Here’s An Example Where Threat Actors Try To Phish Me
Ever since I have implemented DMARC, which you can read about here, I’ve noted a significant change in the phishing emails that I’ve gotten. They seem to be targeting me specifically to try and get my email password. I’ve been ignoring these for a while now. But for fun, I decided to look at one of these and see what the threat actors in question were up to. I looked at this one today to see what the deal was:
Now I always find these phishing emails hysterical because I control my own email server. Two actually. And the English in this email is suspect to say the least. Example “in-ther to avoid data lost”.
Clicking on “Re-activate Now” takes me to this page:
I don’t have an app suite as part of my web and email hosting. So I wouldn’t be fooled by this. But I can see where an end user might be fooled by this. And this is where it gets interesting. It’s already pre-filled in my email and all it wants is my password. Filling in my email address isn’t that hard. But when I entered some caustic text telling the threat actors what I thought of them, this is what happened next.
It takes me to my own corporate website. That tells me that the threat actors put some time and effort into making this phishing scam work. It also tells me that by cutting the threat actors off from being able to spoof emails, the threat actors have moved on to trying to steal the passwords to my email server. That illustrates how far threat actors will go to get what they want. As in they will shift tactics when required. While I don’t have to shift tactics to combat this, I am the edge case. You need to spot these sorts of phishing attempts and react accordingly.
Oh, if you’re the threat actors behind this phishing attempt, you need to read my blog more because this phishing attempt had zero chance of success.
This entry was posted on October 1, 2024 at 8:27 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Here’s An Example Where Threat Actors Try To Phish Me
Ever since I have implemented DMARC, which you can read about here, I’ve noted a significant change in the phishing emails that I’ve gotten. They seem to be targeting me specifically to try and get my email password. I’ve been ignoring these for a while now. But for fun, I decided to look at one of these and see what the threat actors in question were up to. I looked at this one today to see what the deal was:
Now I always find these phishing emails hysterical because I control my own email server. Two actually. And the English in this email is suspect to say the least. Example “in-ther to avoid data lost”.
Clicking on “Re-activate Now” takes me to this page:
I don’t have an app suite as part of my web and email hosting. So I wouldn’t be fooled by this. But I can see where an end user might be fooled by this. And this is where it gets interesting. It’s already pre-filled in my email and all it wants is my password. Filling in my email address isn’t that hard. But when I entered some caustic text telling the threat actors what I thought of them, this is what happened next.
It takes me to my own corporate website. That tells me that the threat actors put some time and effort into making this phishing scam work. It also tells me that by cutting the threat actors off from being able to spoof emails, the threat actors have moved on to trying to steal the passwords to my email server. That illustrates how far threat actors will go to get what they want. As in they will shift tactics when required. While I don’t have to shift tactics to combat this, I am the edge case. You need to spot these sorts of phishing attempts and react accordingly.
Oh, if you’re the threat actors behind this phishing attempt, you need to read my blog more because this phishing attempt had zero chance of success.
Share this:
Like this:
Related
This entry was posted on October 1, 2024 at 8:27 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.