Is it a Phish: Friday, April 27, 2018

This week we have our office manager Bri, and five suspicious emails to address. Like you, Bri will only have a few moments to quickly look at the lure and decide if it’s suspicious and should be reported, is safe, or is simply spam. We may have a few curve balls along the way, too.

As you are aware, phishing is certainly not a new cyber threat, yet it continues to be one of the most pervasive and costly to businesses and consumers. With nearly endless examples, we have decided to develop a new series that not only highlights some of these attacks, but helpful tips along the way for spotting them. Each week we’ll be looking through phish that are reported by our clients, shared on Twitter, or even sent to us, and then one PhishLabs employee will be put to the test to decide: is it a phish?

Interested in learning more about the latest phishing trends and intelligence? This week we published our annual report that digs into the latest attack techniques and other information you should know about.

Is it a Phish?

The Results

Spoilers ahead! Don’t read on if you plan on playing along.

So how did Bri do? She had a perfect score of 5 - 0, and even knocked out the targeted curveball.

  1. Storage limit exceeded or credential theft? Correct, it was a lure!
  2. Internet account or phishing site? Correct, it's sketchy, even though it has HTTPS marking it secure, and the URL is the dead giveaway.
  3. Marketing email or targeted lure? Correct! Even though Bri was familiar with the brand, and we used it to throw her off the case, it was just a regular marketing email and not suspicious.
  4. Dating site or social engineering? Unlike the internet login, this does not use HTTPS, however, the odd domain name is an easy giveaway.
  5. Free money or 419 Scam? Correct! Literally everything about this says stay away.

Did you receive a phishing lure or stumble upon a phishing site? Send it to us on Twitter and we can include it in our next edition of Is it a Phish?

Article Link: