Don't go phishing malicious emails!

sgt_zim

AH elite
Joined
Mar 26, 2017
Messages
1,294
Reaction score
1,793
Location
Sugar Land, Texas
Media
14
Articles
1
Hunting reports
Australia/NZ
1
Member of
NRA, Houston Safari Club Foundation, NWTF
Hunted
Texas, Louisiana
phishing - generally an attempt via email to get you to
  • click on an (malicious) attachment
  • click on a hyperlink which will carry you to a malicious website (called a "watering hole" ) where you might be tricked into giving up credentials to (usually) your bank account
  • click on a hyperlink which will carry you to a watering hole which will auto-download malware to your computer
WRT malicious attachments, if you get an email from somebody you do not know, and the email has an attachment, delete the email straight away.

If you get an email from somebody you DO know, but weren't expecting an attachment, call them and make sure they actually sent you an email with an attachment. If you can't get in touch with them in fairly short order, go ahead and delete the email anyway. Call them later and ask them to resend the email, assuming they actually sent it in the first place.

hyperlinks - a website address contained within the email. Always look closely at the hyperlink before you click on it. It is trivially easy to show a URL for something like https://www.africahunting.com as the display text, but the real URL is to some other place. It is also trivially easy to make it look like the link really is to AH, but then substitute a letter from the extended Latin or German characters that LOOKS like our standard Latin characters.

https://www.africahunting.com
https://www.africahuntìng.com

They will do things like spoof friends/family (very easy to figure out who those are with 10 minutes of research on social media), so that the "from" field on the email might look like this
from: Bob Smith <JimJones@mailer.com>

It may seem stupid, and really, who would be fooled by something so obvious? Lots of people.

Salutations: Dear Sir (or Madam, or valued customer, or customer, or ANYTHING but your name) is almost always a dead giveaway that you are being phished. Most legitimate businesses, when they send you an email, will greet you with the name your provided them when you created your account with them. The only exception I've ever seen is Wells Fargo bank. There may be others, but I've seen the legitimate emails from them. It's effing stupid, and whoever is responsible for it at WFB should be flogged.

Email body:
along with the aforementioned items, it's usually fairly obvious after reading and re-reading when the author of the email doesn't speak English as their first language. There will be mis-spellings, or grammar which while correct, is not common American vernacular. Or there could be a couple of glaring grammatical errors.

Some phishers are very sophisticated. They may embed logos from legitimate businesses (BoA, Yahoo, Amazon, etc) as part of the email. Don't get sucked in just because you see a real business' logo, watermarks, etc.

The two most common ploys of phishing emails are
1. appeal to greed - think Nigerian prince scam, or some iteration of it.
2. an attempt to invoke a sense of urgency - if you don't log in at the link below, we'll be forced to close your account within X days
3. a combination of 1 and 2

There are just no hard and fast rules for detecting phishing. With the above, and an application of common sense, you can avoid them. Just don't be a clickopotomus when you're going through your emails.
 

Mr. Zorg

AH enthusiast
Joined
Jun 22, 2019
Messages
484
Reaction score
477
Location
San Antonio, TX
Media
16
"clickopotamus"

A great term to add to my vocabulary!

Thanks again for sharing your knowledge base with us here Zim!
 

Forum statistics

Threads
35,641
Messages
665,380
Members
60,485
Latest member
ChastityMa
 

 

 

Latest posts

Latest profile posts

DGGardner wrote on Rare Breed's profile.
I'm sure I am a day late and a dollar short but if the deal on the .416 falls through let me know and I will buy it.
Pondoro wrote on Tally-Ho HUNTING SAFARIS's profile.
Hello...could you please pm me regarding what species available on this fly-camp offer....can cape buffalo be taken for instance..? Trophy prices..?
matt vejar wrote on kevin masters's profile.
Kevin,
Played rookie league for the Yankees in Paintsville after winning the College World Series at Fullerton State, in1979. All I could think about was the movie “Deliverance”- lived up in a hollow with some other players. Refused to go on a moonshine run because it was a dry county-no way. Met some of the nicest people on the planet there! Van Lear the home of Loretta Lynn was highlight of summer LOL.
Tally-Ho HUNTING SAFARIS wrote on jfowler812's profile.
hi Mr fowler

im happy to do these deals for 2021

i will knock off 10% off each deal if you take 2 so $18000 per package

look forward to your response

regards
Mule deer and Colorado elk seasons almost done! Hunters driving farm roads, looking for racks, their PH driving them along, I ask that you not pull into my drive. The buck behind me, on the boundary line of the GMU somehow knows. The hunter laughs, I would invite you in to see my Searcy rifles but social distancing prevails, darkness arrives and the buck slides away into secret tree grove...
 
Top