Danny's newsletter - Issue #9
In this post, I will go over what is phishing and how to better protect yourself against this threat. You will leave this post with the knowledge and awareness to protect yourself.
Phishing is attempting to coerce a user to give private information. This could be done in any of the following ways
A link to a fake spoofed landing page
An attachment that downloads malware
Asking for the information as an impersonator
In all these above cases, there is a level of deception that is attempted
Pretexting
Where the attacker creates a scenario and attempts to establish a foothold with the recipient.
This requires the attacker to build a credible story that leaves little room for doubt. This can go on for many emails, before they go for the kill.
Spear Phishing
A particularly insidious form of phishing. This is a highly targeted and well crafted message, not a “spray and pray” approach. An example could be a spoofed email with your school letterhead asking to input your data for registration.
Smishing
Essentially phishing but through text messages. This is much more popular nowadays with SMS being used for many notification related services.
Things to Remember when determining if an email is Phishing
Check the domain in the From: field
Hover over links to see where they are redirecting to (domain typo-squatting, etc.)
If you didn’t expect it, reject it
Remember, no legitimate company will ask for your password/pin over an email
Header Analysis
When wanting to go as thorough as possible with a suspicious email, you can look at the email headers for the full picture. Specifically, look at the From: field to verify the sender. Then, look at the Received: field to follow the route of the email. Even if you’re not too technical, this is very doable for the modern internet user.
I will go over this in a next post with a deep dive on header analysis.
Now that you know what to look for in a potential phishing attempt. Here is an email I got to an old mail address.
Based off of the screenshot, can you discern if this is a phishing attempt?
See you on the next one!