In the first two parts (The Hook-Part 1, The Deception-Part 2), we examined the email phish, its flaws and what would happen if we clicked on the link in the email. Then the deceptive, fake webpage appeared asking us to log in. We compared the fake and true web sites for Apple ID. When we entered our Apple ID and password into the fake website we received a page that told us that our account was locked and prompted us to click on a link to Unlock Account. Let’s see what happens now.
I’d had enough fun with this and was not about to enter the requested information. Time to pick up my forensic toys and put them back into the toy box.
I was not able to obtain the header for this email, so I can’t share the origination of the email with you. However, I found this to be an interesting project and felt it worthwhile to share.
As I stated in Part 1, the reason phishing is used is because it works.
Let’s recap some basic phishing awareness techniques that can prevent users from falling victim:
- Slow down. Don’t be influenced by language that implies a sense of urgency, requires immediate actions and makes threats.
- Read the email carefully. Look for grammatical errors, punctuation and misspellings.
- Don’t click on links. Hover over the link and see if you can tell where it will send you.
- If you do click on the link and it sends you to a login page, DON’T! Do not give away your credentials or any personal information.
- When in doubt, call the organization and ask about the email. Go directly to the organization’s website (not by using the link provided) .
- When in doubt, throw it out. Your personal information is like money. Protect it.
- Report any suspicious emails to your IT department. Chances are there are others in your organization who have been affected.