Today I received this email:
From: Evans, Sabina <Sabina.Evans@sunnybrook.ca>
Date: Wed, Nov 15, 2017 at 1:38 AM
To: “Evans, Sabina” <Sabina.Evans@sunnybrook.ca>
Pardon me for contacting you this way. I have a lucrative/confidential opportunity that might interest you, but request your permission to disclose details. Please write to the email below for more details!!
There are certain tell-tale signs that this is a phishing email.
- It appears to be from the domain “sunnbrook.ca”, but then we are asked to respond to a different email address at “netvigator.com”.
- While the apparent source of the email looks like a real name, the return address is just a generic set of characters.
- It is not addressed to me, in fact, nothing about the email indicates that the sender knows anything about me, apart from my email address.
- It is bizarrely vague, “lucrative/confidential” tells me nothing, but seems to want to draw me in.
- It makes no sense for me to “give permission” for this person to tell me anything. If they want to tell me, then do so. They didn’t ask my permission to send the email, why do they need my permission to tell me more?
- No legitimate business writer would end a sentence with two exclamation points, when none are needed.
A bit of digging discloses that “sunnybrook.ca” is the domain for the Canadian Sunnybrook Hospital:
From our beginnings as a hospital for Canadian veterans, Sunnybrook has flourished into a fully affiliated teaching hospital of the University of Toronto, evolving to meet the needs of our growing community.
Today, with 1.2 million patient visits each year, Sunnybrook has established itself across three campuses and is home to Canada’s largest trauma centre.
“Netvigator.com” is a Japanese based Internet and email provider. Interestingly, they seem to have an issue with phishing emails, because one of the top hits on a google search is a page, in English, warning about it:
Be safe out there!