Similar to display name deception in this kind of attack, criminals can insert the identity of a company name or a trusted brand (such as the name of the bank used by the targeted individual) into the display name. Since common consumer mailbox services, such as Gmail and Yahoo, allow a user to specify any value in the display name, this type of attack is simple and cheap to stage from such a service. For example:
- Bank of America <[email protected]>
- Bank of America <[email protected]>
When an email is confirmed as dangerous by our Visible-IR (Incident Response) Team, the following banners may appear at the top of the email. In addition to this banner the email may be moved to either your Junk or Deleted email folder depending on the threat detected