1 phish, 2 phish, 3 phish….

🚨 Beware of Phishing Attempts: A Quick Reminder 🚨

Phishing relies on emotions, not logic. Recently, an acquaintance got a fishy message threatening account deletion. Classic move to trigger panic and get you clicking. But here’s the scoop:

• Step one: Don’t click the link
• Step two: Seriously, don’t click the link!

While at first blush this may appear to be almost-kinda-sorta-legit, upon further review it screams phishing attempt. 

🕵️‍♂️ Here are a couple things to be on the lookout for:

• Urgent threats (account deletion, anyone?)
• Dodgy grammar and spelling
• Sketchy websites that scream “NOT legit”

Many phishing attempts prey on the ability to manipulate people into an emotional response rather than a logical one. 

In this case, through an urgent call to action with a threat of loss (account deletion) the threat actor is trying to get the target to simply click the link. It could be a low-effort attempt to install malware, but it is more likely they are trying to harvest login credentials for use later on. 

In the cyber and info-sec worlds, there are several forms of this and this case is no different. As you can see from the screen shot here, the scammer has set up a low-effort “Meta-ish” looking front page to get people to click it and fill out a form. 

🚩 The Red Flags on this one?

• Poor grammar (common theme, huh?)
• A very-not-Meta website address
• And a typo in the URL address: /supporpage668

Bottom line: No matter how urgent, don’t be fooled. Don’t click that link!