Hi Friends! Hope this post finds you well. We are going to start with a little poem today, it goes like this!

Ah, We always loved Robert Frost. Such a wonderful poet!

Anyway, as some of you might have guessed, today we are gonna ‘fish’ you with some interesting stories from the past to create some awareness about ‘phishing attacks’. let’s scribble it!

The Golden Deer : Ancient Phish

The Background

Once upon a time, long, long ago, there lived a charming prince named Ram. Due to a bit of royal trouble, he, his wife, Sita, and his brother found themselves taking a sabbatical in the deep forest.

While living in the forest, Ram had a bit of a beef with a mischievous villain named Ravana. Ravana was quite smitten with Sita! It got to a point where he wanted to kidnap her and take her back to his beautiful island called Lanka to show her off to his friends and Instagram followers.

As Ravana pondered the plan to kidnap Sita, his brother Maricha, who was skilled at 'Trick or Treat' casually approached him for a night out in the city. This sparked an innovative idea in Ravana’s mind. he asked!

“Hey Maricha! How about I pay you to pull a ‘Trick or Treat’ on Ram and his gang?”

Maricha, being the business magnet in the family replied!

"Sure, bro, if the pay is right, I'm in!"

The Ancient Phish

One sunny day, Ram, Sita, and Lakshman were strolling through the forest, digesting a hefty brunch. Maricha appeared in front of them disguised as a 'Dazzling Golden Deer.'

Sita was instantly smitten and mesmerized by the beauty of the golden deer. She exclaimed,

Hey Ram! I want to have that Deer , Can you get one for me dear ? please !

Ram, ever the devoted and sweet husband, sprinted off after the shiny deer.

Time ticked by from minutes to hours as Ram chased the elusive deer for his dear through the forest. Worried, Sita insisted that Lakshman check on Ram, in compliance to Sita’s request Lakshman also dashed off in search of his brother.

While alone, Sita was scooped up by Ravana, turning this forest tale into a full-blown rescue mission.

Sad!

Let’s jump time ships and fast ward to 2010,

Enter the Dear: Robin Sage

Thomas Ryan, a cool security researcher, decided to see whether smartest people in the world would be attracted to any ‘Golden Dear’. He whipped up a fake persona online, named her Robin Sage with a profile pic of an attractive lady. Claiming she was a top-tier cybersecurity analyst.

As Robin flicked her digital eyelashes across social networks, she had hundreds of bigshots from the military, spy circles, and Fortune 500 companies gobbling up to her virtual breadcrumbs of seduction. These top-tier players spilled secrets like they were swapping office gossip, completely mesmerized by her charming profile and knockout photo.

If you all want to learn more about this peek here.

Oh Dear ! The 25 Million $$ Phish

Welcome to 2024, and let’s open the scene in Asia, A finance worker at a multinational firm in Hong Kong was deceived into authorizing a $25 million payout to hackers who used Deepfake AI technology.

The worker was duped in to getting on a video call with familiar faces on the other end which made the worker believe that he was interacting with actual colleagues, but they were actually computer generated videos of co-workers.

We are going to stop our stories here and jump in to our ‘Phishing Awareness’ propaganda bandwagon AGAIN!, Let’s scribble on!

What is a ‘Phishing Attack’

A phishing attack is a scam in which someone impersonates a trusted entity, such as a deer, dear , bank, relative or friend, with the intention of deceiving you into divulging sensitive information, such as passwords or credit card numbers. This is typically done through E-mail, SMS, Call or fake websites.

Phishing : Where strengths become weakness

In all of these stories above ,attackers preyed on several human traits to pull these heists off , those are;

• Curiosity.

• Urgency.

• Obligation.

• Commitment.

• Love.

• Empathy.

• Fear.

• Duty.

How to spot a phish ?

• A message preying on human traits mentioned above.

• Inducing an urgent reaction.

• Comes with a ‘Call to Action’ such as.

  • Click a link.

  • Call.

  • Reply.

Channels of phishing !

• SMS.

• E-Mail.

• Instant Messengers ( Facebook Messenger, WhatsApp messenger etc. ).

• Phone Calls.

• Video Calls .

I got phished! What should I do ?

• Change your passwords.

• Report the incident.

• Monitor your accounts.

• Do a virus scan on your PC / mobile.

Most importantly ‘Keep Calm and Act Vigilant’.

References

[1] 25 Million Dollar Phishing Attack

[2] Robin Sage

[3] Phishing Attacks