Original Phishing Message

From: BECU <test[@]empire[.]com>
Subject: account locked
Subject: account suspended

Tips for Detection

• Notice that the email display name is BECU but the email address is test[@]empire[.]com. Many phishing emails attempt to impersonate reputable companies such as banks, file sharing services, etc.
• The “UNLOCK” link leads to www[.]verify3unlock[.]diskstation[.]org or www[.]becu3unlock[.]diskstation[.]org, both of which are not BECU websites. When in doubt, always go to the known website of a company instead of following links in emails.
• The email is vague in multiple ways as it is addressed to “valued customer” and does not include details of the alleged suspicious activity.
• Many phishing emails contain a sense of urgency or threats to shut off a service, such as the ability to use your debit card in this instance.

Text of Phishing Message

From: BECU <test[@]empire[.]com>
Subject: account locked
Subject: account suspended

Our Valued Customer,

Your account has been locked due to suspicious activities, click the button below to unlock your account. N.B: If you’re seeing this message in your spam/junk email folder ensure to move this email to your inbox email folder to enable the UNLOCK button below clickable for you to verify your identity and be able to use your debit card.

Thank you for helping us protect you.

UNLOCK

As this e-mail is an automated message, we can’t reply to any e-mails sent by return.