This week we've been altered to a scam purporting to be from Spark regarding Xtra webmail. You'll see I've entered a placeholder email address into the picture of it above to protect the identity of the person who sent it to us, but they actually do have an Xtra email address, making this phishing email particularly convincing. It also had a few genuine Spark links at the bottom of the email; all in all, it was a high-quality phishing email which, I imagine, many recipients might have fallen for.
Here's what gives it away as being a scam:
It addresses the recipients as their email address rather than their name. A real company would have your name and would use it.
Spark would not email you about this issue. If your inbox is full you'll be told about that in your email application or on the webmail site when you're using it.
I've not included the link for obvious reasons but when I hovered over the 'Update Now' button without clicking on it, I was shown the real destination of that link, and it had nothing to do with Spark.
There are two words in the text spelt with the letter 'z' when the NZ spelling would use the letter 's'.
I am extra suspicious of this phishing email because it is so specific, targeting Xtra email users while pretending to be from Spark. So, I would love to hear from anyone else who has received this one. If there is a pattern here I'd consider contacting Spark to let them know about it. Please email me at admin@greenmouse.co.nz if you've received this particular phishing scam. And of course, I'm always happy to advise if you suspect that any email you've received might be a phishing scam.