Skip to content

Example Phish 010

Quote

“The charm of fishing is that it is the pursuit of what is elusive but attainable, a perpetual series of occasions of hope.” – John Buchan

What to learn from this phish...

This is a phishing scenario, but it's important to understand that it first sends you to a legitimate site and then presents you with the "bad" links later on.

It's a trick to gain confidence and hope that a recipient will check the first link, but not the second. It can bypass link checkers and it's more familiar as many people these days use online file sharing systems like OneDrive, DropBox, Box.com, etc.

In the email itself - goes to a Microsoft owned site and used legitimately for OneDrive - their online storage tool.

Once on the OneDrive webpage - you are presented with the web version of a OneNote note that has two files in it with two links, both to the same place.

Takeaways

  • Take notice of the 3 slashes and the first dot working backwards from the 3d slash.
  • Thats the target of the link.
  • unless ademarojaya.com is something you recognize, this is not a legitimate link, site, or email.
  • Best course of action: delete email, call sender. Never reply to emails for verification and always double check the phone number before calling it.