I tell you what… phishing attempts are getting better than ever.

Take this one received this morning:

This one definitely gave me a double take for sure, and there were definitely some things it did very well, such as:

• realistic look
• good grammar/verbiage
• no obvious spelling errors
• time was reflective of time on email

Some things it did wrong:

• “Online Support.”
• from address not being AmEx

The sender email address was the biggest red flag of course. The other giveaway for me is the receiving address. If you are using Apple products, you might as well take advantage of their benefits. One benefit I love is Hide My Email.

I use this feature all the time. Almost every vendor I use has a unique email. Existing accounts I’ve had have been changed to unique emails.

So on this phishing attempt, since the email wasn’t sent to this unique email I have for the vendor, it was a huge red flag.

Another benefit I love with Hide My Email is spam identification/reduction. Getting spam on that address? Clearly the vendor is selling/releasing/not taking care of your information. It’s caused me to change vendors in many cases.

Additional Reading

• Apple’s Hide My Email (apple.com)
• How to prevent phishing (cloudflare.com)
• Phishing Scams and How to Spot Them (ftc.gov)