Don't go phishing malicious emails!

Discussion in 'General Chat' started by sgt_zim, Sep 4, 2019.

  1. sgt_zim

    sgt_zim AH Elite

    Joined:
    Mar 26, 2017
    Messages:
    1,004
    Video/Photo:
    12
    Likes Received:
    1,100
    Location:
    Sugar Land, Texas
    Member of:
    NRA, Houston Safari Club Foundation, NWTF
    Hunted:
    Texas, Louisiana
    phishing - generally an attempt via email to get you to
    • click on an (malicious) attachment
    • click on a hyperlink which will carry you to a malicious website (called a "watering hole" ) where you might be tricked into giving up credentials to (usually) your bank account
    • click on a hyperlink which will carry you to a watering hole which will auto-download malware to your computer
    WRT malicious attachments, if you get an email from somebody you do not know, and the email has an attachment, delete the email straight away.

    If you get an email from somebody you DO know, but weren't expecting an attachment, call them and make sure they actually sent you an email with an attachment. If you can't get in touch with them in fairly short order, go ahead and delete the email anyway. Call them later and ask them to resend the email, assuming they actually sent it in the first place.

    hyperlinks - a website address contained within the email. Always look closely at the hyperlink before you click on it. It is trivially easy to show a URL for something like https://www.africahunting.com as the display text, but the real URL is to some other place. It is also trivially easy to make it look like the link really is to AH, but then substitute a letter from the extended Latin or German characters that LOOKS like our standard Latin characters.

    https://www.africahunting.com
    https://www.africahunt├Čng.com

    They will do things like spoof friends/family (very easy to figure out who those are with 10 minutes of research on social media), so that the "from" field on the email might look like this
    from: Bob Smith <JimJones@mailer.com>

    It may seem stupid, and really, who would be fooled by something so obvious? Lots of people.

    Salutations: Dear Sir (or Madam, or valued customer, or customer, or ANYTHING but your name) is almost always a dead giveaway that you are being phished. Most legitimate businesses, when they send you an email, will greet you with the name your provided them when you created your account with them. The only exception I've ever seen is Wells Fargo bank. There may be others, but I've seen the legitimate emails from them. It's effing stupid, and whoever is responsible for it at WFB should be flogged.

    Email body:
    along with the aforementioned items, it's usually fairly obvious after reading and re-reading when the author of the email doesn't speak English as their first language. There will be mis-spellings, or grammar which while correct, is not common American vernacular. Or there could be a couple of glaring grammatical errors.

    Some phishers are very sophisticated. They may embed logos from legitimate businesses (BoA, Yahoo, Amazon, etc) as part of the email. Don't get sucked in just because you see a real business' logo, watermarks, etc.

    The two most common ploys of phishing emails are
    1. appeal to greed - think Nigerian prince scam, or some iteration of it.
    2. an attempt to invoke a sense of urgency - if you don't log in at the link below, we'll be forced to close your account within X days
    3. a combination of 1 and 2

    There are just no hard and fast rules for detecting phishing. With the above, and an application of common sense, you can avoid them. Just don't be a clickopotomus when you're going through your emails.
     

  2. Mr. Zorg

    Mr. Zorg AH Veteran

    Joined:
    Jun 22, 2019
    Messages:
    163
    Video/Photo:
    2
    Likes Received:
    116
    Location:
    San Antonio, TX
    "clickopotamus"

    A great term to add to my vocabulary!

    Thanks again for sharing your knowledge base with us here Zim!
     
    sgt_zim likes this.

Share This Page

 
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice