The email below appeared in my inbox this morning. It's a total scam, of course, but not everyone would recognize it as such. There's a bit of a complicated story behind the brand name and everyday consumers' understanding. The outfit that advertises most and asks for donations is St. Jude's Children's Research Hospital. But the outfit referenced in the email is St. Jude Medical, a hospital group that has recently been acquired by Abbott, a medical device company. I doubt 5% of Americans would know the difference, while the rest associates "St. Jude" with the children's health care organization.
That's what really aggravates me about the scam in this email. It's a phony receipt, made to look like a credit card receipt printout for a St. Jude Medical facility in Canada. The amount is fairly substantial, especially if you think it's real and that you're about to be charged for this amount.
Remember that every email scam entices its recipients to act in some way. In this case, it's to click on the Payment details link. A harmless mouse rollover reveals the link is to a clothing company, whose web site has been hacked to include a page redirecting visitors to the crook's actual Evil Page.
It doesn't matter whether the destination page is for credit card phishing or malware installation (or both). The point is to avoid the temptation to perform the act that the crook wants you to perform. Each non-visit to the destination represents a failure, and further enticement to find a hobby other than conning innocent people with phony return address identities.