Skip to content

Example Phish 003

Quote

“Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.“ – Anne Ritchie

What to learn from this phish...

This is a phishing email, but it's important to understand that it first sends you to a legitimate site and then presents you with the "bad" links.

It's a trick to gain confidence and hope recipients will check the first link, but not the second. It can bypass link checkers and it's more familiar as many people these days use online file sharing systems like One Drive, DropBox, Box.com, etc.

  • Take notice of the 3 slashes and the first dot working backwards from the 3d slash.
  • domain DOT top-level domain

Link 1 - in the email itself

  • Goes to a Microsoft owned site and used for One Drive - their online storage tool.

    https://1drv.ms/o/s!BLxmgMJTuVFSg04kemTfxAVt9c0q?e=7QptPY_IkEGxiDD17o3TzQ&at=9

Link 2 - at the One Drive webpage

  • It's a web version of a OneNote note that has two files in it with two links, both to the same place.

    https://ademarojaya.com/36crime.co.uk.abm.com/sigtthed94/IIve

  • Unless ademarojaya.com is something you recognize, this is not a legitimate link, site, or email.

Best Course of Action

Delete email, call sender. Never reply to emails for verification and always double check the phone number before calling it.