{"id":48618,"date":"2014-12-02T17:08:09","date_gmt":"2014-12-03T00:08:09","guid":{"rendered":"http:\/\/hill-kleerup.org\/blog\/2014\/12\/02\/a-big-phishing-catch.html"},"modified":"2014-12-02T17:08:09","modified_gmt":"2014-12-03T00:08:09","slug":"a-big-phishing-catch","status":"publish","type":"post","link":"https:\/\/hill-kleerup.org\/blog\/2014\/12\/02\/a-big-phishing-catch.html","title":{"rendered":"A Big Phishing Catch"},"content":{"rendered":"<p>Yeah, I admit that I rely a lot on &quot;boy, this formatting looks bad&quot; and &quot;gee, this doesn&#39;t sound like it was written by a native speaker of English&quot; in evaluating phishing emails (<a href=\"http:\/\/en.wikipedia.org\/wiki\/Phishing\">http:\/\/en.wikipedia.org\/wiki\/Phishing<\/a>). Oh, I try to follow good practices, too (&quot;Um, no, I will not click on this link to go to my credit card company&#39;s security page &#8212; I&#39;ll go there myself&quot;), but the Laugh Test tends to be the first thing I rely on.<\/p>\n<p>Which fails when someone actually phishes in a <i>smart<\/i> way.<\/p><\/blockquote>\n<blockquote class=\"sm2wp\"><p>\n<a style='display:inline;' href='http:\/\/boingboing.net\/2014\/12\/02\/wall-st-phishers-show-how-dang.html?utm_content=buffer46b9e&#038;utm_medium=social&#038;utm_source=plus.google.com&#038;utm_campaign=buffer'><br \/>\n<img src='https:\/\/lh6.googleusercontent.com\/proxy\/f2Y0eMcJC5-oA4nXfmaCV9j_w7608hPz1_AK7Us5gHKC7T8EzBaa4t9doPc3DlEdYDStuwCgp8KkeyGjPFCuieik4dRtZU3bYylf4Zp4bTr62c6Q5w4NbCwhtzVXuuXuG4qIQFBP=w120-h120' border='0' style='max-width:650px;'\/><br \/>\n<\/a><br \/>\n<span style='font-size:large;'><a href='http:\/\/boingboing.net\/2014\/12\/02\/wall-st-phishers-show-how-dang.html?utm_content=buffer46b9e&#038;utm_medium=social&#038;utm_source=plus.google.com&#038;utm_campaign=buffer'>Wall Street phishers show how dangerous good syntax and a good pitch can be<\/a><\/span><br \/>\nMajor Wall Street institutions were cracked wide open by a phishing scam from FIN4, a hacker group that, unlike its competition, can write convincingly and employs some basic smarts about why people open attachments.\n<\/p><\/blockquote>\n<p><span style='font-size:small;'><a href='https:\/\/plus.google.com\/101083456815352083930\/posts\/NBnqufr1ANJ'>View on Google+<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yeah, I admit that I rely a lot on &quot;boy, this formatting looks bad&quot; and &quot;gee, this doesn&#39;t sound like it was written by a native speaker of English&quot; in evaluating phishing emails (http:\/\/en.wikipedia.org\/wiki\/Phishing). Oh, I try to follow good practices, too (&quot;Um, no, I will not click on this link to go to my &hellip; <a href=\"https:\/\/hill-kleerup.org\/blog\/2014\/12\/02\/a-big-phishing-catch.html\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;A Big Phishing Catch&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_seopress_robots_follow":"","_seopress_robots_imageindex":"","_seopress_robots_snippet":"","_seopress_robots_primary_cat":"","_seopress_robots_breadcrumbs":"","_seopress_robots_freeze_modified_date":"","_seopress_robots_custom_modified_date":"","_seopress_robots_canonical":"","_seopress_social_fb_title":"","_seopress_social_fb_desc":"","_seopress_social_fb_img":"","_seopress_social_fb_img_attachment_id":0,"_seopress_social_fb_img_width":0,"_seopress_social_fb_img_height":0,"_seopress_social_twitter_title":"","_seopress_social_twitter_desc":"","_seopress_social_twitter_img":"","_seopress_social_twitter_img_attachment_id":0,"_seopress_social_twitter_img_width":0,"_seopress_social_twitter_img_height":0,"_seopress_redirections_value":"","_seopress_redirections_enabled":"","_seopress_redirections_enabled_regex":"","_seopress_redirections_logged_status":"","_seopress_redirections_param":"","_seopress_redirections_type":0,"_seopress_analysis_target_kw":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[106],"tags":[],"class_list":["post-48618","post","type-post","status-publish","format-standard","hentry","category-plusposts"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":15563,"url":"https:\/\/hill-kleerup.org\/blog\/2009\/08\/12\/its-not-the-phishing-attempt-its-the-implication-that-im-an-idiot.html","url_meta":{"origin":48618,"position":0},"title":"It&#8217;s not the phishing attempt, it&#8217;s the implication that I&#8217;m an idiot","author":"***Dave","date":"Wed 12-Aug-09 1:24pm","format":false,"excerpt":"I mean ... Subject: Account Review From: service <update@support.com> As part of our security measures, we regularly screen activity in the system. We recently contacted you after noticing an issue on your account. We requested information from you for the following reason: We have observed activity in this account that\u2026","rel":"","context":"In &quot;Spam&quot;","block_context":{"text":"Spam","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/computer-security\/spam"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4339,"url":"https:\/\/hill-kleerup.org\/blog\/2003\/09\/22\/words_of_advice.html","url_meta":{"origin":48618,"position":1},"title":"Words of advice","author":"***Dave","date":"Mon 22-Sep-03 2:24pm","format":false,"excerpt":"If you've decided to go in for a phishing scam (using an e-mail purporting to be from some e-commerce firm to get the hapless sucker to go to a web...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8175,"url":"https:\/\/hill-kleerup.org\/blog\/2005\/05\/02\/go_phish.html","url_meta":{"origin":48618,"position":2},"title":"Go phish","author":"***Dave","date":"Mon 2-May-05 10:52pm","format":false,"excerpt":"Phishing is the attempt to get you to tell folks your userids and passwords and similar identity-thievable items, usually by tricking you. The classic is the false bank (or credit...","rel":"","context":"In &quot;Spam&quot;","block_context":{"text":"Spam","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/computer-security\/spam"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4827,"url":"https:\/\/hill-kleerup.org\/blog\/2003\/12\/23\/what_have_you_g.html","url_meta":{"origin":48618,"position":3},"title":"What have you got in your in-box?","author":"***Dave","date":"Tue 23-Dec-03 3:55pm","format":false,"excerpt":"An Open Letter to Businesses Sending Out E-Mail, Capital One in Particular: Given the wide array of Internet e-mail scams and spoofs and phishing expeditions, if you send out an...","rel":"","context":"In &quot;Spam&quot;","block_context":{"text":"Spam","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/computer-security\/spam"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7667,"url":"https:\/\/hill-kleerup.org\/blog\/2005\/01\/20\/spam_spam_spam.html","url_meta":{"origin":48618,"position":4},"title":"Spam, spam, spam and phish","author":"***Dave","date":"Thu 20-Jan-05 6:59am","format":false,"excerpt":"Intersting -- and alarming -- note on how phishers are getting more sophisticated. \"Phishing\" is an attempt, usually through e-mail, to get you to reveal confidential account information. The most...","rel":"","context":"In &quot;Spam&quot;","block_context":{"text":"Spam","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/computer-security\/spam"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":45614,"url":"https:\/\/hill-kleerup.org\/blog\/2014\/10\/01\/heavens-to-bit-ly.html","url_meta":{"origin":48618,"position":5},"title":"Heavens to Bit.ly","author":"***Dave","date":"Wed 1-Oct-14 10:11am","format":false,"excerpt":"Well, one mostly-sussed-out mystery solved. Bit.ly links weren't working from my company's network, and it turns out that the company has blocked it because the service was so widely used in phishing attacks.Of course goo.gl and t.co and other shorterner services all seem to be functioning fine, but presumably phishers\u2026","rel":"","context":"In &quot;~PlusPosts&quot;","block_context":{"text":"~PlusPosts","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/plusposts"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/hill-kleerup.org\/blog\/wp\/wp-content\/uploads\/2014\/10\/Batman%2BNo.gifimgmax%3D660.gif?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/48618","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/comments?post=48618"}],"version-history":[{"count":0,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/48618\/revisions"}],"wp:attachment":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/media?parent=48618"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/categories?post=48618"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/tags?post=48618"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}