It’s that time of year! We’re all having fun planning our Halloween costumes. What’s not so fun? Cybercriminals are doing the same thing.
Just as you can put on a Dracula outfit and look the part, criminals can camouflage their emails to present a perfect facade, too — of a brand you trust.
But crooks don’t have to buy their costumes: a phisher — let’s call him Vlad the Impaler — can just take a real email from, say, Apple, save its HTML content, and modify a few links. Vlad can then resend a perfect-looking Apple mail from a plausible sounding server like “apple-mail-gateway.com” and … trick or treat.