We will be sharing and analysing real phishing attempts received.

Sophistication Level:

Low-Medium

Tactics:

An attorney claimed that their late client has much unclaimed assets to be passed on to the next of kin.

Analysis:

1. Using email address as the "name" is not natural but feel more like a generated email based on a database entry.

2. Not much credibility was established other than the sender claiming to be the attorney of the "deceased client".

3. The "same last name" reason is quite absurd. The last name "lam" is too common for the case to be credible.

4. The enticement element is the "unclaimed assets".

5. The email's tone is not too strong. Probably a first step for shortlisting people who replied for further actions. People who have a relative died recently could possibly relate and reply.

The above is a real email received.