I got the below email today. Phishing is a problem, obviously, but it also tends to provide a lot of entertainment value to information security professionals. There are lots of fun little tricks that Phishers use in their emails. They hope to get you to click on their links and then send you to a site where you’ll put in your username and passwords. It’s fun to see how creative and how stupid they can get. It’s also interesting to see how little effort a lot of them put into their attempts.
This email is obviously phishing because it is sent to undisclosed-recipients:; and American Express would refer to me as “Dear Sherrod DeGrippo,” not “Dear customer.” The bad grammar and randomly capitalized letters are another give away. An appeal to “secure online service against any fraudulent attempt,” is pretty funny too.
Looking at the mail headers is funny too. Because this was in my spam folder and was actually marked spam due to my low spamscore threshold. It got marked as spam not for phishing, but for forging the MUA. Adorable.
tests=[FORGED_MUA_OUTLOOK=4.199, FORGED_OUTLOOK_HTML=0.001, FORGED_OUTLOOK_TAGS=0.8
But as with all phishing, the biggest give away is that the email doesn’t link to AmericanExpress.com, but to something completely unrelated. I’m also pretty sure that AmEx prefers really showy, ridiculously fancy html emails, not just a single logo at the top.
If you want to be transported back to the early 2000s and take a quick Phishing proficiency quiz, SonicWALL has one that is pretty cute.