SlideShare uma empresa Scribd logo

Amazon Social Engineering slides

Transferir como PPTX, PDF
A
AltinetLtd

Amazon Social Engineering slides

Tecnologia
1 de 7
HOW TO SPOT A SOCIAL ENGINEERING EMAIL
Social engineering is essentially the act of manipulating people into giving access to confidential information or areas, rather than using force or hacking. The information they seek can be anything from passwords to bank details, or even employee records from businesses. Some common social engineering techniques include pretexting, baiting, tailgating, and - most prominently – phishing. All of these tactics differ from each other slightly, but they all depend on the attacker’s ability to trick the victim into trusting them.
1. Check Email Addresses The display name might look authentic, but email addresses are much harder to falsify. With many companies purchasing their own domain names, attackers often have to alter the spelling slightly – in our example you can see that the domain replaces the O in ‘Amazon’ with an A.
2. Hyperlinks If an email from an unknown source includes lots of pushy links or buttons be wary; they can often harbour malicious software that can log your keystrokes or take you to a convincing website where they can steal your login details. Avoiding links altogether is the best practice, but if it seems to be for an important page try using a trusted search engine to find it instead, or hover over the link before clicking to reveal the URL.
3. The Context Different social engineering tactics use different methods to try to persuade the user into complying. In this instance, the message offers a reward in exchange for following the link, which is an example of a baiting email. Other tactics may offer a service or use urgent language to scare the target into clicking through the link.
4. Too good to be true The biggest give-away with scam emails is that they always go for the big flashy prizes, or large sums of money. In this instance, the example doesn’t give an amount for the refund, but it does offer a scenario, meaning you can easily check your bank to see if you really were ‘double charged’ before proceeding.
For more topics and training material visit the Boxphish website.

Recomendados

Debenhams Social Engineering Slides
Debenhams Social Engineering SlidesDebenhams Social Engineering Slides
Debenhams Social Engineering SlidesAltinetLtd
 
GMP Ransomware Slides
GMP Ransomware SlidesGMP Ransomware Slides
GMP Ransomware SlidesAltinetLtd
 
Are Phishing Attacks Angling For You?
Are Phishing Attacks Angling For You? Are Phishing Attacks Angling For You?
Are Phishing Attacks Angling For You? The TNS Group
 
Keeping Your Email Secure
Keeping Your Email SecureKeeping Your Email Secure
Keeping Your Email SecureTexas Medical Liability Trust
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringVinay Bhargav
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Data Security: A Guide To Whale Phishing
Data Security: A Guide To Whale PhishingData Security: A Guide To Whale Phishing
Data Security: A Guide To Whale PhishingPhil Astell
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishingRaviteja Chowdary Adusumalli
 

Recomendados

Debenhams Social Engineering Slides
Debenhams Social Engineering SlidesDebenhams Social Engineering Slides
Debenhams Social Engineering SlidesAltinetLtd
 
GMP Ransomware Slides
GMP Ransomware SlidesGMP Ransomware Slides
GMP Ransomware SlidesAltinetLtd
 
Are Phishing Attacks Angling For You?
Are Phishing Attacks Angling For You? Are Phishing Attacks Angling For You?
Are Phishing Attacks Angling For You? The TNS Group
 
Keeping Your Email Secure
Keeping Your Email SecureKeeping Your Email Secure
Keeping Your Email SecureTexas Medical Liability Trust
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringVinay Bhargav
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Data Security: A Guide To Whale Phishing
Data Security: A Guide To Whale PhishingData Security: A Guide To Whale Phishing
Data Security: A Guide To Whale PhishingPhil Astell
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishingRaviteja Chowdary Adusumalli
 
IS Presetation.pptx
IS Presetation.pptxIS Presetation.pptx
IS Presetation.pptxTanvir Amin
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxvdgtkhdh
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxamby3
 
Security awareness
Security awarenessSecurity awareness
Security awarenessSanoop Nair
 
How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?Ankush Sarkar
 
Common Email Security Mistakes
Common Email Security MistakesCommon Email Security Mistakes
Common Email Security MistakesEmerge Management Training Center
 
phishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitphishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitssuser64f8f8
 
Phishing
PhishingPhishing
PhishingSyeda Javeria
 
Security-Awareness-Training.pptx
Security-Awareness-Training.pptxSecurity-Awareness-Training.pptx
Security-Awareness-Training.pptxWizer - Cyber Security Awareness
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUBilly Warero
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 
10 tips to prevent phishing attacks
10 tips to prevent phishing attacks10 tips to prevent phishing attacks
10 tips to prevent phishing attacksNamik Heydarov
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesHuman Resources & Payroll
 
S_A_T.pptx
S_A_T.pptxS_A_T.pptx
S_A_T.pptxPurnanandaSwarupAcha
 
Lesson learned from linked in
Lesson learned from linked inLesson learned from linked in
Lesson learned from linked inPayza
 
Phis
PhisPhis
PhisPresentaionslive.blogspot.com
 
Phishing Awareness Training.pptx
Phishing Awareness Training.pptxPhishing Awareness Training.pptx
Phishing Awareness Training.pptxHajar Bouchriha
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 

Mais conteúdo relacionado

Semelhante a Amazon Social Engineering slides

IS Presetation.pptx
IS Presetation.pptxIS Presetation.pptx
IS Presetation.pptxTanvir Amin
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxvdgtkhdh
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxamby3
 
Security awareness
Security awarenessSecurity awareness
Security awarenessSanoop Nair
 
How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?Ankush Sarkar
 
phishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitphishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitssuser64f8f8
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUBilly Warero
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 
10 tips to prevent phishing attacks
10 tips to prevent phishing attacks10 tips to prevent phishing attacks
10 tips to prevent phishing attacksNamik Heydarov
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesHuman Resources & Payroll
 
Lesson learned from linked in
Lesson learned from linked inLesson learned from linked in
Lesson learned from linked inPayza
 
Phishing Awareness Training.pptx
Phishing Awareness Training.pptxPhishing Awareness Training.pptx
Phishing Awareness Training.pptxHajar Bouchriha
 

Semelhante a Amazon Social Engineering slides (20)

IS Presetation.pptx
IS Presetation.pptxIS Presetation.pptx
IS Presetation.pptx
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptx
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptx
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?How to check a suspicious link without clicking on it?
How to check a suspicious link without clicking on it?
 
Common Email Security Mistakes
Common Email Security MistakesCommon Email Security Mistakes
Common Email Security Mistakes
 
phishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitphishing facts be aware and do not take the bait
phishing facts be aware and do not take the bait
 
Phishing
PhishingPhishing
Phishing
 
Security-Awareness-Training.pptx
Security-Awareness-Training.pptxSecurity-Awareness-Training.pptx
Security-Awareness-Training.pptx
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOU
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
 
10 tips to prevent phishing attacks
10 tips to prevent phishing attacks10 tips to prevent phishing attacks
10 tips to prevent phishing attacks
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security Breaches
 
S_A_T.pptx
S_A_T.pptxS_A_T.pptx
S_A_T.pptx
 
Lesson learned from linked in
Lesson learned from linked inLesson learned from linked in
Lesson learned from linked in
 
Phis
PhisPhis
Phis
 
Phishing Awareness Training.pptx
Phishing Awareness Training.pptxPhishing Awareness Training.pptx
Phishing Awareness Training.pptx
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 

Último

Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 

Último (20)

Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Amazon Social Engineering slides

  • 1. HOW TO SPOT A SOCIAL ENGINEERING EMAIL
  • 2. Social engineering is essentially the act of manipulating people into giving access to confidential information or areas, rather than using force or hacking. The information they seek can be anything from passwords to bank details, or even employee records from businesses. Some common social engineering techniques include pretexting, baiting, tailgating, and - most prominently – phishing. All of these tactics differ from each other slightly, but they all depend on the attacker’s ability to trick the victim into trusting them.
  • 3. 1. Check Email Addresses The display name might look authentic, but email addresses are much harder to falsify. With many companies purchasing their own domain names, attackers often have to alter the spelling slightly – in our example you can see that the domain replaces the O in ‘Amazon’ with an A.
  • 4. 2. Hyperlinks If an email from an unknown source includes lots of pushy links or buttons be wary; they can often harbour malicious software that can log your keystrokes or take you to a convincing website where they can steal your login details. Avoiding links altogether is the best practice, but if it seems to be for an important page try using a trusted search engine to find it instead, or hover over the link before clicking to reveal the URL.
  • 5. 3. The Context Different social engineering tactics use different methods to try to persuade the user into complying. In this instance, the message offers a reward in exchange for following the link, which is an example of a baiting email. Other tactics may offer a service or use urgent language to scare the target into clicking through the link.
  • 6. 4. Too good to be true The biggest give-away with scam emails is that they always go for the big flashy prizes, or large sums of money. In this instance, the example doesn’t give an amount for the refund, but it does offer a scenario, meaning you can easily check your bank to see if you really were ‘double charged’ before proceeding.
  • 7. For more topics and training material visit the Boxphish website.