Hey there,
It's Hisham from FPU :)
That email you just received? Well, it was a fake (Sorry, no rewards... and no secret lottery this year). And that FPU Login page you just clicked through? Well, yes, it was also a fake. The good news is, it's only me who's sitting on this side of the screen. A friend, in other words. It could have been someone else.... much, much "badder" :)
But let's be honest. I could have fallen for this. Anyone could have fallen for this. So don't feel guilty. And, no one is going to be named or shamed :)
Your credentials have not been compromised. So, no reason to worry and no need to change your password.
I want, however, to use this opportunity to leave you with a few good thoughts. So please read on for a few more seconds.
Most of us rarely pay attention to the spelling of the sender's email address. A closer look at the address of the fake email you received would have revealed that it is not from {freepressunlimited.org}, as it should be, but from {freeepressunlimited.org}, with a triple "e".
That should have been your first flag. :)
The second, was the link inside of the email itself. Again, a closer look at the URL would have revealed that you were about to visit a page that is not {login.freepressunlimited.org}, our legitimate login page.
The login page was obviously a fake even though it looks legitimate. It is a clone.
I made a few clone examples for you so you can see for yourselves: here, a fake Gmail login page; and here a fake Facebook login page.
Take a look at the URL of each of those pages. Does it look legitimate?
Be advised also that those phishing messages don't always take the form of emails. They can be sent to your phone email app, sent via SMS text messages, WhatsApp or Signal messages, or any other communication means.
Ultimately, it is your common sense that is the sure guard against them.
-
Learn a few simple practices and common tactics used to trick people into clicking on malicious links and attachments.
-
Regularly test your knowledge. Take this quiz:
Look to the right end of the website URL for the name before .com or other ending (like .nl). Is it the site you want to go to?
Any website that asks for your information should have HTTPS, but know that HTTPS alone does not make a website genuine.
If you are still unsure, feel free to ask for help from myself or Greenhost. You can also check a suspicious website yourself with the online scanning engine VirusTotal.
- Enroll in the Phishing Attacks course - available in English and French.
- Further courses are also available. Check them out at totem-project.org.
Good luck and watch out for phishes these holidays :)
Happy new year,
-Hisham
Picture credits: Illustrations by channarong pheangjanda. Licensed under CC BY-NC-ND 4.0.
*Main source used for this post: Security Planner