Catch of the Day: Google Search Fails Again
Chef’s Special: Sophos Phishing Top Ten
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to firstname.lastname@example.org.
My intention is to provide a warning, examples of current phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your own inbox. If the pictures are too small or extend off the page, double-clicking on them will open them up in a photo viewer app.
Another Credential Stealing Phish
I guess one of the benefits of publishing articles unmasking the Phishing Business is that the phisherphoke (new term that I maybe coined – fisherfolk = phisherphoke) seem to have given up sending me phishinig emails. This is the first one I’ve received in 5 days. And oh, so familiar.
This email has a link with resolves to https://alterhawseholek.com/authenticationpage.php? It is another simple credential stealing web page on what appears to be a hijacked web site. The website is gone, or perhaps it never existed. VirusTotal detected nothing for the URL .
This article on Forbes by David Balaban gives an excellent overview about how the malicious links to legitimate sites and the dodgy redirects to credential stealing forms and drive-by malware downloads work. This supports what I have been explaining in the Friday Phish Fry.
David will be our featured guest blogger on Wednesday Sept 21. His article, Apple Phishing Is an Escalating Threat will focus on Apple phishing exploits, and why Apple’s vaunted built-in security won’t protect you from these attacks.
From Sophos – Here’s the Top Ten phishing tricks of the year, so far – or perhaps we mean The Worst Ten. How many would you fall for? Read entire article here. See examples below. Categories include:
- Rules of Conduct email
- Delayed tax summary
- Scheduled server maintenance
- Task assignment
- Email system test
- Vacation policy update
- Car lights on
- Delivery failure
- Secure document
- Social media message
Not all phishing links appear right in the email itself…
A new study found that email phishing attacks have become more successful during the COVID-19 pandemic.
How do you deal with scam calls on a phone number you keep for emergencies? Here are two examples. Click on the link above for the entire article.
Your Amazon order for [several hundred pounds ending in -99] has now been processed. Your [phone product] will soon be dispatched and you should receive it in [a small number] of days. For further information or to cancel the order, press 1 now to speak to an operator.
Your Amazon Prime subscription will auto-renew. Your card will be billed for [several tens of pounds ending in -.99]. To cancel your subscription or to discuss this renewal, press 1 now.
This article is more about steps to an email account hijack or business email compromise (BEC). It explains one of the many things that an attacker can do with credentials they stole using a phishing exploit.
Roger Grimes wrote: “Email rules have been used maliciously for decades. Learn about email rules and what you need to do to defend your organization against their malicious misuse.”
Attackers have always been adept at using legitimate automation tools and features against us. The time-worn programmer’s credo, “Why do something manually when you can automate it?” apparently applies to malware writers as well.
Automating maliciousness makes it more effective in terms of both success, lower cost, and it makes the attacker far less likely to be caught. For decades, phishers and other attackers have used email automation functionality, such as rules, scripts, add-ons, templates, and configuration settings, against their victims. Read more…
Thanks to Sophos for advising us about these sorts of attacks. Please click through to their article to see all the examples. I’ve put one or two below.
How to “crack” Apple’s vaunted built-in security? Trick and Apple user. People are always the weakest link of the security chain.Share