Is It a Phish? April 20 Edition

As you are aware, phishing is certainly not a new cyber threat, yet it continues to be one of the most pervasive and costly to businesses and consumers. With nearly endless examples, we have decided to develop a new series that not only highlights some of these attacks, but also sharing helpful tips along the way for spotting them.

Each week we’ll be looking through phish that are reported by our clients, shared on Twitter, or even sent to us, and then one PhishLabs employee will be put to the test to decide: is it a phish?

This week we have our Sales Engineer Evan Luck, and five suspicious emails to address. Like you, Evan will only have a few moments to quickly look at the lure and decide if it’s suspicious and should be reported, is safe, or is simply spam. We may have a few curveballs along the way, too.

Is it a Phish?

The Results

Spoilers ahead! Don’t read on if you plan on playing along.

So how did Evan do? He had a final score of 4 – 1, with one stumper along the way.

  1. Text Message or Lure? Correct, it was a lure!
  2. Email or lure? Correct, it’s sketchy and likely a lure!
  3. Emergency or Urgency? Correct! This is a great example of using social engineering.
  4. BEC attack or Spam? Womp womp, it was just spam.
  5. Phishing Site or Verification Site? Correct! The URL was a dead giveaway.

Did you receive a phishing lure or stumble upon a phishing site? Send it to us on Twitter @PhishLabs and we can include it in our next edition of Is it a Phish?

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Elliot Volkman. Read the original post at: