E-mail links: be very skeptical before clicking (Phishing Example)

An example of a phishing email, looking for someone to casually click on a link and unleash spam, virus, malware, ransomware, etc.

Original E-Mail (some information redacted)

Comments

From: Mike xxxxx [mailto:mxxxx @blaze-inc.com]
Sent: Monday, July 17, 2017 3:11 PM
To: South Central Surgery Center (scsc7272 @embarqmail.com) <scsc7272 @embarqmail.com>
Subject: Action Required: Please Docusign

Are these domains something you recognize?

WhoIS: blaze-inc.com

Registrant Contact
Name: PERFECT PRIVACY, LLC
Street: 12808 Gran Bay Parkway West
City: Jacksonville
State: FL
Postal Code: 32258
Country: US
Phone: +1.5707088780

WhoIs: embarqmail.com

Registrant Contact
Name: Domain Administrator
Organization: CenturyLink, Inc.
Street: 100 CenturyLink Dr.
City: Monroe
State: LA
Postal Code: 71203
Country: US
Phone: +1.3183889000
Fax: +1.3183889000

Mike used Docusign to share some docs files with you. Kindly click review document to access the shared documents.

Grammar is a little off.

What’s behind the link? No one we know and doesn’t line up with any of the domain information in the email.

WhoIs: abranec.org

Registrant Contact
Name: wagner andriotti
Street: Rua Tiburcio de Sousa, 1140
City: Sao Paulo
State: SP
Postal Code: 08140000
Country: BR
Phone: +55.1139317540

Email me back if you have any questions.

The email has a basic text formatting , no company signature and a “form letter” feel to it.

Best Regards,

Mike xxxxx.

Resources:

Scam of the day – May 18, 2017 – DocuSign phishing scam

E-mail links: be very skeptical before clicking (Phishing Example)

Resources:

Like this:

Related

Resources:

Share this:

Like this:

Related