![school folder factory phishing emails school folder factory phishing emails](https://sc01.alicdn.com/kf/HTB1MSdrXkSWBuNjSszd762eSpXag/China-factory-low-price-glossy-art-paper.png)
![school folder factory phishing emails school folder factory phishing emails](https://img.alicdn.com/imgextra/i2/6000000003285/O1CN01R286Hw1a8Zeida3fx_!!6000000003285-0-tbvideo.jpg)
Note that this particular InMail appears to have originated from a fake Wells Fargo account. In one case a user reported receiving a standard Wells Fargo credentials phish through LinkedIn's InMail: Here are some examples we've seen through KnowBe4's Phish Alert Button: Malicious actors mine that data to identify potential marks for business email compromise attacks, including wire transfer and W-2 social engineering scams, as well as a number of other creative ruses. LinkedIn has been the focus of online scams and phishing attacks for a number of years now, primarily because of the wealth of data it offers on employees at corporations. Users unlucky enough to encounter this version of the malicious script saw their PCs being taken hostage by Locky ransomware. On some users' PCs the embedded Javascript also downloaded and launched Nemucod, a trojan downloader with a long history of pulling down a wide variety of malicious payloads on compromised PCs.
School folder factory phishing emails install#
SVG (Scaleable Vector Graphic) image file which, notably, bypassed Facebook's file extensions filter. Users who clicked the file to open it were redirected to a spoofed Youtube page that prompted users to install two Chrome extensions allegedly needed to view the (non-existent) video on the page.įor most users, the two Chrome extensions were used to allow the malware a limited degree of self-propagation by exploiting the "browser's access to your Facebook account in order to secretly message all your Facebook friends with the same SVG image file." Several Facebook users received messages in their Messenger accounts from other users already familiar to them. Social Media Exploits Malicious Facebook Messages If users fail to enable the macros, the attack is unsuccessful. The phishing emails contain a sense of urgency for the recipient and as you can see in the below screenshot, the documents step users through the process. Malicious macros in phishing emails have become an increasingly common way of delivering ransomware in the past year. These documents too often get past anti-virus programs with no problem. Here are a few examples of credential phishes we've seen using this attack vector: HTML attachments are commonly used by banks and other financial institutions so people are used to seeing them in their inboxes. HTML files are not commonly associated with email-borne attacks.
![school folder factory phishing emails school folder factory phishing emails](https://img.alicdn.com/imgextra/i3/6000000007648/O1CN01brCGz726MpfirSjhO_!!6000000007648-0-m_tb_svideo_preimg.jpg)
First, there is a low chance of antivirus detection since. JS or .DOC file attachments, but they are desirable for a couple of reasons. HTML attachments aren't seen as often as. Infected Attachments The Hidden Dangers of. This email points users to a phony 1-800 number instead of kicking users to a credentials phish. Hovering over the links would be enough to stop you from ending up on a credentials stealing web site.Īnd here's a fake Microsoft notice, almost identical in appearance to an actual notice from Microsoft concerning "Unusual sign-in activity": but others look legitimate enough for someone to click if they weren't paying close attention:Ĭonsider this fake Paypal security notice warning potential marks of "unusual log in activity" on their accounts: Not surprisingly, the bad guys are using this to their advantage. Many are designed poorly with bad grammar, etc. Over the past few years online service providers have been stepping up their security game by messaging customers when they detect unusual or worrisome activity on their users' accounts.
![school folder factory phishing emails school folder factory phishing emails](https://sc02.alicdn.com/kf/H14a9ce7f85a247779fafc0a9a6ae7f97G.jpg)
School folder factory phishing emails archive#
While it would be virtually impossible to keep a current and fully comprehensive archive of these examples, it's a really good idea to keep updated on what's out there to make phishing attacks less likely.Ĭlassic Phishing Emails Tech Support Scams As you can see there are many different approaches cybercriminals will take and they are always evolving. Here's a small sample of popular phishing emails we've seen over the years.