Cybersecurity Insight

I Almost Fell for a Russian Phishing Attack

14 Sep

The Neovera blog discusses countless ways users can protect themselves against cyber attacks. However, I’ve never experienced one firsthand, especially a phishing attack. The phishing attack email came from the “Department of Motor Vehicle” (remember the spelling for later), and contained a lot of information about a moving violation that had not been paid with links directing me to “Lost Traffic Tickets”, “Get General Information” and “View”.

The first reaction I had was sheer panic – $441 is a lot of money; I don’t want to pay $441. My second reaction, however: WAIT A MINUTE, I DON’T HAVE A CAR. The following points made it clear that this message was a phishing attack:

Grammar errors: any self-respecting marketing professional would make sure that everything is spelled properly and follows correct grammatical procedure; there were plenty of errors in the email.

Link protocol: links are still a part of the sentence structure and shouldn’t divert grammatically; the three included did.

“From” Display Name: this was the kicker – every email has display name that “covers” the email address used. I did a simple Google search with email hidden beneath the display name, which showed the domain’s geolocation as “Russian Federation”.

Now, are these methods going to work every time you are a victim of a possible phishing attack? Probably not; the fact is, hackers are extremely smart and can easily use spell check or take “Marketing 101” online. But in all seriousness, they could easily alter the domain so that it showed as arriving from a legitimate location. It should also be noted that government agencies will not email you links directing you to view protected information; this is both for their safety and yours. Finally, always continue to learn about how you can protect and prevent cyber attacks on your personal and professional networks.