Screenshot 2018-01-06 14.27.57

Take a look at the body of this e-mail message advising the target that their e-mail account will be deactivated. There are several things to note here. First, the individual is working a list of known good e-mail accounts. Second, take a look at how the perpetrator spells “De-activation.” They also include a footer to the message indicating not to respond to this e-mail. The objective here is to get the unsuspecting target to click on the hyperlink.

The image below reveals that the message comes from a callmeamanda321. This is a bogus email account which is the reason they attempt to steer you from responding to their email via a reply. A common practice used in legitimate transactions; for example, advising you that your purchase has shipped or other informational messages. The callmeamanda321 is bogus (.i.e. non- existent account)  or mapped to another email account.

These types of phishing attacks are relatively successful because of the topic, composition and the fact that they have your actual e-mail address, and reference it in the body of the message text.

The majority of cyber attacks on government and enterprise IT resources come from these types of e-mail attacks, and the inability of the individual to assess the validity of the message content. 

Screenshot 2018-01-06 14.31.06

This entry was posted in Cyber and tagged , , , . Bookmark the permalink.