A fresh report by NakedSecurity reveals the lengths scammers are willing to take just to get new victims. And apparently, crypto phishers are leading the sophistication race, using better English in their emails to try and lure new victims.
Reporter Paul Ducklin notes that they hadn’t heard of this level of sophistication from crypto phishers, or even the exchange being phished either until today — although Luno may not be a stranger to those in Southeast Asia, as it is a popular exchange in Malaysia, Philippines and Indonesia.
But a phishing email received showed just how far scammers have come from the days of poorly-constructed emails, with plenty of typos and bad grammar. In the email sample they shared, the body of text was perfect in terms of spelling and grammar.
Ducklin does point out that native English speakers [we shall assume he is one] would immediately notice the “certain linguistic clumsiness” throughout, but credits it for being “as well-written as many official and supposedly professional documents that we’ve received in recent years, from both the public and private sector”. It also avoids the “overly dramatic styles” more frequently found in emails from Nigerian princes or former mistresses of deposed dictators.
However, the telltale signs of a scam were still apparent, he notes:
“… notably that reputable companies try to avoid putting links in their emails that lead directly to authentication pages, and even if they do, you shouldn’t click them anyway. Also, the link in this phish doesn’t point to the sort of URL you’d probably expect – it leads off to a weirdly named and unencrypted (non-HTTPS) server in the
.CO.KR (South Korea) domain.”
In essence, as scammers get more sophisticated, so must we. Just because emails look legitimate does not mean they are. But if it looks like a phish, it is! It really is as simple as that.
Image Courtesy: Pixabay