Most phishing attacks are fairly sophisticated… but sometimes we see attacks from people who obviously don’t have the foggiest idea what they are doing. I appreciate the comic relief!
Take this email which found its way into my inbox this morning:
Dear client of Regions Bank,
Technical services of the Regions Bank are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation on customers data.
To get started, please click the link below:
The target is Regions Bank, right? Not so fast. Check out the link that you are expected to click.
The URL is disguising itself as both Charter One (charteronebank) and Washington Mutual (www.wamu.com). The landing page – which is down at the time of this post – is actually spoofing Regions Bank. This attacker must have been absent the day they covered the "pick a target and stick to it" lesson at phishing college.