This one’s pretty obvious but let’s take a look:
Subject: der Alert MC00534427 : limit applied to your account verify now
OK, that’s terrible English, capitalization and the space before the colon is a dead giveaway that this is from India. It was sent right around the time they’re starting their day there, too.
Here’s the text, which is terrible English again (from an image – not actual text in the email):
“The following is a URGENT Alert to confirm your Login information.”
Why capitalize “Alert” and “Login” – those aren’t proper nouns.
And it would be “an urgent alert” not “a urgent alert” – not good English.
“Due to long time login inactivity we have applying limit sending to your account, to remove this new restriction limit confirm your login information now.
Verify Account
Sales Tax was not applied to this purchase”
Why did you capitalize “Tax”? That’s not a proper noun.
Again, super bad English and punctuation. If this really was MailChimp, it would be better than that.
From: accountservices@mailchinp.co
That’s not “mailchimp.com” but “mailchinp.co” – close but not quite. Chinp?
Reply-To: reply_to@journeys.com
I’m not sure why the reply address is different on about every one of these.
The link didn’t even work… they even ran their scam the wrong way. It looks like they were trying to get this linked to “ogin.app.mailchimp.session.id1552443.m-breden.de” which is a German domain name.
The Solution
If you want a way to help protect your computer against phishing scams, I have a solution you might like – versus trying to pick apart emails like this.
