Phishing Email Alerts
Catch of the Day: Fax Phish
Chef’s Special: Voicemail Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to firstname.lastname@example.org.
My intention is to provide a warning, examples of current phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your own inbox. If the pictures are too small or extend off the page, double-clicking on them will open them up in a photo viewer app.
Fake Fax Phish
I haven’t had one of these in a while. This phishing email is a completely self contained exploit. The HTM attachment checked out on VirusTotal, but the attachment had a flawless rendition of the IONOS email log in screen. The second part was the HTML art for the phishing email.
I did receive a couple more like this one, so a bit of a spammy credential stealing exploit.
Here’s the email
Here are the downloaded attachments
And the resulting landing pages
Email Quarantined Phish
This email claims some of your messages are being help in quarantine. The hyperlink http://email@example.com tnUhGDBAh0cChaTKBNLyf9KWs71QJQyb54BfdYOgQIUYcP9lhBFA2jW4eEpQ4fEd3FQ45qmBHrzk4ruOmEXjafRhL1 resolves to the web page at http://maylocnuocnhapkhau.net/min/.
This came into my inbox at 7:21 pm last night, but the landing page was already gone this morning. Here’s the email, so you get an idea of what to look out for and avoid.
Virus-Infected Intuit Phish
This email was blocked and reported to me by my email host. I’m sorry we can’t see the original email, but check out the spelling of intuit in the Intuit from email address. (intuii.com)
Nice bit of typo squatting with a malware payload. Here’s the report.