Did You Get A Phishing Email?
1978 is the year, that classified an email as spam email. Ever since then, the techniques of spam and phishing emails have evolved.
Phishing email is a well-known social engineering technique used by cybercriminals that targets users through emails that appear to be emails from well-known sources such as banks, delivery companies, and mortgage companies.
Different Types of Malicious Emails
- Spam — a large number of junk emails, sent out to a large number of recipients.
- Phishing — in this technique, send out an email that appears to be legitimate to lure users into providing sensitive data.
- Spear Phishing — take the phishing step further and target a specific individual to get sensitive data.
- Whaling — in this technique the cybercriminals target the high position individuals such as CEOs, and CTOs to get sensitive data.
- Smishing — smishing targets mobile users through a specially created malicious text message.
- Vishing — vishing targets mobile users via voice calls.
Tactics Used by the Attackers to make phishing emails look legitimate.
Email Address Spoofing
The above image shows that the sender name is mismatched with the email address, which means the threat involves sending email messages with a fake sender address.
URL shortening services and use HTML to impersonate legitimate Brands.
According to the above email, it asks for a confirmation, after viewing the HTML code of the email investigators found the above link which is on the image. Above mentioned link looks suspicious as it is not directed to a page which it appears to be.
Pixel Tracking
Tracking Pixels — A small ( invisible ) image embedded in an email.
The purpose of embedding a pixel is to track if the recipient opened a spam email or not. After the cybercriminal gets the confirmation of an active and valid email address, the black hat can exploit the vulnerability.
Link Manipulation.
This is an image of a site, that redirected after clicking on the link or the button in the phishing email. Take a closer look at the URL and the other infomation available in the page. This URL is not belonging to paypal eventhough the page appears to be a login page for paypal.
Credential Harvesting
This is a suspicious login page, look at the URL it is not the orginal URL for the outlook. What happens when users type their credentials in the login page? Most of the pages give a error message like the above image, instead of login user’s credential will save in the attackers server.
Urgency and Typos ( Poor Grammer )
Look at the highlighted area, Netflix spelled as “NetfIlx”, and this email appears to be a urgent email saying “Your account is on hold”. Urgency and Typos are one of the common techniques used by the attackers to trick users.
Suspicious BCCed Recipients
The recipient email looks like another spoofed email to appear as a legitimate Apple email address.
Attachments
This is a image of a content of a phishing email attachment. The highlighted area appears to be a URL but, notice there some keywords associated with the IOS operating system “apple.ios-games”.
Next time make sure to check the email before doing anything and make sure to verify the sender before openning an email.
