You love when you randomly receive emails from "shipping companies" and actually, they're fake e-mails just to make you visit phishing website or download a script which completely destroys your PC or steals your information?
Yeah, I get alot of these and sometimes when I come back tired from school, I get scared. Then I look at e-mail address. Whew, what a relief!
If you buy from auction websites then you will get alot of them. Even if you have a bank account, they will still send you a phishing e-mail.
Purpose of these e-mails is to scare user, make him download or click a link and open downloaded attachment it downloads or just to simply, convince him that x thing has happened and steal his information in process
Here's what can happen from these attachments:
Attachment tricks [Scripts/.infected files included]:
And I think that's enough of "Safety 101" on Internet. You probably know by now not to click random shit you see on internet but still, it may be useful for some. Don't be a victim of phishing!
See ya in the next blog post!
Yeah, I get alot of these and sometimes when I come back tired from school, I get scared. Then I look at e-mail address. Whew, what a relief!
If you buy from auction websites then you will get alot of them. Even if you have a bank account, they will still send you a phishing e-mail.
Purpose of these e-mails is to scare user, make him download or click a link and open downloaded attachment it downloads or just to simply, convince him that x thing has happened and steal his information in process
Here's what can happen from these attachments:
Attachment tricks [Scripts/.infected files included]:
- Scripts which inject to your browser and then secretly grabs your passwords and sends to these fuckers
- Scripts which searches for every password stored on your device and sends it to their shitty database
- Malware, Trojans, RATs and other glorious remote script installers
- Account being stolen [Fake Phishing websites]
- Your data being compromised [Stolen credit card/heavy charges on your account/Credit rent]
- Stolen identity [Someone can make ID as you and other stuff]
- Check it's e-mail address
You know, they usually have x company as their name and surname. This is a example screenshot showing you what I mean
View attachment 101356
This is from official Geek Fuel thingy where they send you offers and what new stuff they have, you know how that goes already.
Highlighted Blue is company's name. Red color is their e-mail.
You need to pay enough attention to their e-mail. If x e-mail looks fishy as hell, don't believe it.
For example, there's a shipping company called DHL. I just got a phishing e-mail which just seemed extremely fishy.
According to that e-mail, I bought something.
The email was faked ([email protected]) Notice what was wrong. Free e-mail, bbc at the end. This is a red flag already, something you shouldn't trust. These companies use their own e-mails, not free inboxes.
In gmail, you need to click to show someone's e-mail. Do that. Everytime. Seriously.
-------------
View attachment 101356
This is from official Geek Fuel thingy where they send you offers and what new stuff they have, you know how that goes already.
Highlighted Blue is company's name. Red color is their e-mail.
You need to pay enough attention to their e-mail. If x e-mail looks fishy as hell, don't believe it.
For example, there's a shipping company called DHL. I just got a phishing e-mail which just seemed extremely fishy.
According to that e-mail, I bought something.
The email was faked ([email protected]) Notice what was wrong. Free e-mail, bbc at the end. This is a red flag already, something you shouldn't trust. These companies use their own e-mails, not free inboxes.
In gmail, you need to click to show someone's e-mail. Do that. Everytime. Seriously.
-------------
- Check their grammar
Something that scammer can't do? Type correctly. There will be grammar mistakes everywhere. Especially if your country has some special symbols like that fancy "e" and other stuff.
--------------
--------------
- Fishy attachments
View attachment 101357
But without useless irony, these attachments aren't added by companies. They wouldn't even be added by your local police. If you see something like this then please for the love of god, don't open it. If you downloaded it, delete it. Just remember not to double-click by mistake.
--------------
But without useless irony, these attachments aren't added by companies. They wouldn't even be added by your local police. If you see something like this then please for the love of god, don't open it. If you downloaded it, delete it. Just remember not to double-click by mistake.
--------------
- Fake sites
Alot of clickable images which instantly want to be saved to your PC? No cleared out boxes while trying to login?
[Banks have "Password" system which only requires you to give one or three letters of your password, rest is hidden/blanked out]
Any info goes through? No error messages? Site seems fishy?
Don't. PUT. YOUR. INFORMATION. THERE.
A BANK DOESN'T ASK YOU FOR YOUR CREDIT CARD CVV/CARD NUMBER. They have it in database and so they don't require it to activate your account. Also, they won't ask you for global billing number.
Examples:
View attachment 101358
Pressing any image on such phishing sites will result in a "Save as..." dialog to popup allowing you to save whole site. Most of these sites are just .png image stretched out to look as real as possible
----
View attachment 101360
No grammar or partially broken.
----
View attachment 101361
Mistyped url/fake url. Like we have Millenium Bank here, you can visit it via bankmilllenium.pl, not barkmillenium.pl. The first url is real, the other one [bark one] is fake. Pay attention to URLs!
----
[Banks have "Password" system which only requires you to give one or three letters of your password, rest is hidden/blanked out]
Any info goes through? No error messages? Site seems fishy?
Don't. PUT. YOUR. INFORMATION. THERE.
A BANK DOESN'T ASK YOU FOR YOUR CREDIT CARD CVV/CARD NUMBER. They have it in database and so they don't require it to activate your account. Also, they won't ask you for global billing number.
Examples:
View attachment 101358
Pressing any image on such phishing sites will result in a "Save as..." dialog to popup allowing you to save whole site. Most of these sites are just .png image stretched out to look as real as possible
----
View attachment 101360
No grammar or partially broken.
----
View attachment 101361
Mistyped url/fake url. Like we have Millenium Bank here, you can visit it via bankmilllenium.pl, not barkmillenium.pl. The first url is real, the other one [bark one] is fake. Pay attention to URLs!
----
And I think that's enough of "Safety 101" on Internet. You probably know by now not to click random shit you see on internet but still, it may be useful for some. Don't be a victim of phishing!
See ya in the next blog post!