Mail apps facilitate phishing attacks

2 October 2015

Yesterday I received a really well-crafted phishing mail:

Phishing mail viewed in Windows Phone app

Windows Phone Mail App View

When viewed with mail apps on smartphones or tablets this well-made phishing mails look like the real thing.

Viewed with MS Outlook or a web mail client the sender information in the header makes it crystal clear that this email is a phishing attempt:

Phishing mail viewed in Outlook

Phishing mail viewed in Outlook

In my opinion most of the phishing attacks are easy to detect if email apps would offer the option to display at least the full <From> tag from the email header.

It’s hard to understand why Google, Apple and Microsoft make their customer’s life more difficult than necessary.

Have a good weekend!