While cyber threats continue to advance in new and intimidating ways, classic or say simple phishing methods are still a favorite among phishing emails, such as pretending to be a well-known vendor. Let's take a look at a recent Facebook-themed phishing attack. Keep alert to spot any red flags in your email box.
The email appears to come from Facebook and starts with “Hi User”. The body states that there is an issue with your account that you must log in to resolve. The email includes a link to “verify” your account and ends with the line
“This link will expires in 72 hours, We appreciate your attention to this matter.”
If you click the link, you are taken to a phony look-alike Facebook login page. Any information that you enter on this page is delivered straight to the bad guys.
It's not a new trick in email phishing, but old-school strategies work for cyber crimes too. How many red flags did you see? Remember the following tips:
Question everything. For example, your name is part of your Facebook profile, so why is the email addressing you as “User”?
Look for a sense of urgency. In this example, the email gives you 72 hours to verify your account. Remember, the bad guys rely on impulsive clicks.
Pay close attention to the grammar and capitalization. For example, the words “This link will expires in...” should be “This link will expire in...”. Also in that same line, the word “We” is in the middle of a sentence, so this should be lowercase.
Do you think Facebook can send one sentence with two grammar errors? This phishing should work only for victims with poor English skills. More tools and helpers to spot these red flags are in