How I Almost Fell for Phishing!

productivityApril 05, 2018by Justin Gordon

I take some pride in being “tech savy” enough that I would never fall for phishing.

However, it almost happened to me today! I’m sharing what happened so that others can avoid this issue.

I got this message in my company’s help desk (Intercom) on hawaiichee.com.

We have a very active Facebook media effort for our page:

facebook.com/HawaiiChee. We’re partnering with many content creators for content, so the message was very plausible.

What made the phishing attempt realistic?

The URL provided in the main call-to-action link went to the official Facebook site. That was probably the only part of the email that I read super-carefully. Normally, a slightly misspelled URL is a tip-off to a scam site.
There were no other typos in the email. So, the first part of the phishing attempt worked. It got me to click on the URL. Normally, that’s a pretty bad mistake already, but I knew I was going to the official Facebook site, so how bad can that be?

I skimmed very quickly the content on the left side of the Facebook page. HTTPS to Facebook. Must be legit, right?

Nothing jumped out at me, but, to be honest, my skimming was quick enough that I started to fill out the form.

I stopped just short of putting in my Facebook password. Why would Facebook be asking for my password again? This did not make sense. Wait, and what about this grammar error “We made abble this form for”?

WAIT!

WHAT!

Heart racing, I double checked again. It’s the real FB site. What is going on?

Hey, there are more typos on this form. There weren’t, however, any on the email. I guess the hackers only spell and grammar check emails!

BINGO! This is a SCAM!

I noticed the “From” did have a typo in the domain name: “noreply@facbooksupport.com.” Notice, there’s no “e” in the “facebook”!

HOLY !*#!

I was on the verge of putting in my FB password!

I went back and double checked the email. Yes, all real Facebook links. The ONLY surefire clue on the email was the misspelled “From” domain name. I bet that is why Google threw this in my spam folder originally.

I forwarded the email to phish@fb.com. However, I didn’t get any reply. I hope they track the scammers down!

And today, I got the same hack attempt again! But no stress today.

Tips for You to Avoid Getting Hacked

I hope this article might help you avoid getting hacked. The most essential bits of advice I can give you are:

Two Factor Authentication (2FA) for sites that offer it, like Google, Facebook, Github, etc.
Use a password manager like LastPass.com, 1Password.com
Double and triple check from email address domains and links, and don’t click on links unless you’re sure they are legit.
Scammers for some reason don’t spell and grammar check, so look out for that!

If this article helped you, please consider how you can help me:

Check out hawaiichee.com if you’re considering looking for a vacation rental in Hawaii.
Check out my company ShakaCode if you’d like my help with your web application development, be it a new project or help for your team, especially if you’re using Ruby on Rails plus React. I’m the creator of https://github.com/shakacode/react_on_rails.

Closing Remark

Could your team use some help with topics like this and others covered by ShakaCode's blog and open source? We specialize in optimizing Rails applications, especially those with advanced JavaScript frontends, like React. We can also help you optimize your CI processes with lower costs and faster, more reliable tests. Scraping web data and lowering infrastructure costs are two other areas of specialization. Feel free to reach out to ShakaCode's CEO, Justin Gordon, at justin@shakacode.com or schedule an appointment to discuss how ShakaCode can help your project!

Justin Gordon

Share this article

Are you looking for a software development partner who can

develop modern, high-performance web apps and sites?

See what we've done