Friday Phish Fry

Phishing Email Alerts

Catch of the Day:  Phishing Dud

Chef’s Special:  Phishing for Teachers

Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.

I would be delighted to accept suspicious phishing examples from you.  Please forward your email to phish@wyzguys.com.

My intention is to provide a warning, examples of current phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your own inbox.  If the pictures are too small or extend off the page, double-clicking on them will open them up in a photo viewer app.


IONOS Delivery Error Phish is a Dud

Every now and again I get a phishing email exploit that is either not completely set up, or has already been taken down.  I got this email on Valentine’s day (2-14) and by the time I investigated it on 2-15, this was the result.

The link in the email (https://mailap98348934.web.app/#bob@wyzguys.com)  resolved to an unoccupied firebase site.  Virustotal identified the link as a known phishing link.  It is possible that Firebase found the site, or responded to reports, and took the landing page down.  Three iomages follow.

 


Phishing Campaigns Are Targeting School Teachers

Once again, cybercriminals are using COVID-19 to their advantage by targeting anyone who might appear to be in a position of weakness. This time they have directed their attention to school teachers—as if remote teaching and hybrid learning models weren’t hard enough already! Microsoft tweeted this week that they are noting an increase in business email compromise (BEC) attacks targeting K-12… Read more


SMS tax scam unmasked: Bogus but believable – don’t fall for it!

Everyone loves a tax refund – just don’t get so excited that you forget to check for telltale signs of a scam.  This example is from the UK, but there are similar scams pretending to be from the IRS


 

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.