I came across this article and found it quite interesting. As the holiday season coming, people are planning their trips and booking hotels. I won’t be surprised when a phishing email like this got many people tricked. I have to say nowadays the phisher made more efforts in luring people since people are more aware of the traditional attacks. The email is quite convincing by using popular hotel names like Four Seasons Hotel and had the sender using a seemingly legitimate website like booking.com as well as a standard confirmation format with a confirmation number and receipts as attachment. The tricky part of this email is that even people didn’t reserve any hotel or didn’t happen to plan a trip, they would click on the attachment to make sure that their credit card wasn’t charged. The psychological trick is pretty impressive in my opinion. The article warned people to be aware with any email with attachments out of blue. But even that I can still see a lot of people got caught by this type of emails.
I used to always think phishing is dumb and it won’t ever work but then I realize social engineering is actually more useful than I thought. I remember seeing my facebook friends post things that’s weird but interesting enough that made me want to click. There was one time, one of my good friend post something about weight loss. I was totally gonna click but I gave a second thought and texted her before I did that. She was confused about what I was talking about and shocked about the spam “she” sent out. Sometimes we get curious because the links are too ridiculous. Also there are some vicious facebook apps that lure people to use it and post random stuff on behalf of the users. A popular one is the one tells you the top 10 stockers. Since facebook doesn’t disclose that information, people are always curious and easily lured to apps like that.
Believe it or not, phishing works and works pretty well. Even at rice we got emails to check our accounts and 1 hour later IT sent out email warning us about phishing. Being aware is the best thing we can do but it is not enough. It will always be a battle.