking me to confirm my account details, or even threatening to suspend my account if I do not click this link NOW! I could say these emails are very good imitations complete with logo and contact details, legal disclaimer etc, except I have never received an email of any description from my bank. Banks send letters for notices and such.
I am used to dealing with these emails like everyone else with an email address but the email I received the other day was different. It made sense in a way. We use certificates on servers to enable secure access, so why not banks? The email informed me the bank was changing over to a certificate based system for login to internet banking. A link invited me to download a customer certificate – all in the name of better security. The certificate would recognise my computer by way of the certificate.
Aside from knowing banks do not, (1) would not send an email for such a big security change, there was was the spelling (2) mistakes. Server was spelt serve for example. Banks have and use spell and grammar checkers. I get spelling mistakes on school newsletters and even the education department letters, but never on a bank letter or legal documents.
Then I closed the email, right clicked it and selected message options (Outlook 2007). Scrolling down past the delivery path of my own ISP and its spam filters, I see the return address (3) is firstname.lastname@example.org. The return path / originating path could also be blank. Real emails have real addresses.
In my case the scam targetted ANZ bank customers so i rang 131314 and reported it to bank security.