又收到釣魚電郵(Phishing Mail) 假扮DocuSign
朋友告訴我收到可疑電郵,內含PDF附件,轉寄給我確實一下。
內文如下:
Subject: Re: Greetings from xxx
My apologies for my late reply,been away on annual leave.I tried to contact you earlier but your contact number seems to be unreachable,so attached are plans and list of requirements for proposed works keeping with the style with my taste and also Cost/timeline may sway our decision address and contact details are included.so hopefully we could arrive at an estimate on products and reliable delivery /packing cost.
Further modification of plans/Specifications from your professional view would really be appreciated.
Warm regard,
Richard Milling.
LURE VENTURES
看到郵件內文稍一不慎真的會以為是真郵件,因為它的內容真的與我朋友的行業相關,並不是單純像以往般假扮Invoice或訂單。
PDF附件內容只有一頁,假扮電子簽署的品牌DocuSign 的功能,有一個"Access Document"按鈕。
 |
| Access Document 按鈕引導你開啟假網站 |
 |
| 假DocuSign網頁與真DocuSign網頁並不一樣,但滿是各知名品牌的logo,讓人認為是各大Web Service的OAuth服務 |
 |
| 當你輸入電郵地址並送出後,會彈出警告字句,好像真的在提醒你它是加密了的附件 |
 |
| 按OK後它會作狀load 幾秒 |
 |
| 狐狸尾巴露出來了,終於讓你輸入密碼。!!!!!千萬別輸入啊哈!!!!! |
 |
| 無論你輸入甚麼,它都是顯示"incorrect Email Password. Please try again." |
 |
| 如果你不斷嘗試,你會看到"We are having technical difficulties verifying your account. Please contact sender if error persist." |
若果你真的很大意發現你曾經在假網頁輸入了密碼,請即時把密碼更改,祝你好運!!