Cybersecurity training, tips, and consulting
This page is designed to help you recognize and fight phishing or (phone/text) scams.
What is Phishing?
-
Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.
Below is an example of a phishing email with tips on identifying if it's a phishing message.
Report A Phishing Website:
Right-click the link in the phishing email, and copy the hyperlink (DO NOT CLICK THE LINK).
More about avoiding phishing emails: FTC.gov
Evaulation
Scan Links:
-
urlscan.io: scan and analyze sites (provides a screenshot and more info)
-
Palo Alto: scans and reports URL cateogry
-
CheckPhish.ai: Phishing detection engine.
-
phishcheck.me: runs in a sandbox-like environment
-
VirusTotal: checks against blacklists.
-
urlvoid.com: runs against blacklists/databases.
-
Browserling: opens link in protected environment
Investigate IP/Domains:
-
Check IoC: (up to 25 checks/day to scan IP or domains against databases)
-
ThreatMiner.org: data mining for threat intelligence
-
AlienVault OTX: open-source threat intelligence (can subscribe to "pulses") and create a free acct.
Reporting
-
Fortinet: URL Submission/Review
-
Palo Alto: At the bottom, you can "request change"
-
CISA: send email to "phishing-report@us-cert.gov"
-
Symantec: submit a file
-
McAfee: creating acct helps track status
-
Amazon: report an amazon-suspicious message
-
PhishTank: account required (free)
-
Netcraft: no account needed
-
CIRCL: shares with EU partners
Report Abuse To Website Hosts:
-
Find who hosts the website with WhoIsHostingThis and search Google for "webhost + abuse" to find their complaint contact information.
Report Phishing & File Hosting Abuse Directly:
Extra Phish Reporting
Via Email:
To Organizations:
Via Twitter:
If you have a Twitter account, you can message the people below (add a space or brackets so clicking it doesn't work). They are powerful researchers with connections to help shut down fraud:
Report Malware
-
VirusTotal.com (shares reports/files with subscribers)
-
FortiGuard Scanner (Fortinet)
-
TrendMicro (requires tool download)
Other Tools For Personal Use:
Report Phishing / Spam Text (SMS) Messages
Copy the contents of the spam SMS and paste it into a message to this four-digit number: 7726 (S - P - A - M). This reports it to your phone company, so they can search who sent it and investigate and block. Don't click the link!
7 7 2 6 (S P A M)
On iPhone:
-
Open the actual message on your phone
-
Press and hold on the message to get a list of actions to pop up.
-
Click on “more…” [example image on right]
-
Click on the forward arrow at the bottom right
-
Enter “7726” in the forward to field
-
Hit the send arrow in the lower right
On Android:
-
Open the message on your phone
-
Press and hold on the message to get a list of actions to pop up
-
Select the “forward message” option
-
The message will be selected, click the forward arrow in the upper right
-
Enter “7726” in the forward to field. The number will display below for you to confirm the recipient
-
Hit the send arrow in the upper right
Report Unsolicited Calls & SMS
-
Use the form on SpamResponse.