I rarely see any spam on my email inbox as I have been using Google to host (paid service) my personal and business email accounts for few years. Due to the number of spam that I receive, I have found it useless to even have a look at my spam folder. How many Viagra or PayPal account security emails can you glance through daily?
Earlier today, I received a very good phishing attempt that Google didn’t catch. This was a preferred seat purchase email supposedly coming from American Airlines. It wasn’t addresses to be, but it is not uncommon to mistakenly receive emails intended to others.
The email header looked ok. It shows firstname.lastname@example.org as a sender. This is the same sender email address that AA uses for real notifications as well. Above is the fake one and below the real one.
But this email is not for real. I would encourage everybody to set their browser to show the actual URL for all the links. This email had all the links to point to a website in Russia, as I have highlighted in red.
I had been waiting for an email from American Airlines with an eticket number for Etihad business/first class award redemption that I had made and paid earlier in the day. Somehow that email had ended up in my spam email folder.