Awful Phishing Attempt

Social Engineering
, ,
1

Hey guys! Check out this awful phishing attempt I received in my email! For OPSEC reasons, I’ve changed any occurrence of my name to “Doe.” Yes, he addressed me by my last name.

Subject: Dear Doe,

Message:

Dear Doe,
 
I am Barrister Fredrick Adonko, a Legal adviser to my late client
Mr.D.E.Doe,a national of your country who dwelt and worked here for more than twenty years as a businessman and a major contractor to shell petroleum development company. After 

unsuccessful attempts to locate his relatives, I decided to contact you to assist  me and get this huge amount of 
(US$.9.5Million) left over in the Bank here in Lome-Togo, 
for more information reply me.

Thanks.
Barr. Fredrick .Adonko (Esq)

Obviously, as a white-hat community we would never attempt to phish people. However, take a second to enjoy this garbage email.

What are the obvious flaws in this email? Weak grammar and formatting make it obvious that this isn’t a legit email from any respectable law firm. Telling me about a “late” relative I’ve never heard of is also another big no-no.

The “attacker’s” email addresses: [email protected] and fredrick adonko <[email protected]> are similar to blacklisted emails found here.

Neither 0x00sec nor its affiliates are liable for any act, legal or otherwise, that you commit as a result of this post.

11 Likes
2

What a rubbish attempt…Pains me to think people actually fall for blatant scams like this…

4 Likes
3

That email is… trousers

4 Likes
4

No. Just no. Those scammers are losers. Are they kindergarten dropouts by chance?

2 Likes
5

You should reply, but mess with him instead. Some guys of the Belgian national television once pulled this off, and it was funny as hell.

-Phoenix750

3 Likes
6

I somehow disagree with you. Why wouldn’t we use Phishing while doing a legitimate pentest?

4 Likes
7

Well yes, but I’m sure @oaktree means maliciously.

2 Likes
8

All bets are off in a legitimate pentest. As @EnergyWolf retorted, I did, in fact, mean maliciously.

2 Likes
9

Well, this wasn’t obvious to me. Thanks for clearing things up! :slight_smile:

10

Not just trousers- bad trousers :smile:

11

I say we all troll this guy and send him secret files (bind a PDF and an executable with DTMs file binder).

:wink:

1 Like
12

I wouldn’t do that. Not in the name of 0x00sec at least.

He may be a criminal himself, but committing a crime against a criminal also makes you a criminal :wink:

-Phoenix750

1 Like
13

Hahaaa, at least they can learn english first… :stuck_out_tongue:

14

I say we do too. but thats illegal… buuuuuuuuttt.

15

Neither 0x00sec nor its affiliates are liable for any act, legal or otherwise, that you commit as a result of this post.

1 Like
16

Edward Snowden is defined a Criminal, does that make him a bad person?

17

Edward Snowden is defined as a criminal because he exposed the truth of a corrupt nation.

We would be defined criminals because we got butthurt over a single, non-important and terrible phishing mail.

One is whistleblowing, and the other is just overreacting. There is a clear difference between the two. So aye, Edward Snowden is not a bad person due to the nature of his “crimes”. If we hack and ruin this guy’s life on the other hand…

It would be like beating someone to death with a wrench just because he pushed you on purpose.

EDIT: now just trolling him a bit won’t hurt. In fact, it is a good way to teach them a lesson. But hacking them might be a bit over the top.

-Phoenix750

1 Like
18

My point was simply to highlight the fact that Morality and Legality are two very different things.

1 Like
19

Hmmm, I guess you’re right then.

-Phoenix750

20

This topic was automatically closed after 30 days. New replies are no longer allowed.