Our friend Larry Abrams who runs the bleepingcomputer site had something highly entertaining: "We regularly write about phishing emails at BleepingComputer.com in order to warn our readers about ongoing threats. Many scam emails are well crafted and their associated phishing sites are spot on, but sometimes you see ones that are so ridiculous that you have no choice but to laugh.
Such is the case with a phishing email that states it's from "email@example.com", has a subject of "Attension: Beneficiary", and pretends to be from "FBI Director Christopher Wray". This phishing email is not new, but someone must have restarted its campaign recently as it is starting to pop up again.
In the phishing email, shown below, the "Director" states that the FBI is helping to coordinate the transmission of $10.7 million dollars to you through Bank of America. In order to move forward with this transmission, you must contact the assigned Special Agent via email. Here is a screenshot:
Let's break down this phishing email
Let's face it, while some phishing emails are written extremely well and highly researched such as recent tax phishing emails, many are not. This one takes the cake and just begs to have some of its finer points broken down, which we have done below.
1. Do we really think FBI Directory Wray is going to be emailing us personally in order to arrange a transfer of $10.7 million dollars?
2. The "FBI SEEKING TO WIRETAP INTERNET". That is one BIG wiretap.
3. The phishing email actually tells you that the previous banking scam email was you received legal! WTH.
"We the Federal Bureau of investigation (FBI) through our intelligence-monitoring network have discovered that the transaction that the bank contacted you previously for was legal."
4. There are a lot of "scam" on the Internet. Thx for the warning.
"Because of so much scam going on Internet."
5. That check your receiving will be in a "2.1 kg" parcel. That's approximately 4.6 pounds and pretty heavy for a check.
It should go without saying that the FBI will never be contacting you via email to coordinate the transfer of funds. If you get one of these emails, just give it a read for a chuckle and then delete it."
Here is the technical background at Bleepingcomputer
We've got something really cool for you: the new Phishing Security Test v3.0!
Sending simulated phishing emails is a fun and an effective cybersecurity best practice to patch your last line of defense… your users.
Find out the Phish-prone percentage™ of your organization with our free updated Phishing Security Test that now includes our New Industry Benchmarking. See where you stack up! Industry Benchmarking enables you to compare your organization’s Phish-prone percentage with others in your industry.
Find out how you are doing compared to your peers and see the difference 12 months can make after using the integrated KnowBe4 Simulated Phishing and Security Awareness Training platform!
With Our Updated Phishing Security Test:
- You can customize the phishing test based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Start phishing your users now. Fill out the form, and get started immediately. There is no cost.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: