I belong to a few meetup groups. For the last two months I have seen an interesting phishing message being posted as a new post/discussion to a few meetup groups. This type is to offer, as they state, an easy reliable work, which translates to providing personal information (so the phisher can get loans and credit cards on the phish’s name) or installing some malicious software disguised as the app required to perform work duties.

Today’s phishing email is a variation of the classic Nigerian Prince scam, which we have been luck enough to had a really good example here before. The basic hook is greed. The Nigerian Prince (phisher) asks you (phish) to help him move massive amounts of money by depositing them into your account and you then send him his share (which is the only real money: yours) before your bank checks if the transfer is real. In this variation, the phisher is offering you a easy but high paying job, which also requires you to believe they send you money so you will in turn send your hard-earned cash as commission.

You all know I like to show appreciation for those who can put together a good phishing email/text/call/whatever. As this example will show, you do not need to make it fancy to work; a short clever one will do just fine! Now, it is in Spanish, but who cares? We’ve had them in German before, and I need to put up the ones people sent me that were in French and Russian. But, I am getting ahead of myself: let’s admire today’s phishing email (apologies for removing the accents but I have not figured out yet how to preserve them without getting utf8 error messages):

Some people can’t dance. Others can’t bake, from pasta to a brownie, to save their lives. I fit neatly in that second group. And then there are those who can’t write a beliveable PayPal phishing email. Guess which group our phisher belongs to? Exactly.

We have covered some great phishing emails, some terrible ones, and some that are so bad they are good. Today’s example fits neatly in the latter category. First we need to admire it in its glory:

I (at last!) am getting a lot of similar emails recently. Here is one of them. At first, it seems rather harmless: just some company spamming me about some AI course. Try to read it (come on, it is not that long!) and make a point to remember the gist of the email, it’s Subject: and the email address (the From:) of the person sending it.

It has been said before that true classics are timeless and touch everyone regardless of race, colour, or language. I do not think that was originally intended to include phishing emails, but here we are. Every so often a kind soul will contribute with something in a different language, like the email below:

Time for our Black Friday post! We need to be prepared an increase in phishing and other forms of attacks in the period starting on Thanksgiving shopping season and going through Christmas and the New Year. Today’s is one of those I would be watching out for: offering a loan.

Those who know me are aware of my low opinion about tracking links in general and URL shorteners specifically.

You probably have noticed we have not philleting new phishes recently. The reason is really simple: we do not receive many phishing emails, and those who have provided us with some of the previous phishes have not been able to send us more.