Catch of the Day: IONOS Password Phish
Chef’s Special: Curiosity Stream Phish
Examples of clever phish that made it past my spam filters and into my inbox. Some are sent by clients or readers like you, and other reliable sources on the Internet.
You can send phishing samples to me at email@example.com.
My intention is to provide a warning and show current examples of phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your inbox. If the pictures are too small or extend off the page, double clicking the image will display them in a photo viewer app.
IONOS Password Phish
Looked like a credential stealing exploit, but turned into a click-banking exploit. The link resolved to http://library.birzeit.edu/library/opendb.php?id=42&dbtype=free&dbname=Global%20Development%20Network(GDN)%20&db_url=https://adpswebappsuiteconfig.uc.r.appspot.com/#c3VwcG9ydEB3eXptYWlsLmNvbQ==, and then redirected to https://www.gamespot.com/#c3VwcG9ydEB3eXptYWlsLmNvbQ== The link took me to a landing page for Game Spot. Just in time for the holidays!
Curiosity Stream Phish
This email and attachment appear to have come from a streaming service. The email sender is wrong for this type of email, using a Hotmail account. This is another Customer Support Number scam. But it does seem to fall into the holiday gift-giving theme with the previous email. Be on the lookout for these sorts of scams.
This invoice is strange as it does not mention a specific credit card. The support telephone number isn’t even toll-free.