Phish or Be Phished. That is the question!

DEAR USER, thank you for renewing your “GEEK Squad” purchase.

Yes, I am sure we have received suspicious emails. Receiving unsolicited emails nothing new? Let’s look at this message to see if this is a legitimate email or a business email compromise.

Email phishing attacks are becoming more challenging to spot.

For starters, how did this email make it into my Gmail box? Why did the email provider’s email anti-spam and anti-phish protection layer not quarantine the message? Even with a generic greeting, you would think an AL-powered anti-phishing protection engine would have blocked the message.

Look at the sender’s email address: Aidem Thomas <[email protected]>- First name — last name — @gmail.com.

Warning flags — What to look for in phishing campaigns

• 1. Why would an email message from “GEEK Squad” originate from a Gmail address?
• 2. If I had automatic renewal, why would the suspicious message be addressed to “DEAR USER.”
• 3. If this did come from “GEEK Squad,” where is the Best Buy in the email headers?

Of course, there is a PDF attachment showing my receipt of payment.

• ** Please do not open these files unless you want to test your antivirus and anti-malware software loaded on your device! Even with some excellent advanced threat protection, do not risk exposure to your device.

Does this phishing attack constitute a possible identity theft? Maybe.

I have used this email address for 17 years and rarely delete any messages. (Thank you to Google for granting so much storage. Happy data mining!)

Somehow, somewhere this email was attached to a service that suffered a security breach, or maybe the phishing scammer looked up my public information.

Time to panic and start changing every password? Yes, I would recommend using a password vault manager software solution. By practice, you should universally change your passwords randomly throughout the year.

Phishing attacks often rely on social engineering techniques to trick users into revealing sensitive data. Social media sites like LinkedIn, Facebook, and Google+ are commonly exploited to access user accounts. Once an account is compromised, hackers may attempt to impersonate me online or send emails pretending to come from trusted contacts.

Phishing will always be part of the cybersecurity and risk management landscape. Whaling, spear, barrel, reverse social engineering, malware, ransomware, account compromise. Many vendors are leveraging more AI and ML to stop these attacks.

Spoiler alert — Hacking AL and ML is coming in an upcoming blog!

If you receive an email praising you for your most extraordinary efforts in life or maybe a job offer for a position you never applied for, this is a phish.

Take a few moments to overcome the initial “awe” moment, then check a few things:

• Senders email — Did the email originate from a company domain or Google account?
• Misspelled words — Yes, if you see your name misspelled, delete it and move on.
• Your name is not on the email.
• Someone from the third grade extorting you for money (yes, this does happen)

Delete the message before you click on any links or attachments.

Be safe, be ready, and be patient when reading phishing emails.

All the best,

John