Phishing Email Alerts
Catch of the Day: Fax Phish
Chef’s Special: Voicemail Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples of current phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your own inbox. If the pictures are too small or extend off the page, double-clicking on them will open them up in a photo viewer app.
Fake Fax Phish
I haven’t had one of these in a while. This phishing email is a completely self contained exploit. The HTM attachment checked out on VirusTotal, but the attachment had a flawless rendition of the IONOS email log in screen. The second part was the HTML art for the phishing email.
I did receive a couple more like this one, so a bit of a spammy credential stealing exploit.
Here’s the email
Here are the downloaded attachments
And the resulting landing pages
Email Quarantined Phish
This email claims some of your messages are being help in quarantine. The hyperlink http://email.ionos.com/auth/?bob@wyzguys.com tnUhGDBAh0cChaTKBNLyf9KWs71QJQyb54BfdYOgQIUYcP9lhBFA2jW4eEpQ4fEd3FQ45qmBHrzk4ruOmEXjafRhL1 resolves to the web page at http://maylocnuocnhapkhau.net/min/.
This came into my inbox at 7:21 pm last night, but the landing page was already gone this morning. Here’s the email, so you get an idea of what to look out for and avoid.
Virus-Infected Intuit Phish
This email was blocked and reported to me by my email host. I’m sorry we can’t see the original email, but check out the spelling of intuit in the Intuit from email address. (intuii.com)
Nice bit of typo squatting with a malware payload. Here’s the report.
Share
NOV
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com