How I Almost Fell for Phishing!
I take some pride in being “tech savy” enough that I would never fall for phishing.
However, it almost happened to me today! I’m sharing what happened so that others can avoid this issue.
I got this message in my company’s help desk (Intercom) on hawaiichee.com.
![Mail Mail](/static/607c93a4aed324251f4724a64769caae/1d69c/image1.png)
We have a very active Facebook media effort for our page:
facebook.com/HawaiiChee. We’re partnering with many content creators for content, so the message was very plausible.
What made the phishing attempt realistic?
- The URL provided in the main call-to-action link went to the official Facebook site. That was probably the only part of the email that I read super-carefully. Normally, a slightly misspelled URL is a tip-off to a scam site.
- There were no other typos in the email. So, the first part of the phishing attempt worked. It got me to click on the URL. Normally, that’s a pretty bad mistake already, but I knew I was going to the official Facebook site, so how bad can that be?
I skimmed very quickly the content on the left side of the Facebook page. HTTPS to Facebook. Must be legit, right?
![Form received Form received](/static/9cb8aacc21489659e68ae0abd24464ac/1d69c/image4.png)
Nothing jumped out at me, but, to be honest, my skimming was quick enough that I started to fill out the form.
I stopped just short of putting in my Facebook password._ Why would Facebook be asking for my password again?_ This did not make sense. Wait, and what about this grammar error “We made abble this form for”?
WAIT!
WHAT!
![Issues in the form Issues in the form](/static/4df52db4b5891fe1311f2b5284aa3401/1d69c/image2.png)
Heart racing, I double checked again. It’s the real FB site. What is going on?
Hey, there are more typos on this form. There weren’t, however, any on the email. I guess the hackers only spell and grammar check emails!
BINGO! This is a SCAM!
I noticed the “From” did have a typo in the domain name: “[email protected].” Notice, there’s no “e” in the “facebook”!
![Issues in the mail Issues in the mail](/static/c56a85bda2a741719eb7d7d64cedb007/e628c/image3.png)
HOLY !*#!
I was on the verge of putting in my FB password!
I went back and double checked the email. Yes, all real Facebook links. The ONLY surefire clue on the email was the misspelled “From” domain name. I bet that is why Google threw this in my spam folder originally.
I forwarded the email to [email protected]. However, I didn’t get any reply. I hope they track the scammers down!
And today, I got the same hack attempt again! But no stress today.
Tips for You to Avoid Getting Hacked
I hope this article might help you avoid getting hacked. The most essential bits of advice I can give you are:
- Two Factor Authentication (2FA) for sites that offer it, like Google, Facebook, Github, etc.
- Use a password manager like LastPass.com, 1Password.com
- Double and triple check from email address domains and links, and don’t click on links unless you’re sure they are legit.
- Scammers for some reason don’t spell and grammar check, so look out for that!
If this article helped you, please consider how you can help me:
- Check out hawaiichee.com if you’re considering looking for a vacation rental in Hawaii.
- Check out my company ShakaCode if you’d like my help with your web application development, be it a new project or help for your team, especially if you’re using Ruby on Rails plus React. I’m the creator of https://github.com/shakacode/react_on_rails.