Phishing is a constant battle and problem on today’s Internet. While it is easy to spot most phishing attacks, if you are experienced, many Internet users fall for these attacks.
The use of AI in attacks helps attackers, even though AI is also used by the developers of security solutions. It is an arms race that has been going on for a long time.
I stumbled upon a new phishing post on LinkedIN recently. It showed a phishing email that looked like it came from noreply@microsoft.com. Upon closer inspection, it came from noreply@rnicrosoft.com.
You may spot the difference easily, but depending on the mail client that you are using, it may not be as easy to figure out that the phishing email does not come from the microsoft.com domain, as the m has been replaced by the two letters r and n.
It is simple, but very effective, especially in an age where everyone seems to be in a hurry.
This goes to show that threat actors do not always have to come up with new sophisticated schemes for their attacks. Sometimes, it is enough to register lookalike-domains by replacing just one or two characters in a domain name.
This goes hand in hand with registering domain names that look like the real deal, but are not, like microsoft-support.com.
What is the best line of defense in those cases? Never, ever, click on links in emails. Also, do not call, text, or interact with anything else in emails. Instead, verify, if you are unsure.
For instance, if you do get a password reset email, but did not request a password reset, it is very likely that this is fake. You could visit the website directly and sign-in to your account to find out, or contact support, if there is any.
Have another tip regarding the threat of phishing? Feel free to leave a comment down below.
These are common phishing tricks, like using the number “0” instead of the letter “O” or large “I” letter instead of the small “l” letter. But 99% of worst email phishing made using one trick by substituting real email. I get few emails a week from “real companies”. But if I point my mouse cursor on the email link they want me to click to get in contact with them, I can see a generic email address like “something@gmail.com” or “something@outlook.co.uk” on the bottom of the browser. The same goes with pointing the mouse cursor on outgoing links.
Never provide credit card details by phone nor via email, be extremely cautious when providing any personal information, as in real life : do you share such privacy details with a stranger met in a bar, a party, a public park? You could be inclined though if the stranger knows the right way to get you to deliver them: charm, intelligence, psychology have devastated many lives, even before the Web existed. Be cautious, not suspicious, not paranoid but cautious. Have a spare email address for shops, another for strangers if you feel it might be ok, but make compartments, always : those you trust 100%, those you trust 50%, those you trust 0%. You’ll always have friends who’ll laugh about such caution, the same that don’t laugh at all once they get in trouble themselves because of excessive, blind confidence.
I’d add as well, read & send your email in text format. If you receive an email which really needs to be displayed in html from a person, organization you absolutely trust (after having checked e.g. it’s from microsoft and not from rnicrosoft (excellent example form the article), then only switch to html.
Be cautious as well with PDF documents, don’t open them blindly, in doubt scan them first with dedicated tools.
Of course as the article rightly mentions it, many have the experience to know all this already yet because we know we may become excessively confident, not with others but with ourselves, and even pros got or have been very close to getting tricked. Remain alert.
I think we know as well that many of us rely on dedicated defense tools (anti-virus, global internet protection and so on) to a point that we consider ourselves protected from anything and everything: with good tools maybe but when it comes to phishing it’s you only who may be buggy, not the defense tools.
“Be cautious as well with PDF documents, don’t open them blindly, in doubt scan them first with dedicated tools.”
Not just PDFs. Scan Word and Excel documents too.
Whenever I receive an unexpected mail I’ll always hit Ctrl+U to show the headers to reveal where it originated from before considering opening it. If any doubts still exist I’ll look it up on the Web which oftens results in search results from other users who did the same thing and what their opinions were.