How I Almost Fell for Phishing!

April 05, 2018Dotby Justin Gordon

I take some pride in being “tech savy” enough that I would never fall for phishing.

However, it almost happened to me today! I’m sharing what happened so that others can avoid this issue.

I got this message in my company’s help desk (Intercom) on hawaiichee.com.

Mail
Mail

We have a very active Facebook media effort for our page:

facebook.com/HawaiiChee. We’re partnering with many content creators for content, so the message was very plausible.

What made the phishing attempt realistic?

  1. The URL provided in the main call-to-action link went to the official Facebook site. That was probably the only part of the email that I read super-carefully. Normally, a slightly misspelled URL is a tip-off to a scam site.
  2. There were no other typos in the email. So, the first part of the phishing attempt worked. It got me to click on the URL. Normally, that’s a pretty bad mistake already, but I knew I was going to the official Facebook site, so how bad can that be?

I skimmed very quickly the content on the left side of the Facebook page. HTTPS to Facebook. Must be legit, right?

Form received
Form received

Nothing jumped out at me, but, to be honest, my skimming was quick enough that I started to fill out the form.

I stopped just short of putting in my Facebook password. Why would Facebook be asking for my password again? This did not make sense. Wait, and what about this grammar error “We made abble this form for”?

WAIT!

WHAT!

Issues in the form
Issues in the form

Heart racing, I double checked again. It’s the real FB site. What is going on?

Hey, there are more typos on this form. There weren’t, however, any on the email. I guess the hackers only spell and grammar check emails!

BINGO! This is a SCAM!

I noticed the “From” did have a typo in the domain name: “noreply@facbooksupport.com.” Notice, there’s no “e” in the “facebook”!

Issues in the mail
Issues in the mail

HOLY !*#!

I was on the verge of putting in my FB password!

I went back and double checked the email. Yes, all real Facebook links. The ONLY surefire clue on the email was the misspelled “From” domain name. I bet that is why Google threw this in my spam folder originally.

I forwarded the email to phish@fb.com. However, I didn’t get any reply. I hope they track the scammers down!

And today, I got the same hack attempt again! But no stress today.

Tips for You to Avoid Getting Hacked

I hope this article might help you avoid getting hacked. The most essential bits of advice I can give you are:

  1. Two Factor Authentication (2FA) for sites that offer it, like Google, Facebook, Github, etc.
  2. Use a password manager like LastPass.com, 1Password.com
  3. Double and triple check from email address domains and links, and don’t click on links unless you’re sure they are legit.
  4. Scammers for some reason don’t spell and grammar check, so look out for that!

If this article helped you, please consider how you can help me:

  • Check out hawaiichee.com if you’re considering looking for a vacation rental in Hawaii.
  • Check out my company ShakaCode if you’d like my help with your web application development, be it a new project or help for your team, especially if you’re using Ruby on Rails plus React. I’m the creator of https://github.com/shakacode/react_on_rails.
Are you looking for a software development partner who can
develop modern, high-performance web apps and sites?
See what we've doneArrow right