Most phishing emails are actually easy to spot - they either take advantage of the person's gullibility (419 scams that claim you can help some obscure price/businessman/politician to transfer money) to the more direct; your banking account has expired; please enter your password in this site. Modern phishing sites are even more advanced and often replicate, very closely the target website's look and feel.
This morning, I got a phishing email which was frankly amazing, not only how it is constructed; but how well it is disguised with an air of legitimacy. An email, asking you to download software, to protect you from phishing is simply brilliant!
For me it was easy to spot this as a phishing email; and I was impressed that Gmail also picked it up. The from address is suspect (Standard Bank after all is a South African company, not polish), the reported from address is not Standard bank's website; and the link in the email is not to a Standard Bank website. And lastly, I am not a Standard bank customer. But I suspect, others may fall for it - and thus this post is both a warning and at the same time an admiration for a very well directed phishing scam.
2 comments:
Haha, this means that Standard Bank's Rapport anti-phishing/keylogger software is useless. Even though the software itself would work, the phishers simply change their strategy to offering fake Rapport (probably a keylogger)
Yep - hence the brilliance of the spam email.
Post a Comment