SBN

Is it a Phish? May 25 Edition

This week we are putting our brand new marketing team member, Rachel, to the task of hopefully getting us to our first perfect streak. And because she’s new to the team we decided to bring back our classic format.

HR would not be thrilled if we chased off another colleague, and we’re not going to talk about Jimmy. PS, we are hiring

In our previous episode you got to meet our sales team member, Hayden, where he did a great job knocking out some tough suspicious content. This included a special BEC attack designed just for him, but he still walked away with a perfect score.

This week Rachel assess five different suspicious pieces of content that consisted of both emails and websites. Like you she only had a few moments to decide whether or not the content was suspicious, if she should click on it, or whether to simply mark it as spam. Each of these are real-world examples you’d likely find in your inbox or floating around the web. We also threw in one bonus email as well.

Have some good examples of phishing lures, sites, or even suspicious spam emails? Send a screenshot to us on Twitter and we may include it in a future episode. If you want some great examples, we’d also recommend following @PhishingAi on Twitter who constantly has some of the more tricky sites on display.

Is it a Phish?

The Results

Spoilers ahead! Don’t read on if you plan on playing along.

So how did Rachel do? He had a solid score of 4 – 1.

  1. Bank error or scam? Correct! This is obviously a low-effort scam lure designed to swindle you out of money.
  2. DocuSign phishing page or super important legal document? Correct, this is a phishing site! Although the site looks legitimate, both the URL and lack of a secure or HTTPS are clear indicators that something is off. This is a particularly nasty phishing site because the URL is so similar to the real thing. Fortunately DocuSign has since acquired the URL and the page now redirects to the actual one.
  3. Google Docs or credential theft? Correct! This is a phishing site designed to steal your Google credentials. Unfortunately this is a common cyber threat, and threat actors uses these credentials to gain entry to other important accounts (like your bank).
  4. Netflix and chill or Netflix and spill? Correct! You may be wanting to watch the new season of Arrested Development, but so does this particular threat actor, maybe. Although the site has an SSL certificate, the URL is clearly not accurate.
  5. Security alert or clever credential theft attempt? Ouch, unfortunately there will be no perfect streak for us today. While this alert would appear a bit suspicious, especially if like Rachel you don’t personally have an account with Epic Games, but this is in fact a real security alert. Some of the more common online games, especially ones that include microtransactions like Fortnight, often have threat actors attempting account takeovers. This particular alert hits my inbox several times a week, and threat actor if you’re reading, you are more than welcome to play on my behalf.
  6. Bonus round: Amazon, is it me you’re looking for? We’re pretty sure they don’t have a sneaky closet, and this is of course a phishing lure.

That perfect streak is out there, but unfortunately for our team I’m only going to make these examples evolve just like your most loathed threat actors.

Did you receive a phishing lure or stumble upon a phishing site? Send it to us on Twitter and we can include it in our next edition of Is it a Phish?

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Elliot Volkman. Read the original post at: https://info.phishlabs.com/blog/is-it-a-phish-may-25-edition