Can I Be Phished? #1 - Unboxing a malicious phishing message that impersonates an amazon email

In this episode, I explore a fake Zoom meeting invitation with Jeff Ton, author of Amplify Your Job Search, and Amplify Your Value.

We all encounter so many online meetings these days, that a Zoom invitation is a great phishing pretext. Join us as we analyze one that illustrates how this works.

Jeff is a former executive who now coaches others to maximize their potential in the IT industry. He shares insights into his experiences and lessons learned that make him a great speaker and author.

Jeff can be reached at:

http://jeffreyston.com

https://www.linkedin.com/in/jtonindy/

https://twitter.com/jtonindy

We take a look at a pretty obvious - you might even say "funny" - phishing email that tries to convince us that we're in for some great surprises from FedEx.

Still, there are some good lessons in spotting phishing attacks, followed by some great tips and advice from Pete on marketing and managing money successfully.

Whether you are a compliance manager, a CISO or an IT Service provider, you’ve got a communication and marketing challenge.

How do you effectively get your message across to employees and end-users?

In this episode of Can I Be Phished?, I speak with Pete Matheson, a leading IT business coach and video content creator who knows how to build messaging programs using video.

Pete and I also dig into his tips and lessons learned as a Managed Service Provider about using video to do persuasive messaging and to create content that people want to consume.

Pete can be reached at:
http://www.petematheson.co.uk
http://www.youtube.com/petematheson
http://www.linkedin.com/in/petematheson

If you'd like to provide us with comments, or make suggestions on specific phishing attacks or scams that you think would be valuable to our audience, please submit a comment on our Contact page (HERE).

Shawn and Scott unbox a message that looks like it is from the WHO, with an offer to provide assistance. So, we get lots of good insights into this kind of cyber attack, and then explore Shawn's experience in ransomware incidents and some great recommendations on cyber insurance.

Shawn is reachable at:

http://twitter.com/shawnetuma

http://linkedin.com/in/shawnetuma

http://www.shawnetuma.com

To comment on this episode, you can go to: www.clickarmor.ca/contact

Each week on Can I Be Phished?, we look at a different threat, to show you how to look for suspicious situations.

In this episode:
- Scott unboxes a phishing message that looks like a warning notice from a bank, saying his online banking service will soon be expiring.
- We are assisted by Dave Ockwell-Jenner, VP of Information Security at Arctic Wolf, a managed security service provider (MSSP)
- Dave also provides stories about tracking down advanced persistent threats in a corporate network

For more info on Dave and Arctic Wolf:
Dave Ockwell-Jenner: http://twitter.com/daveoj
Arctic Wolf: http://www.arcticwolf.com

Remember that October is National Cyber Security Awareness Month, and it's coming up fast (as of the time of this video). Maybe it's time to try something more engaging this year...

About Click Armor

Click Armor is your go-to resource for gamified cyber security awareness training. It is the first online gamified learning platform designed specifically for cyber security awareness learning and assessment. It's a completely different way to deliver content that people find boring.

Maybe it's time to abolish your "Death by Powerpoint" awareness program and try something more engaging...

Click Armor's gamified online phishing and social engineering courses are a great way to inject new life into your cyber security awareness program, with its visual, dynamic and interactive learning challenges and simulations.

To get a free trial for your organization, and to see how gamification can deliver instant results, visit: https://clickarmor.ca/start-your-free...

For more resources on gamification of awareness, you can also visit: https://clickarmor.ca/gamification

Unboxing an Artificial Amazonian phishing message. Plus, an interview with Adam Crate of Grade A (MSP in Ottawa).

Part 1: Unboxing

Scott reviews the steps in the Can I Be Phished? phishing checklist, including: 1) Gut feel garbage check; 2) Sender sanity 3) Link elusiveness and 4) Body believability.

A simple phishing message that impersonates an Amazon customer service email is analyzed using the checklist. (Video version is available on Youtube in the Click Armor channel.)

Part 2: Interview with Adam Crate, VP Business Services at Grade A, an Ottawa-based Managed Service Provider (Starts at 12:33 mark)

Adam provides some enlightening details of the impacts of COVID-19 on MSPs and on their small business clients. He also provides some tips for general security, as well as security awareness.

Grade A: http://www.gradea.ca

Visit http://clickarmor.ca/canibephished to try our 3-minute gamified phishing self assessment, and learn more about how Click Armor's gamified learning platform for cybersecurity awareness can revitalize your security awareness training program.