SANS ISC provides an in-depth look at Phishing attacks using a real example. Fake images, links, and email headers are used to make these realistic & thankfully many email filters block these into SPAM or junk folders automatically. Still, user security awareness training is essential.
With the sustained persistence of COVID-19 globally, postal and e-commerce related phishing e-mails remain as one of the most widely favored methods by adversaries and cybercrime groups. Although postal and shipping companies have often put-up warnings with respect to phishing sites and e-mails (for example Singapore Post and DHL ), phishing sites and e-mails continue to be propagated.
While organizations continue to deploy technologies and invest in security awareness training to allow better detection of phishing e-mails, individuals who are not particularly IT-savvy could fall prey to such phishing e-mails, especially with respect to their personal e-mail accounts who may not have enterprise phishing protection features. I was recently forwarded one phishing e-mail for a quick look. Unfortunately, by the time I got to it, the phishing page appeared to have been taken down. However, there were some salient points that struck me when I analyzed the contents of the e-mail, and wanted to talk a bit about it so as to increase awareness.