Your company is participating in a Cyber Security Education Program.
This PayPal Compromise Phishing Attack included the following social engineering techniques:
- Urgency to act - Update your login information immediately
- Name stuffing/overload: a fake email address is included in the Sender Name to make it appear as though the email was from PayPal.
- Subject to appear critical or official: New logon to your account
- Urgent email / consequence for no action (example: ... secure your account)
- Limited and simple content to minimize detection by email filters.
How to spot this was a phishing email:
- From email address domain not associated with PayPal: sender email domain is locked-outlook.com)
- The link provided references a domain not associated with official company (example: locked-outlook.com); official being something like "paypal.com"
- This email was/may have been filtered and in your junk mail folder.
