Contrary to popular belief, phishing attacks do not only take place through emails. While that is the cheapest way, specially if trying to reach as many potential victims (the marks) as possible, there are other ways.
Early this year we commented on the classical phishing email disguised as an invoice, which usually contains a malware-laden attachment. Well, this is a variant of that email:
While this is not technically a Nigerian Prince phishing email – its claimed country of origin is two countries South of Nigeria – like the beautiful masterpiece we talked about in a previous post, it is one in spirit. Take a look at the email, posted here in glorious ASCII, and see if you agree with me.
Google/Microsoft Office365 docs, forms included, are a great way to phish someone. You create a document with a macro or just a link, and send it in a way to entice the potential victim. We have talked about using the carrot angle – prizes and free money – and the stick one – fines and receipts for outstanding bills – but how about nothing at all? That is what this phisher is going for: no clever titles or descriptions, and no explanation for why you should fill the form. All it offers is just a request, “I’ve invited you to fill out the following form:”
In the end of last month I received this uninspiring but not badly put together phishing email. I will start with saying this email is completely not in the same league as the phishing one we covered in the previous post.
I guess this is Classic Phish Month, and today we sure have a real classic amongst us. I was going to talk about another, lesser phishing email, but when I found this morning a Nigerian Prince-class email waiting in my mailbox, I knew I that it was the one.
First of all, this is the first phishing email contributed by a viewer like you. Thank you! I can tear down and make fun of a phishing email like the best, but that is hard to do without new material. Don’t be stingy! If you get a phishing email, send it my way and I will promise to fillet it properly.
We talk a lot about phishing emails. After all, this is what this site is all about (teaching how to recognize and deal with them). Thing is, we receive so many (ok, maybe not me, which is why I keep asking for you to send me some), we may start labelling any suspicious emails as phishing. That would be myopic of me; messages trying to con people, spam included, predate emails. And, spam started to pollute mailboxes everywhere as soon as the internet stopped being the exclusive domain of researchers and started being used by normal people like you and me to share cat pictures and animations of dancing hamsters. It took decades after that before phishing was a thing.
This is a plain simple phishing email. No attachments and the link to the site where you are supposed to either give your info to or be compromised, or both, looks rather innocent. Contrary to some previous examples, its simplicity is elegant.
Phisher this time is a bit more clever than the average one we have been dealing with recently. Yes, I know it does not take much, but I will take what I can get.