Alibaba - spam example


Following is a phishing email. With the same logo and color, the email is almost like a genuine notification from Alibaba website. It uses social engineering techniques to deceive the recipients.

It’s written in subject line and email body that the recipients are asked to confirm the email address. All the links in email are genuine, except the “Confirm Email Address” button, which leads to a phishing website. Another way to distinguish is that they often start off with a general salutation instead of personalized names. And in this case it goes on saying : Dear customer.

We can judge from the header that the email is from medmail.med.ualberta.ca, which is apparently different from a normal Alibaba email.

The spammers smell the opportunity of e-commerce and want to benefit from it. So we would advise you to double check whenever you have to type your personal data, which can effectively prevent the unnecessary cost of time and money.