March 1, 2018

Here’s a Phishing Scam For You!

Filed under: Main — admin @ 12:01 am

The Bad Guys win by using social engineering. They fool you into surrendering your trust. Act too quickly, and your account can be compromised. It happens all the time, even to the best of us.

This past weekend, I received an email with the contents shown in Figure 1.

Figure 1. This really looks like a LinkedIn invitation, but it’s not.

I get a lot of invites from LinkedIn. The email shown in Figure 1 looks very similar to a legitimate LinkedIn invitation. Two things are unusual, however: First, LinkedIn invitations don’t expire. So the message, “Your invitation expires tomorrow” stood out. Second, the sending address was not LinkedIn.

Upon further examination, I could tell that the message was bogus. The link accessed from the Accept button was some other site, not the return email address or anything else I recognized. I didn’t click it, but if I did, I’m sure nasty things were waiting for me.

Phishing attacks work to fool you, but they’re most effective when they gain your trust. In Figure 1 is an invite, similar to the dozens I’ve received from around the world. My habit is to click to accept the invitation. The Bad Guys count on that habit to steal accounts and compromise security.

Had I been hasty, I probably would have clicked the link. So my advice is not only to be suspicious, but slow down!

The only time I’ve compromised an account was when I was in a hurry. Yes, I actually typed my eBay account information on a phishing website. I immediately saw what I did, accessed the real eBay, and changed my password.

It pays to slow down!

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress