Versions Compared

Old Version 28

changes.mady.by.user Alex Markessinis

Saved on

compared with

New Version 29

changes.mady.by.user Alex Markessinis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the example below Alex is the target of a phishing scam by an attacker who is pretending to be Ryeley. The attacker is very convincing; they've used Ryeley's real email signature and changed the sender name to Ryeley's full name. The attackers emails are in red, and the targets emails are in blue.

...

From: Ryeley Kuykendall

...

<networkadmin@my.

...

com>

Date: Wed, Mar 20, 2019 at 6:13 PM

Subject: Re[3]: Re[2]: Urgent Request

To: Alex Markessinis <alex.

...

markessinis@sage.

...

edu>

On Wed, Mar 20, 2019 at 5:59 PM Ryeley Kuykendall

...

<networkadmin@my.

...

com> wrote:


Available?


Ryeley Kuykendall,

Network Administrator

Cowee Hall, Troy Campus

The Sage Colleges

--------------------------------------------

On Wed, Mar 20, 2019 at 6:02 PM Ryeley Kuykendall

...

<networkadmin@my.

...

com> wrote:

I'm in a meeting right now, I need you to help me complete a task right away from any nearest store around.


Thanks


Ryeley Kuykendall,

Network Administrator

Cowee Hall, Troy Campus

The Sage Colleges

--------------------------------------------

On Wed, Mar 20, 2019 at 6:13 PM Ryeley Kuykendall

...

<networkadmin@my.

...

com> wrote:

Are you receiving my emails?


Thanks


Ryeley Kuykendall,

Network Administrator

Cowee Hall, Troy Campus

The Sage Colleges

--------------------------------------------

Wednesday, 20 March 2019, 11:00 PM +0100 from Alex Markessinis <alex.

...

markessinis@sage.

...

edu>:

Sure? What is up?

--------------------------------------------

Wednesday, 20 March 2019, 11:03 PM +0100 from Alex Markessinis <alex.

...

markessinis@sage.

...

edu>:

Okay.

What do you need?

--------------------------------------------

Wednesday, 20 March 2019, 11:06 PM +0100 from networkadmin@my.com

...

<networkadmin@my.

...

com>:

Here is what you need to do for me real quick. I need google play gift

cards, can you get some at the store right now? Let me know to advise

denomination to purchase. I will reimburse you all expense as soon as I'm

done.


Thanks


Ryeley Kuykendall,

Network Administrator

Cowee Hall, Troy Campus

The Sage Colleges

We always advocate checking the email address being used to send the email rather than just looking at the senders name. This will help you verify whether the email is legitimate or not. In the example above you can see the email being used by the attacker is networkadmin@my.com. This is not a valid Sage email address as it does not end with @sage.edu, however, the name used is the name of a Sage employee.

...