Here’s the email he got that resulted in the hack. Notice how it (a) looks very real and (b) it adds a sense of urgency because you’re worried you may have already been hacked.

Also notice that the email is from [email protected]. This is a really really good phishing email because it seems legitimate. The domain is a .com and short enough that it looks real.

Remember: if you’re getting an email from Twitter or Microsoft, make sure that the domain is twitter.com or microsoft.com. Better yet, try going to the domain to see if it looks real. The email looks very good but these hackers didn’t take the time to make a landing page at x-notify.com.

Stay safe out there!

Note the sender email is “[email protected]”. Seems like a legit email, but it should be from “costco.com” ONLY.

Also notice that there is a false sense of urgency added at the bottom of the email. This is a common strategy hackers use to try and get people to perform a specific action.

A good place to start is https://locke.id/security. It’s an in-depth write up on how people get hacked in the first place and how you can avoid being hacked.

If you’re too busy to read that, the most important takeaway is that online security happens through education and community. Knowing what links to not click on and alerting others of malicious sites.

Join our community if you wish to learn more and consider purchasing our product at https://app.locke.id.

Thanks!
Connor – CEO