Phishing Gallery

A selection of phishing attempts that come to my own mailbox, and some reasons to suspect them even if my email client hadn't flagged them:

First up:  I'm going to miss my flight!  Or at least, I'm going to miss the price of the ticket I don't remember buying.  Ooh, I should download the receipt so I can untangle this mess!

...except, they don't actually have my credit card number.  In fact, it might be what they're after.  But since the payload under all that bait is a zip file, they probably want me to download, unpack and run their virus / trojan horse / whatever (collectively:  "Malware") so they can either watch my PC to get access to everything with a password, and / or use my machine to begin attacking others.  Notice that the zip file comes from the .ar top-level domain, which is the national domain of Argentina.  (Oh!  Are those wicked Argentinians waging cyber war on us now?  Well, maybe.  Or maybe the bad guys from Brazil, China, Romania or somewhere else just happened to compromise that server and are using it to cover their tracks.)

Next, I had mail!


The second link in this email actually goes where it says it does; this was true in the last example also.  I guess they figure that adds some legitimacy to the appearance of the thing.  But the payload here comes from the site shown in the bottom margin.

In our next example, I'm in trouble with a federal law enforcement agency!

I put most of the notes in the margin of the image here.  Just remember not to be pushed, panicked, lured or otherwise enticed past your own common sense.  Everyone who has fallen for one of these considers themselves level-headed, and they're usually right!  I don't like to spread cynicism, but I'll go for skepticism every time.  Be skeptical of unexpected email!

More examples to follow as the bad guys send them to me...