Friday, November 25, 2022

Phishing Is Too Easy - 4: Season to be Scammed Edition

It is Black Friday! And We are in the Season to be Scammed! A few moments ago (I am typing this as fast as I can) I received the following phishing email:

Phishing email pretending to be dicks sporting goods. Description of what to look out for is written below

It's call to action is the claim Dick's (insert jokes here) Sporting Goods decided out of the blue to give me a Yeti cooler if I just click on the "Confirm Now!" link. I usually would spend the time (see the last phishing article I wrote) and look at the email's source to see if it has any interesting teltale signs of phishing. But, this phisher is so lazy he does not deserve a deep dive on the email. So, let me count the ways this is a scam:

  1. Why would Dick's want to send me a cooler? They do have a store here but I make my point not to go there. So they do not know I exist... unless they bought my name off a list. If that is the case, I feel I should ignore them even more.
  2. Why is the name in the return address "Dicks SportinGoods" (blue line) instead of "Dicks Sporting Goods"?
  3. Why is the domain of the return address celimopafeseda (red line)? I could say that I could not find that domain registered anywhere I bothered to look (spent some extra time I really did not need to for this article), but let's be honest: this has nothing to do with dicks.
  4. If I had spend time and looked at the email's header, I would have seen it was sent through outlook.com. But I will not. I am not saying mailed through Outlook is a telltale of a phishing email but I do not like how the path it took while inside their network is obscured. Still, short post this is.

As a result, I think we can safely label this as phishing and move on.

I am disappointed for the lack of pride this phisher has. Do you think some other phisher will redeem my faith on them or is this the best I can expect this Friday?