Today we will be investigating a phishing case.
Usually the attack of this type comes by email.
An email in which there is a text, a problem or a win and a link.
The text is made to make you go to the prepared website.
The link is usually hidden so you can not figure out where you are going and the hoax is easier.
Let’s start with the email I received so you can understand how you can protect yourself.
- Re: to what? Is this a response to an email that I sent to Apple? NO! … It’s a trick used to make you open the email believing it’s a response to an email sent by you.
- Apple support…. He caught your attention.
- Yandex?!? Yandex Browser is a freeware web browser. But it is still important. The Apple CEO sent you an email after he hired Yandex … that’s why he’s CEO .. to send email to users…
A link is hidden behind the button.
t.co is a Twitter shortener URL and behind this link is the true address we reach.
The good part is that when you are redirected …Twitter and Firefox warn you about the link you want to reach.
Let’s ignore everything this time …
It will ask you to enter bank details to unlock your account and a identification document.
After all, it redirects you to the real Apple website and you’ll sign in to your unlocked account.
At this point you will be glad you did not lose your account, but in reality you gave to the hacker all your banking data + identification documents.
Still let’s see what’s in the main domain.
A cpanel and a hint for recover the password.
Email: m—[email protected]—v.com
I think the data I’ve entered was also convincing (Insider, cyberunit)