Phishing: not the hook you're looking for

This post is a follow-up of sorts, to the previous "Twitter spam" post. In making the slide deck about Twitter spam I realized there were a few different variations of spam in general, especially within emails.

This post deals specifically with "phishing"

Another post will address email arriving from trusted sources but smelling particularly spammy due to phishing...

If Twitter has it's moments of Costco-sized spam deliveries than email is the place where Costco shops. 

A lot of email spam originates as "phishing" scams. These are emails designed to get the user to voluntarily offer up their username and password. These emails convince the recipient they need to pride details, or log in, to prevent something bad from happening. Once the user replies or logs in the scammers have their passwords and can use their accounts to send out spam to a users address book...




I created this quick tutorial for my colleagues to help them recognize and identify phishing scams:

We will never be immune from phishing scams and spam, and everyone will be compromised at one point or another (through their actions of those of others) but as GI Joe always said, knowing is half the battle...