Phishing Attempts Against IPVM Employees - Any Insights?
To help make others aware of phishing tactics, I want to share details of a recent attempt against an IPVM employee. Also, in event there are those who have expertise or insight into how common various phishing tactics are- it would be good to hear what you think.
In the below examples, a sender, using a Gmail account, is pretending to be John Honovich – using his name and title (in one attempt), to approach an IPVM employee.
**** ****** *** ** *** ******** these ******** ******* ***:
** *** ****** **** ***** – we've **** **** **** ****** ** IPVM- ***** **** ** ******** ** the ****, ** *** ******** ******* their ********, **** *** ********** **** a ******** *******.
**** ****** **** *** ******* *********** or ********** *******?
Login to read this IPVM discussion.
**'* ********* ****? **'* ****** *** it **** ***** ********? *** ********?
| 11/16/21 04:32pm
** **** **** ** ** ****** automated, ***** * ****** *** ** human ********. *'** ****** ****, *** Angela *** **** ******** ****, *** had *** ****/***** **** ** *** "from" ***** ** **** **** ** her *********. ** *** ****, *** phishers ********** * ****** **** *** very ***** ** ***** ******* ******, but ** **** * *** **** it ***** **** **** **** *** result ** **** ***** **********.
******* ******** **** ********* *** ******** telling ** **** **** ** ***** new **** ******* *** ** ****** employees **** *** ********** ** *** company ***** *** ** **** **** email *** ********* ****** **** ** purchase ***** **** ***** ** ***** items *** ********* ******* *****. * think ***** ********* ******** ****** *** very **********.
* *** * ******* ***** **** so * ***'* ***** ** ** anything ******* ******* ****.
**** ** **** **** ***** ******…
*** * ****** *****. *** **** they ****.
*** **** ** *** * ***** for **,
**** **** ** ******,
**** ******* *****, ********* ***** ***** addresses... ** ***** ****** *** ******. There**** **** *************** ******** ******* **** ***** ************* to **** *** *** **** ******** targets (*'* *** **** **** ******** makes *****). ******** *** *** ************ targeting *** ***** ******** **** ** with ********* **** **** **********.
* *** *** ** ***** **** was ********** **** * **-******. * saw **** ** *** *** **** my *******'* ***** ******* *** *** to **** ************* ** *** **** it *** ********* **** ** ***** might **** **** * **-******'* ******** email *******. * **** ** **** phone ******. * **** *** * text ****** **** *** *** * meeting **** ** ********* ****** *** could * ******** **** **** ***** that ** ***** **** ** ***** clients. ** **** ***** * **** right **** **** *** ********* *** deleted *** **** *** ******* *** number.
**** ***** ******** ** ********* ***** on ******* ** *** ********** ******* the ****** *** *** ******** ******* I *******.
**’* * ****** *** ******* ****** with **** *************** ** ****** **’* automated, ** ********’* ********* *** *** they’re ***** *** ***’* **** ** pony ** *** * ******* ******** campaign :)
** *** *** **** ******** **** this ******; *** ****** ** ****** always *** **** ***. *** **** invoice, ***** **** ****, *** ** some ****** *********, *** *** ***.
* *** **** ***** **** ** own *********** ****** ** *****.
** ***** ** ****** *** ******** spear ******** *******. **** ** ***** spoofers *** **** ******* ********* *** they ****** ******** ****** ********** *******, which ** *** ** ***** ********* and *** *** *******. **** **** websites *** *********** *** ****** *** employees **** *** **** **** ****'* who **** ******* ** **. **** may ** ****** *********.
**** *** *** *** **** ** that **% ** *** ******* ********** are ********. ****** *****-******** **** ****, or ******** (**** ********). * ****** IPVM ** ****** **** **** ********** a ******** **** ** *** ***, and *** ** ** * ****** to ******* ***** *** ***** *** fooled. ** *** **** **** *** its * ****** ******* **** **** cost **** **** **** ******* ******** will.
** *** **** * **** ******, try ****** *** ****** *****. **** of ***** ******** ** *** **** DMARC ** **** (******** *** ************ of ** ***** *******) ******* *** that **** **** *** ******.
***** *** **** ** ****** ********* but * **** ******* ********* ** answer *** ********* *** ***** *** need **** **** **** ******* ** network ********.
****** ***! * *** ********* ***** phishing ******** ******* **** **** / train ********* **** "****" ******** ********. What ** *** ***** ** *****? and ** ** *** ******** **** you *********?
**'** **** **** **** *** ***. One ******* ***********, ***** *** **** **** ** setup *** *** *******- * ** person **** ***** ************** ********** ***** easily ******* *** *** *** *** results. *** *** *** * *** tests *** **** ***** ***** ******* the *****.
** **************** ** * ****** **** ******** but ** **** **** ************ *** completely ****!
****** *** ******* ***** *******, *******! I've ***** ***** *** ****** *** may ** ********** ** ****.
| 11/16/21 07:38pm
***'** **** ******** **.
***** *** ****** **** ** **** to ****** **** * ****** *** of ******** *********.
*** *** **** ** ********* **** I ***** *** **** ** ****, just **** ** * ****** ******* to **** *** * ******** *****.
11/17/21 01:29am
** *** **** **** **** ** thing. ** ******** ***** *** ********* on *** *** *** **** ******** type ** ******* (*** ******.). ** have ******** ******* ** * ****** to *** **** *******. *********** **** want *** *** ******** ** ** buy **** ***** (****** ** *****) and **** **** ****** ** **** to *** ********. * **** * couple ** ******* **** ***** ********** that **** *** ******* *********.
*** **** **** ****** *** ******** you *** **** **** **** ******* to *****?
11/17/21 05:27am
** *** **** *** *** ******* company, **** ** **** (** * vendor **** ****) **** ********* *** your ***** **** ***** **** ******** emails.
***'** ******** ** ***** ** *** Phish **** *** ******* **** *** think **'* * ******** ***** *** then **** *** ** * ************** message *** *** ***** * ***** and *** *** *** ** **** anyone ***** *** ******** ** **** they *** ******.
* *** *** **** ** **, but ********** * **** **** ***** annoying *** **** **** **** ** the *****.
…**** ***** **** ******** ******.
** ****’** **********?
…*** *** *** ** **** ****** about *** ******** ** **** **** are ******.
*** ******’* **** **** *** ** tell? ***’* **** **** **** ** raise *********?
| 11/17/21 06:45pm
*** ******’* **** **** *** ** tell? ***’* **** **** **** ** raise *********?
***** **********'* **** ****** - **** **'* our ****** ****** - *** ******* that ** **** **** ** *** to **** * **** *** ** able ** ****** *** **** ** tell ******* * ****** **** * know **** **** ***'*.
** *********** **** *** **** ****** to *** ** ** ** ********* pawn ** ***** ********* ********.
…*** [ **** ] ******* **** if **** **** ** *** ** tell * **** *** ** **** to ****** *** **** ** **** someone * ******…
***’* *** ******* ********** ****** ***.
***’* *** ******* ********** ****** ***.
***’* *** ******* ********** ****** ***.
| 11/18/21 01:44am
******, ***...
******* ********** ** *** ** *** weakest *** *******-**-**** ***** ** **********/**** flam - *** *****'* **** **** on ***** **** ** **** *** naturally ********** ** **********.
******, ***...
*** ** ********** *’* ******, *****?
“***’*…”
| 11/18/21 03:17am
* **** *** ***** **** ** your *****... ***** **%. ; )
**** ** **** **** **** *******...
**** *** ****, *** ******* ****.
*'** ***** *** ****** ** ******* based ** *** ******* .... "*** * ***** *** **".
* *** *** **** ***** **** of ****** ** * ******* ***** as ** ****** ****** *** ************.
* ******'* *********** **** ** *** "foreign, ******* ****" ***** *** ********* this ********. **'* ******, ****, *** I've **** **** ****** *** ***** with ******* ******* *** ****** ** a **** ** *****. * ***'* even **** **** ** ***** ****** in **** **** *** ********, ** I **** ***** *******. ******** * get ** ***** ********** * ********, I ***** *** ****** *****. ****'* usually * ****** **** ****.
Top ********:
*. *********
*. *****
*. ***** ********
/ **
******:******* **** ********** ********* ** **** ***** **** messaging:
*** **** ***** **** ******* ****** Morning **** ** * *******, ** received *** ********* ****: “***** ****, I’m ** * ********** ***** ***, can’t **** ** *** ***** *** let ** **** ** *** *** my ****. ******.” ** *** ****** “Austin ****” ***, ** **** *** didn’t ****, **’* *** *** ** Morning ****.
******* ****’* *** **** ******* **** employee ** *** *** ****—****** **** reported ********* ******* ****. ** ******* responded ** *** ****, *** ****** would ******* *** *** **** *****, promising ** *** **** **** *****. The ***** *****’* ******** **** ****. Morning ****, **** ** **** ********** across *** *******, *** **** * victim ** * ******** ****. (**** eventually **** * *********** ***** ******* letting ******** ********** **** **** ** wasn’t ********* ****** *** ********* *** gift ***** ** ****.)
* *********** ** *** *** ********, smishing **** ********** **** ******** ** trick ********** **** ******* ***** ** personal ***********.
**’* *** **** ******* ****: *** numbers ** ******** ********* *** ****** are **********. *********** ********** ****** **** ******** ******* more **** ******* ** *** ** in ****. **** **** *** ******* Trade ********** (***)********* ***,*** ***** ******* **** ***** in **** ********* **** ********. ** those ********* ** *******, ********* **** a ***** ** $*** ******* ** smishing ***** **** * ****** **** of $***. (**** ***** ** ********** to *** ***.)
Newest Discussions
| Discussion | Posts | Latest |
|---|---|---|
|
Started by
John Honovich
|
6
|
less than a minute by Undisclosed #2 |
|
Started by
Undisclosed Manufacturer #1
|
7
|
less than a minute by Undisclosed Integrator #2 |
|
Started by
Brian Rhodes
|
1
|
3 minutes by Brian Rhodes |
|
Burglars Steal 4G Camera, ~$8,000 In Tools, Camera Is Still Transmitting Video From Burglars Home.
(4)
Started by
Jermaine Wilson
|
4
|
less than a minute by Ryan King |
|
Started by
Lee Jones
|
5
|
less than a minute by Lee Jones |
**** ** ***** ******, ****. * don't ***** ***** ** *** ******** targeting ** **** ** ********* ****.