I just ran across this site Phishing Site in our spam quarantine folder, the sender had targetted a few thousand users on the system over the course of a few days. The thing that I found most interesting about this particular Phishing site is what I like to call the nibble.
Each of the screens asked only for enough information to make you comfortable.
Nothing more, there was no asking for a birthday on the account validation screen, they waited until the next step in the process to ask for information that would immediately cause you to question the validity of the website.
They baited the hook and waited for the Phish to come. Please watch the video below.
Had it all worked I would have provided:
- PayPal Credentials
- Physical Street Address
- First / Last Name
- Credit Card, CVV and Expiration Date
- My Date of Birth
The only thing they did not ask for is mothers maiden name.
Initial Credentials Page.
This served to create trust, looks just like a PayPal login
Internal Page – Verify your account
The purpose here is to get you to verify your PayPal account, they already have your username and password to your actual PayPal account on the line before, but now they want your credit card info.
Internal Page – Verified by Visa
There are a few typos, but overall a great page. Nice touch using the Verified by Visa Logo.
I do have to mention that their “loading” and “transitions” between the pages were spot on target. I’ll give them an A for effort. If you’d like to educate your company on what to be on the lookout for when it comes to Spear Phishing please let us know.