Hot Topics
Security Bloggers Network 
SBN

Is it a Phish? Slightly Delayed Mother’s Day Edition

by Elliot Volkman on May 18, 2018

Wait, Mother’s Day was last week? We promise, we didn’t forget, but we did have just a tiny bit of news to announce and that took center stage. But we’re back, and we’re shaking things up!

In our previous episode you got to meet our Scrum Master, Sandy, where he did a great job knocking out some tough suspicious content, but didn’t walk away with the perfect score. This week we put our sales team member Hayden to the test, and he is fully determined to bring us to our first perfect streak. Unfortunately for him, we changed how all of this works. In past weeks we’d present each of our team members with five suspicious pieces of content so that they can decide if it’s spam, legitimate, or… Is it a Phish.

Like many organizations, sending phishing simulations to employees is a common occurrence. These simulations test employees knowledge, help show if security awareness training is effective, and is also pretty entertaining for the sender. Here at PhishLabs, we get some of the trickiest simulations ever created, and Hayden received a very special one created just for him. Therefore, this week you will only have four suspicious pieces of content to analyze, and then you get to hear how Hayden reacted to his BEC or business email compromise attack.

Have some good examples of phishing lures, sites, or even suspicious spam emails? Send a screenshot to us on Twitter and we may include it in a future episode.

Is it a Phish?

The Results

Spoilers ahead! Don’t read on if you plan on playing along.

So how did Hayden do? He had a perfect score of 5 – 0.

  1. Mother’s Day promo or social engineering? Correct! It was a legitimate email for coffee.
  2. Credit card login or credential theft? Correct…Ish. Although someone may have been stalling a bit, ultimately Hayden went with his gut and called this out as a phishing site. The primary giveaway is in the URL where it shows a strange addition to it. There would also likely be an SSL or HTTPS marker as well. The site itself? Looks exactly like the real site, and Chrome even let’s the site pass through.
  3. Movie binging or phishing site? Correct! Although the site uses the secure HTTPS feature, the site itself is not. In this case the URL is the giveaway that the site is sketchy, but everything else looks legitimate.
  4. Email from the boss or BEC attack? Perfect! This week we sent Hayden a custom BEC attack from his boss asking him to send a list of all his prospects. In this scenario we posed as a competitor trying to steal information from him, but Hayden knocked this out of the park. He immediately asked his boss, who was in a meeting, if the request was legitimate. Always verify, especially when it comes to invoices and money related requests.
  5. Credit hold or stealing your money? Correct! This is a phish. Hayden rightfully spotted that the URL was sketchy. By hovering over the link he was able to see that something was amiss.

And with that we are back to a perfect score! Next week we shoot for our first perfect streak, again.

Did you receive a phishing lure or stumble upon a phishing site? Send it to us on Twitter and we can include it in our next edition of Is it a Phish?

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Elliot Volkman. Read the original post at: https://info.phishlabs.com/blog/is-it-a-phish-mothers-day-edition

Elliot Volkman , ,