Example Phish 008
Quote
“Guests, like fish, begin to smell after three days.” – Benjamin Franklin
What to learn from this phish...
Look carefully at the web address of the link they want you to click. (first image, highlighted…)
-
It’s not going to anything related to the consulting company or one of their products.
-
DOT.BID…instead of DOT.COM
-
The "+" sign after the forward slash… not a common way of running websites…
-
Look up, “North Plate Bulletin” in google…(see the first image below…) –
northplatebulletin.com
exists, its’ a newspaper… but... -
northplatebulletin.bid is a BAD url!!! (second image below.)
There is no way around this…you have to be familiar with URLs, domains, and how they work.
Yes, it’s possible that this "David" got hack, but it’s very easy to make an email look like it came from any address.
Yes, companies are targeted. Would someone target your company? It's hard to say, and one would like to think probably not, but what if you were a secondary target? In this example, someone might have targeted the company where "David" works. Poor "David" fell for the scam and the attacker gained access to his client list. You got the bad email and so on a so forth.
Your web browser can protect against known "bad" links. Unfortunately, this relys on those links being reported. With so many links being generated for malicious puposes all the time, it's almost impossible to detect bad links.