Email Security Blog

Tales from the Cyber Crypt

Danielle Tristao October 30, 2014 Cybercrime
Fallback Featured Image

Tales from the Cyber Crypt

By Danielle DeWereWolf

One dark and stormy night, Shawn was working late on his computer. Usually he would be in bed by now, but the loud clap of lightning and roar of the wind made sleep impossible. Instead, Shawn thought he would catch up on some email. He walked over to the kitchen and set the kettle on the stove to boil. Sitting back down at the dining room table he opened up his email.

Junk, junk, junk … Oh! A coupon for a smoothie … Junk, junk, junk … Shawn’s eyes got heavier with every scroll of his mouse.

Just as Shawn decided maybe sleep wasn’t such a bad idea, he saw an email from his bank. The subject read: “New Security Measures.” Worried, Shawn clicked on the email:

Hello Valued Customer,

We are writing to inform you that we have made new changes to the security of our database. In order for these new security features to take place, please login to your account using the following link: Once logged in, please make sure to check the box stating you would like to upgrade your account to a more secure server. We appreciate your business.

Best Regards,

Your Bank

“Interesting,” thought Shawn. He clicked on the link and was presented with a login page. Just as Shawn was about to put in his user name and password, there was a sharp whistling sound – coming from right behind him! Shawn jumped three feet straight in the air with fright and swung around to face the horrifying … tea kettle.

“Oh. Right.” He had forgotten about his tea. It’s just a kettle, Shawn. No reason to be scared.

He got up and poured the hot water into his mug. As he stared out the window at the relentless storm outside, Shawn was suddenly reminded of a conversation he’d had with a friend just last week. His friend was telling him about something called “phishing” and how criminals will pretend to be a company you do business with in order to get your personal information. He said they could even create websites to look exactly like the organization they are pretending to be!

Shawn thought this over as he sat down at his laptop with his cup of tea. He carefully examined the page. It looked like his bank’s website. The logo was there. Nothing appeared to be out of place. Unsure of what to do, Shawn decided to call his bank’s customer service center. Once someone was on the phone, he told them about the email he had received. The customer service representative told Shawn that there was no email sent from his bank that day. The representative continued on, saying that they would never email him requesting his login information. Shawn was shaking as he placed his phone back down on the table. It was a phishing email. He forwarded the email to the bank’s fraud department and then closed his laptop.

He was safe. For now.


Would Shawn have thought twice if he hadn’t had that conversation with his friend? Would he have continued putting in his contact information if that kettle hadn’t startled his fingers off the keyboard? The thought that his personal information could have been taken that easily is spooky.

Contact Agari today and find out how you can stop the horror of emails that spoof your brand!

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 10, 2019 Ronnie Tokazowski

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind…

Agari Blog Image

June 5, 2019 Crane Hassold

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding…

Agari Blog Image

April 25, 2019 Crane Hassold

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to…

Agari Blog Image

April 18, 2019 Ronnie Tokazowski

Do You Know Where Your W-2 Is? Probably Where You Left It

It’s like clockwork. Every year around tax time security vendors (even us!) push out warnings…

Agari Blog Image

April 4, 2019 Crane Hassold

Evolving Tactics: London Blue Starts Spoofing Target Domains

In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email…

mobile image