Search Results for "phish bowl"
COVID-19 Phishing Sample #5: Dirty little secret
In scams like these, the crooks don’t have any data on you, let alone details about all your family members and where they live. The “proof or secret” they may have is a password you used to have that was extracted from publicly available data leaked in an old data breach. Don’t be scared, send […]
Read moreCOVID-19 Phishing Sample #4: Coronavirus disease (COVID-19) outbreak prevention and cure update
This email instructs recipients to open an attachment for the purpose of receiving updated instructions on how to fight the coronavirus. This attachment was an archive that, when opened, revealed “Coronavirus Disease (Covid-19) CURE.exe.” When run, this executable loaded HawkEye, a keylogger which is capable of intercepting keystrokes, stealing credentials, taking screenshots, and exfiltrating its […]
Read moreCOVID-19 Phishing Sample #3
1 – From address is inconsistent with name 2 – Lure intended to entice user to click suspicious links; verify something like this with a reputable news source
Read moreCOVID-19 Phishing Sample #2
1 – From address is inconsistent with name 2 – Generic greeting 3 – 700,000 euros == if it looks too good to be true, it probably is 4 – Bank secretary with a Gmail.account + many, many punctuation and spelling errors
Read moreCOVID-19 Phishing Sample #1
From address claims Federal agency (CDC), but displays incorrect address. The attachment contains malicious code to infect the user’s computer.
Read moreQuick Request
This is similar to a previous Phish listed on the Phish Bowl, “Kindly provide your available cell number”. This time the scammer went a step further and set up a free Outlook email account with the name of the Chair they are impersonating. The name of the Chair is changed to a fake name in […]
Read moreInvoices, Subscriptions, or Renewals
The graphics below are examples of malicious emails reported to the Phish Bowl. Review the red flags to see why these emails should be deleted.
Read moreReaching Out
A number of people reported this email to the Phish Bowl. If someone replies to this email, they will be asked to either give personal information about themselves or buy virtual gift cards. Thanks to all who flagged it. The email from Kathy’s Stamps n Signs explained they were hacked and their email account was […]
Read moreInformational-severity alert:Creation of forwarding/redirect rule Case ID:IPx2rFL
This phishing email employs a fake security alert from Microsoft 365 to exploit the recipient’s trust and urgency, warning of a newly created forwarding rule to prompt immediate action. It uses a seemingly official Microsoft domain and format to appear legitimate, while embedding a malicious link designed to harvest credentials or install malware. The email’s […]
Read more