Which of the e-Commerce websites are phishing attempts? Spot the Phish

Spot the Phishing Attempt

The images displayed below are a combination of real and phishing sites. Spot the phish! Click on the images to zoom in.

Spoiler Alert: Answers are below.

 

Answer: Image 1 shows a real website. The others are phishes! Let’s take a look below…

Image 1 details: The image passes our link checks, format checks, and grammar checks. Nothing seems amiss.

 

Image 2 details: The biggest giveaway is the ‘Amazon Rewards Event’ pop up ad. The hyperlink in the ad has a spoofed domain: amazon.com is replaced by amazon.c0m. Remember, even if the main site you’re visiting is a reputable one, it doesn’t mean you should trust the ads and pop-ups as well. Hackers can place malicious ads on sites and redirect you to a bad website. Never let your guard down. Inspect pop-ups and ads as closely as you would an email or website.

Image 3 details: The URL of the website has typo – “nobl.” Also, the URL has a weird multi domain – ‘.com.ack.’ What professional organization would have such a domain? There is absolutely no need to perform a link check on this one. Totally phishy!

Barnes & Noble Phishing Explained 3

Image 4 details: Now, this is a tricky one. There are no typos, spelling or grammatical errors and even the URL looks good. The only giveaway is that one of the checkboxes says: “Include free YouTube Download Manager.” A pre-checked tool download option is an immediate red flag! If you’re in a hurry and accidentally forget to uncheck the box, it might trigger an adware or malware download in the background that adversely affects your computer and leads to a compromise of your personal or sensitive organizational information.

Best Buy Phishing Explained 4

 

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

Biggest Cybersecurity Trends

The Biggest Cybersecurity Trends to Watch in 2023

As we begin a new year, here’s a look at some of the top security trends that are emerging now and could pick up pace in 2023 …
Cybersecurity Threats of 2022

The Biggest Cybersecurity Threats of 2022

Here’s a look at the biggest cybersecurity threats from 2022, and what organizations should pay close attention to in the coming year …
soc 2 auditor

Top 10 Tips for Choosing a SOC 2 Auditor

Choosing a SOC 2 auditor can seem like a complicated process, but keep in mind that the most important factor is picking someone who will be a valuable partner …