Here is an update to this 2011 post about another phishing email received.
My colleague received this phishing email yesterday:
From: (my real first name and surname) [mailto: mdprivatemailbox @ gmail.com]
Sent: 21 June 2016 11:32
To: XXX XXXX – XXXXXXX Ltd (my colleagues real name and company)
Subject: Quick Request
Hi XXXX, (staff members real first name)
Are you available to quickly process a payment for me? Kindly confirm asap so I will email the necessary details you will need to process the payment.
XXX (my real first name)
The email purports to come from someone you know and sends to someone in the same domain name space, probably the same domain as your “normal” company email address. It cleverly uses first names to reduce the chance that someone will check it more carefully. It looks pretty convincing.
The phish: To convince my colleague at my company that I want them to confirm they can send a bank transfer today and that by emailing me to say that they can, that I would then give them the details of where to send the money to.
So if they do reply then they will automatically be sent account details probably somewhere abroad where it’s difficult, if not impossible to get the money back from.
(If you get caught by this one the your bank maybe able to get away with not compensating you as it would have been your specific instructions that sent the money and you were not hacked – in my opinion anyway).
Clearly the English grammar isn’t quite right and the fact that this would never happen is also of some protection.
But would you get caught if you were in a hurry? – Worth thinking about and discussing with your staff and colleagues. .
ALWAYS look closely at the ACTUAL email address that is sending you the email and never rely on the displayed name. Whenever there is any money involved or reference to finance or account details always check the reality by telephoning the person asking if they really sent it, if it is someone you know of course.
Stay safe online.
Original article published June 5th 2011:
As an example of a phishing and not “spear” phishing would be the following email received a few minutes ago.
Nice little logo huh?
The email address purports to come from Lloyds bank, when you look at it says “info @ email.lloydstsb.co.uk”, so far so good you might think…
But the link embedded in the email is to a site called “faakarfibreglass .com” I have taken the link out to discourage any clicking on it!
Watch out for these!