5 Types of Phishing Emails You Should Be Worried About

Phishing is a phenomenon where hackers deliver fraudulent emails to loads of people with malicious links and attachments, in endurance that a few of them will react to them.

What’s the Goal of Phishing You Ask?

The goal is considerably scary. Here the victims are manipulated for willingly handing over their sensitive information (Ids, PIN codes, passwords, etc.) into the hands of crooks and scammers.

This fraudulent activity is carried out in various ways. In some cases, the scammers trick the email recipients into clicking on a malicious link. In other cases, they manipulate them to download attachments for dropping malware and viruses onto their systems. In any of the mentioned ways significant waves are created in the organization, bringing the corporate and personal information at high risk.

The phishers generally construct some legitimate-looking emails that are disguised as authentic ones from valid sources. The Scammers either use the names of general sites with which people do business with (Amazon, DHL, etc.), or they use your bank’s name, etc.

Behold some standard ploys which the cybercriminals use in general.

1.  The Friend Tactic

If an anonymous character claims to know you in an unexpected email, tries to be extra friendly with you, Don’t Panic!

You are absolutely not suffering from amnesia.

It’s just another way to trick you into sending him/her money. You may also receive an email from a known friend’s Id. The email might say that your friend is in trouble and is in urgent need of money. What you need to do is, before sending money verify by making a call to your friend. It may be the case that your friend’s email Id is hacked or compromised.

2.  The Billing Issue

These days a lot of us order stuff online, and to our luck the hackers have managed to invade this field as well. In this scenario it is possible that you may receive an email from your bank’s name that your online payment got declined. The email might contain a link that can lead you to a malicious landing page and you end up handling over your PINs and passwords without a blink of an eye.

To be on the secure side do verify the authenticity of the email before providing the sensitive information. For this, you can make a call to your banking officer.

3.  The Expiration Phenomenon

You might receive an email that your credit card is about to expire and you need to update your credentials for renewal. For that you are invited to click onto a malicious link which takes you to a spoofed site, and the rest is all that you know.

4.  The Virus Game

A panic is created by informing you that your machine is infected with a dangerous virus. To get over this situation you are invited to download an antivirus software from the received email. Such emails are usually attachment based and end up dropping viruses onto your systems or hacking them completely.

5.  The Tax Game

We know that everyone is liable to pay taxes, that’s why this tactic is considered a famous phishing attempt. The email may be regarding the tax refund and may ask you for your account details.


Discussed are the common hacks that phishers use in routine. To train yourself for recognizing such emails, better use a sophisticated cybersecurity awareness software, like PhishRod.

Better Stay Vigilant and Alert.


A phishing email is the most common way that is used by hackers and scammers to get hold of a person’s or an organization’s most sensitive and personal information. They do this via sending you emails containing links leading to malware, attachments that can drop viruses on your computers, etc.


4 Common Phishing Attacks

In this tech-centric era where technology is blooming with every hour that passes by and every second that ticks, phishing scams are also making their place to play a critical role in giving a tough time to the organizations. But, the question arises: Continue reading 4 Common Phishing Attacks

Ingredients for Designing a Successful Security Awareness Campaign

Security Awareness across the enterprise has always been a debatable issue. There would hardly be any CISO/CIO who would deny the role of security awareness, yet awareness gets the least eyes and attention of the security executives. Some blame the lack of resources, others say it is the responsibility of HR department, a few claim it has no benefit and that they simply have no time for it while majority is too busy in procuring and installing technology solutions. Continue reading Ingredients for Designing a Successful Security Awareness Campaign

Panama papers; Why data leaks will continue to happen?

The release of sensitive information to the public by individuals who are sometimes called whistleblowers and dubbed traitor or hero, is termed to be a data leak.

The most notable data leaks in the world include those facilitated by Wikileaks that showed the inner workings of US diplomacy, while the NSA files leak revealed that the NSA extensively tapped into the communication systems of American citizens and made use of court orders to coarse network providers to turn in the call, messaging and browsing data of its users.

Now, the Panama Papers is another notable leak in world history. A collection of 11.5 million files leaked from the database of the world’s fourth biggest offshore law firm, Mossack Fonseca. The Panama Papers reveals the task evading practices of the rich, who create offshore companies in tax havens around the world.

Continue reading Panama papers; Why data leaks will continue to happen?

$100 Million Bank Heist Brought To Light By “Fandation” – A Typo

$100 Million Bank Heist Brought To Light By “Fandation” – A Typo

Financial institutions in the Middle East are deeply concerned about their cyber-presence, as cyber-attacks have escalated over a period of very short time.

The hackers/ cybercriminals are launching highly sophisticated/ undetectable Trojans and ransomware. One of the most prevalent ransomware is ‘locky’, which encrypts user data, and threatens to delete everything if the victim does not pay compensation. Of course anti-virus companies are working on a solution against ‘locky’, but without much luck.

With almost all banks in the region now using the latest technology and network controls to guard their boundaries, such attacks have reached a new level.

In what might be considered one of the most ridiculous bank raids to date, the central Bank of Bangladesh experienced a higher level of theft as undetected attackers conducted a thorough and careful study of the bank’s operations and security systems and disguised as bank officials, requested a series of large money transfers orders for the New York Federal reserve. They successfully made away with a large amount of money, believed to be approximately $100mn.

The attackers carefully transferred this money to independent areas and regions but in a bid to operate discreetly, the money was separated and independently transferred across areas. $80mn dollars is believed to have successfully ended up in the Philippines, whereas the remaining $20mn was being transferred to an NGO in Sri Lanka.

Continue reading $100 Million Bank Heist Brought To Light By “Fandation” – A Typo

INFOGISTIC Appoints Hamed Diab (Ex McAfee Regional Director) as Board Member for PhishRod in Middle East, Turkey & Africa

INFOGISTIC, a leading information security company and provider of PhishRod, a security behavior management & phishing simulation service has appointed information security veteran Hamed Diab as the senior board member in the META region (Middle East, Turkey & Africa).


Hamed brings in over 20+ years of experience in cyber security, strategy, leadership and business planning with leading IT companies in the world. Besides being on the board of PhishRod, Hamed is currently serving as a Regional Director for Middle East Turkey & CIS countries (Common Wealth of Independent States ) with ForeScout. Prior to this, Hamed has served with Intel Security (McAfee) as Regional Director for Middle East & North Africa and was instrumental in McAfee’s business growth in the region. He also held key positions with 3COM, Hewllet-Packard and COMPAQ during his career.

As organizations prepare to take on the battle against Phishing, PhishRod will certainly benefit from Hamed’s vast experience of the cyber security industry in the region.

For further details on PhishRod, please visit www.phishrod.co