Friday, February 21, 2020

Costco Phishing Email - Costco has a BIG surprise for you

For the record, this is an Costco phishing email attempt that is recently going around.  What to do?  Report them, goto bottom of page.

Interesting aspects of this phishing email; 
  1. https://aws.amazon.com/ using Amazon AWS
  2. https://storage.googleapis.com/ using Google Cloud Platform


From : Congratulations! <Reward@fen.affpartners.com> aliased from  
2m5ivjvhd@qwymv---qwymv----ap-southeast-2.compute.amazonaws.com


Subject
 : 
Costco has a BIG surprise for you



Phishing Links

The gatcha here is if you can't see image below, baiting you to click the link here

1. https://storage.googleapis.com/wadraritest/costco%20link.html
2. https://storage.googleapis.com/wadraritest/costco%20unsb.html - unsubscribe



How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

No comments:

Post a Comment