By Karina Weiler @PinkHat

You all know that phishing emails have become a major discussion point for us in this newsletter. Whenever we see Ransomware attacks or other cyber scams our first action is to access the situation, check what our recommendation is and then share it with you as soon as possible in an “Urgent Alert” email.

Well this time was not different, except that it happened to me. YES. I got 2 phishing emails last week. Here’s what they look like and what my actions were:

Email 1:

 

This one technically came from One Drive, claiming someone was trying to send me a large file. I swear I could hear Joy in my head saying: “You actually don’t have to click on a link to know where it’s going to take you”.  So what did I do? Notice the hyperlink “View Document-Pdf 00874” above - I hovered my mouse over it and what did I see? A shady link! (See red arrow above) Note that the words “One Drive” are not even included in that link… this is a huge red flag.

Email 2:

 

This email was - in theory - coming from Dropbox.com claiming that someone was trying to send me a large invoice file. My course of action was pretty much the same described above. But I want you to take a look at the destination URL it was going to take me had a click the link. There’s nothing even remotely close to Dropbox.com included in the link.

How to report phishing emails?

We recommend you forward these emails to reportphishing@antiphishing.org. The Anti-Phishing Working Group — which includes ISPs, security vendors, financial institutions and law enforcement agencies — they use these reports to fight phishing and to stop future messages before they get to you.

You should also report these to the FTC by Forwarding them to spam@uce.gov — and make sure to paste the original message header in the forwarded message (you find this by opening the email in Outlook and clicking "file", "info" and then "properties." At the bottom of the window that pops up is a section called "internet headers." You will select and copy that whole thing and paste it in the message you forward).

After forwarding these messages, the best thing to do is to right click the message and select "Junk - Block Sender" in outlook or right click and select "Mark as phishing" in O365 online.

More info here: https://www.consumer.ftc.gov/articles/0003-phishing#how on how to deal with phishing scams.

I also wanted to share an excerpt from our Security Awareness Training (that we make mandatory for most of our clients) where Joy talks specifically about this type of phishing scams. This is a secure link to our YouTube Channel: https://www.youtube.com/watch?v=AoRb6-NnwnI