{"id":53121,"date":"2022-07-18T09:07:08","date_gmt":"2022-07-18T01:07:08","guid":{"rendered":"https:\/\/version-2.com\/?p=53121"},"modified":"2022-08-19T15:16:57","modified_gmt":"2022-08-19T07:16:57","slug":"gone-phishing-basics","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/07\/gone-phishing-basics\/","title":{"rendered":"Gone Phishing &#8211; Basics"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"53121\" class=\"elementor elementor-53121\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<style>\n.post-content h3 { font-size: 20px; color: #4c4ef0; line-height: 1.7em; }\n.post-content h4 { font-size: 18px; color: #4c4ef0; line-height: 1.7em; }\n<\/style>\n\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png\" alt=\"\" width=\"958\" height=\"auto\"><\/p>\n<h3>Intro<\/h3><p>We all know what phishing is and how prevalent it is. This is the attack that accounted for more than 80% in 2021! More details can be found <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/spanning.com\/blog\/cyberattacks-2021-phishing-ransomware-data-breach-statistics\/\">here<\/a> and <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.graphus.ai\/blog\/10-facts-about-phishing-in-2021-that-you-need-to-see\/\">here<\/a>.<\/p><p>With such scary numbers, it is an attack vector that warrants our attention. As we know, the security at our company is only as strong as our weakest link, and unfortunately, this is how threat actors leverage phishing attacks against us.<\/p><p>You can have all controls in the world, but you can still get phished; it is virtually impossible to implement an anti-phishing solution that will cover all the bases. Yes, you can have safe links, and a myriad of other controls, but that user interaction that\u2019s at the core of this attack is how you get exploited and it&#8217;s just too difficult to account for. There are many tools out there that will do filtering for you (and whatever else), however these emails still can (and probably will) get through. You need to know what to do when that (inevitably) happens.<\/p><p>This all goes to say how important our education and cyber awareness in the organization are since we can be sure that we will eventually get targeted by one of these attacks.<\/p><p>My goal in this series is to look at and explain how a phishing attack works and how to analyse a phishing email. I will only explain some of the most important things briefly in this article. In the upcoming article, I will dive into the technical aspects of the attack.<\/p><h3>&nbsp;<\/h3><h3>Some Historical Context<\/h3><p>Phishing and Spam are extremely common social engineering attacks, and not that new at all. First spam message dates all the way back to 1978 \u2013 you can read more about that <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.britannica.com\/topic\/spam\">here<\/a>.<\/p><p>In the 4+ decades this attack has existed, threat actors have found creative ways to perfect it, and we\u2019re all witnessing the results of that effort. As mentioned above, phishing is how 80% of breaches had started in 2021. We can\u2019t know with certainty, but don\u2019t expect this attack to fall out of favor. It is just too convenient for the attacker to at least try and phish the unsuspecting employee.<\/p><p>After obtaining those credentials, they\u2019re off to the races.<\/p><h3>Types of Phishing Attacks<\/h3><p>Below are listed some of the phishing attack variants:<\/p><ul><li><strong>Phishing <\/strong>\u2013 Emails sent to the target, appearing to be from a legitimate source with the goal to obtain sensitive information<\/li><li><strong>Vishing <\/strong>\u2013 Attack that\u2019s based on calling the target on their mobile phone. Same logic and goal as for the regular phishing email<\/li><li><strong>Smishing <\/strong>\u2013 Same as vishing, with the difference being the attacker is now sending specifically crafted SMS messages to their targets<\/li><li><strong>Spear phishing <\/strong>\u2013 As phishing, but targeted at a specific individual or organization<\/li><li><strong>Whaling <\/strong>\u2013 As spear phishing but targeted at C-level executives. Also known as CEO Fraud<\/li><li><strong>Spam <\/strong>\u2013 Sending of unsolicited emails in bulk to a large group of people<\/li><\/ul><p>The MO here is almost the same for every variant, even though they might leverage different methods.<\/p><h3>&nbsp;<\/h3><h3>Typical Phishing Email<\/h3><p>A typical phishing email will have some (or all) of these characteristics:<\/p><ul><li>Urgency \u2013 Almost invariably, the email will be urgent in one way or the other; be it your \u2018reward\u2019 that you just got (you claiming it would be on a timer\/urgent), or be it something you need to pay to avoid penalty. It will call you to action, hoping you would react immediately<\/li><li>Bad grammar\/spelling \u2013 This one is quite common and is oftentimes a really good indicator. Most of the phishing attacks will have small grammar\/spelling errors within the email. Read through everything carefully. Of course, if an email is written perfectly, it can still be a phishing email<\/li><li>Mismatched domains \u2013 Email is claiming to be from one company (domain) but it is actually sent from <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/gmail.com\">gmail.com<\/a> or another domain. Misspelling is also sometimes use to hide the illegitimate domain by tricking you into thinking the domain\u2019s good. Example: <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/rnicrosoft.com\"><em>rnicrosoft.com<\/em><\/a><em>, <\/em><a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/google.cm\"><em>google.cm<\/em><\/a><em>, <\/em><a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/g0ogle.com\"><em>g0ogle.com<\/em><\/a><em>, <\/em>etc. also known as Typosquatting \u2013 more on that <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.kaspersky.com\/resource-center\/definitions\/what-is-typosquatting\">here<\/a><\/li><li>Suscpicious links\/attachements \u2013 Unsolicited attachements are sent to you in an email, probably also prompting you to act on them.<\/li><li>The sender email address will act and try to appear as a trusted entity \u2013 email spoofing<\/li><li>The body of the email uses generic addressing such as Dear Sir\/Madam, etc.<\/li><li>Hyperlinks \u2013 oftentimes shortened with URL shortening services so it can hide its true purpose; don\u2019t click on these! Hover over them to see the destination<\/li><li>The body of the email is crafted in such a way that it matches a trusted entity (Google, Microsoft, for example)<\/li><\/ul><p>This is very important to note. There are some good examples out there that illustrate the above nicely, while giving you a practical on the topic. Most companies will use similar stuff when training their employees (most likely with an internal mock phishing test). To see how you fare, you can try the quiz <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/phishingquiz.withgoogle.com\/\">here<\/a>.<\/p><p>Of course, even if we\u2019re mindful of the above, human error can occur, so you should always pay extra attention when an unknown email pops in your inbox.<\/p><h3>How does an Email Travel<\/h3><p>Upon hitting SEND in your favorite email client app, there\u2019s a lot of stuff that happens behind the curtains for your email to arrive at its destination. Three protocols are involved in this: POP3, IMAP, and SMTP.<\/p><p><strong>POP3 <\/strong>\u2013 Post Office Protocol \u2013 receiving emails, downloading from the server<\/p><p><strong>SMTP <\/strong>\u2013 Simple Mail Transfer Protocol \u2013 handles the sending of the emails<\/p><p><strong>IMTP <\/strong>\u2013 Internet Message Access Protocol \u2013 stores messages on the server and syncs them across multiple devices<\/p><p>Slightly longer explanation can be found in this <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/help.aol.com\/articles\/what-is-the-difference-between-pop3-and-imap\">article<\/a>:<\/p><p><strong>IMAP<\/strong>:<\/p><p>Emails are stored on the server (meaning they can also be downloaded on multiple devices)<\/p><p>Sent emails are stored on the server<\/p><p>Messages can be synced and accessed from multiple devices<\/p><p><strong>POP3<\/strong>:<\/p><p>Emails are downloaded (and stored) on a single device<\/p><p>Sent emails are stored on a single device, from which the email was sent<\/p><p>To keep messages on the server you need to enable \u201cKeep email on server\u201d option, because all the emails would be deleted from the server, once downloaded to the single device<\/p><p>Emails can only be accessed from a single device (where they were downloaded to)<\/p><p><strong>SMTP<\/strong>:<\/p><p>By using SMTP, you\u2019re sending, relaying, or forwarding messages from an email client (thinks MS Outlook) to a receiving email server<\/p><p>Explained <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.socketlabs.com\/blog\/smtp-or-imap\/\">here<\/a>.<\/p><p>Lastly, to summarize, an email travelling would look something like this:<\/p><ul><li>You hit send within your email client after composing the message, sending it to <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"mailto:someone@example.com\">someone@example.com<\/a><\/li><li>The SMTP queries the DNS for records about <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/example.com\">example.com<\/a><\/li><li>The DNS server fetches information about <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/example.com\">example.com<\/a> and sends it to the SMTP server<\/li><li>The SMTP server sends the email to someone\u2019s mailbox at <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"http:\/\/example.com\">example.com<\/a><\/li><li>The email goes through many SMTP servers before being relayed to the destination SMTP server<\/li><li>Upon reaching the destination SMTP server your email is forwarded and waits in the local POP3\/IMAP server waiting on someone<\/li><li>Someone logs in to their email clients<\/li><li>Their email client queries the local POP3\/IMAP server for new emails<\/li><li>Your email is copied (IMAP) or downloaded (POP3) to someone\u2019s email client<\/li><\/ul><p>This is nicely explained <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/docs.sendgrid.com\/ui\/sending-email\/email-flow\">here<\/a>, where you can also find the diagram shown below.<\/p><img decoding=\"async\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ms582al20bp66gdn8w33.png\"><p><a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.siteground.com\/tutorials\/email\/protocols-pop3-smtp-imap\/\">Here<\/a> you can read more about these three protocols. <\/p><p>Default (un)encrypted ports for these protocols are:<\/p><p>POP3 \u2013 (110)995<\/p><p>IMAP \u2013 (143)993<\/p><p>SMTP \u2013 (25)587\/465<\/p><h2>Conclusion<\/h2><p>Okay, so I talked a bit about phishing, how scary (real) it is, how an email travels, and I mentioned the variants of phishing attacks.<\/p><p>Before concluding, I\u2019d like to emphasize again how important it is to understand\/have some plan prepared against phishing as it is the best way attackers gain access, which in turn leads to some real ugly stuff. Prime example is ransomware, which is the most common way in which a \u2018simple\u2019 phishing attack evolves. (You can read more about it <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.egress.com\/blog\/phishing\/phishing-leads-ransomware-attacks\">here<\/a>, <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/cofense.com\/blog\/phishing-ransomware-precursor\/\">here<\/a>, and <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/www.zdnet.com\/article\/ransomware-these-are-the-two-most-common-ways-hackers-get-inside-your-network\/\">here<\/a>)<\/p><p>Finally, to let you go on a very dark note, please remember that phishing kits can be bought online quite easily, and that launching a phishing campaign can be done by someone less technical while the true danger remains; what comes after the attack i.e., what was it used for. &nbsp;They might be less effective, true, but it is scary to think that it can be done in that way with so little effort \u2013 in comparison to the impact the attack can have.<\/p><p>Stay tuned for the next piece where I\u2019ll be talking about header and body analysis, and more!<\/p><p>Cover by <a target=\"_blank\" rel=\"noopener noreferrer nofollow\" href=\"https:\/\/pixabay.com\/users\/mohamed_hassan-5229782\/\">Mohamed Hassan<\/a><\/p><p>#phishing #smtp #pop3 #imap #vicarius_blog<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"39690\" class=\"elementor elementor-39690\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ff2a228 elementor-widget elementor-widget-text-editor\" data-id=\"ff2a228\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p><b>About VRX<\/b><br><b>VRX&nbsp;<\/b>is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Intro We all know what phishing is and how prevalent it [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[476,488,61],"tags":[477,489],"class_list":["post-53121","post","type-post","status-publish","format-standard","hentry","category-vrx","category-488","category-press-release","tag-vrx","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Gone Phishing - Basics - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gone Phishing - Basics - Version 2\" \/>\n<meta property=\"og:description\" content=\"Intro We all know what phishing is and how prevalent it [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-18T01:07:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-19T07:16:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/07\\\/gone-phishing-basics\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Gone Phishing &#8211; Basics\",\"datePublished\":\"2022-07-18T01:07:08+00:00\",\"dateModified\":\"2022-08-19T07:16:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/07\\\/gone-phishing-basics\\\/\"},\"wordCount\":1456,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl5h6ezog2aih0bp62tc1br91.png\",\"keywords\":[\"vRx\",\"2022\"],\"articleSection\":[\"vRx\",\"2022\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/07\\\/gone-phishing-basics\\\/\",\"url\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics\",\"name\":\"Gone Phishing - Basics - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl5h6ezog2aih0bp62tc1br91.png\",\"datePublished\":\"2022-07-18T01:07:08+00:00\",\"dateModified\":\"2022-08-19T07:16:57+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#primaryimage\",\"url\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl5h6ezog2aih0bp62tc1br91.png\",\"contentUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl5h6ezog2aih0bp62tc1br91.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/gone-phishing-basics#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Gone Phishing &#8211; Basics\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gone Phishing - Basics - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics","og_locale":"zh_HK","og_type":"article","og_title":"Gone Phishing - Basics - Version 2","og_description":"Intro We all know what phishing is and how prevalent it [&hellip;]","og_url":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics","og_site_name":"Version 2","article_published_time":"2022-07-18T01:07:08+00:00","article_modified_time":"2022-08-19T07:16:57+00:00","og_image":[{"url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"8 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/07\/gone-phishing-basics\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Gone Phishing &#8211; Basics","datePublished":"2022-07-18T01:07:08+00:00","dateModified":"2022-08-19T07:16:57+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/07\/gone-phishing-basics\/"},"wordCount":1456,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png","keywords":["vRx","2022"],"articleSection":["vRx","2022","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/07\/gone-phishing-basics\/","url":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics","name":"Gone Phishing - Basics - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#primaryimage"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png","datePublished":"2022-07-18T01:07:08+00:00","dateModified":"2022-08-19T07:16:57+00:00","breadcrumb":{"@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vicarius.io\/blog\/gone-phishing-basics"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#primaryimage","url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png","contentUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl5h6ezog2aih0bp62tc1br91.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vicarius.io\/blog\/gone-phishing-basics#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"Gone Phishing &#8211; Basics"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-dON","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/53121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=53121"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/53121\/revisions"}],"predecessor-version":[{"id":53126,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/53121\/revisions\/53126"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=53121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=53121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=53121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}