I Saw 8 MILLION Phishing Scams
ฝัง
- เผยแพร่เมื่อ 14 ก.พ. 2023
- j-h.io/guardio || Guardio keeps YOU safe from phishing scams and online threats! Get 20% off with my link: j-h.io/guardio
🔥 TH-cam ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
That's neat that they have an API, you can probably write an outlook add-on that checks links in a received email and moves it to junk if the link is in the db or something.
6:22 best part of video
I immediately thought this would be cool to grab via the API key and integrate into a DNS sinkhole. Would be a neat addition, update automatically twice a day and be safe from a few more malicious things on the web
Welcome back, John! Glad to see we hadn't lost you!
Looked for you nearly a month after the internet explorer video..!
Good to see you again..!
Thanks for giving me another site/tool to check out! Keep up the awesome work John!!!
Nice tool recommendation, John! Good to see you back in the saddle 👍
Incredible Sponsor transition, 10/10. Giving LTT a run for his money.
yep 🤣🤣 at 9:47
Glad to see you're back
thanks for sharing John!
so glad your back
Great resource Johnny boy!
Thanks for sharing, had no idea this existed!
Happy to see after a long time
Thanks for the info, even though phishing tank is old I didn’t have idea it exists.
Welcome back!!
I really enjoyed this video, I hadn't previously heard of it, but I'm sure it will come in handy,
Welcome back JH!
You`re back
My guy is back !!!
Missed you John!!! ❤️
Thanks John.
We missed you John welcome back
He's back!
I just need this in list format to add to my firewall
Lmfao uncanny transition into the sponsor 😂🤣😂😂🤣
Stick to cyber don’t start acting anytime soon!
I’m dying!!!
Thanks for the video as always
Pretty cool stuff man :-)
the legend is back!
He's back! 🥳
Happy to see sir
This is awesome! Problem being no registrations for submissions :
Hoooooly...
Dude just through phish tank api with vt and do it in python...
Such a good project idea !!!
🥰Just Amazed To See You Again
Noticed that google has the Dangerous label on the phish tank website in your video. Im assuming because this web page is full of phishing links.
Cool thank
Is there a CVE for the hijacking the access to the pages opened on the browser bypassing the 2FA?
Side note, ILY John Hammond 💙
after a while ♥
"(...) you OR an innocent victim"
long time no see daddy chill
I saw there was one for malware, but I can't find the video of the guy that showed it
He showed how to set up a virtual machine and how to open up the malicious file that was downloaded from that site and to see what it does. He'd grab the URL + how it acts and then upload it back to that website
Maybe I can find it again
I'm getting a DHL phising email every day... I don't like the group/person/bot who sends the emails to me
Send them back with some UPS phishing
@@williampartham6421 but with a rickroll link?
Who check / validate ?
I don't get it why people show a website and then continue not to link the website in the video description
is it possible to get your browser data stolen by just clicking a link?
Even when nothing gets downloaded and you don't input anything?
Might be wrong but i'm pretty sure that a XSS could do that
Yes it's possible. Once you're opening a page, the browser sends a Get request, and within that Get request malicious code can be activated, in something known as Cross Site Scripting (xss for short), as Bernardo Catana mentioned. This however, is usually common when you're asked to fill in either credentials or other kind of information. So, opening a link isn't the worst, just make sure you don't open links that are really, really suspicious.
Sidenote: Please feel free to correct me, because sharing misinformation is bad :)
@@DouweHummeling i see thanks for the explanation
Did johnny went fishing trip....
I saw the guys who put weights inside their fish, that was a really shitty scam.
They got caught though, so got their just desserts.
Can't believe that many people try to scam in competitions though, 8 million???
Yes, I know 😛
Wow
Please Regular Upload Vedio Olease
Ma man is using a green screen now! 🤯🤯
that's a black screen, it looks green because of bitrate compression
@@DaxyGamer It's foam paneling in the background.
My Guru is back , watching this while having my dinner 🙏.Love from India ❤
When I see a notification I just click don't matter what I was doing
ggs
Same
@@mkson1 yehhh
I wouldn't recommend clicking on a link in a phishing email unless you know what you are doing.
@@marcorossi7339 You can get hit with a heap of malware (some being zero day), logging your IP for DOS / future port scanning for weak items like IOT devices, draws attention to you etc. Remember that anti virus isn't perfect. It searches for signatures typically.
There are lots of vulnerabilities out there still.
@@Exposingscammers very clear! Thx
@@marcorossi7339 it is as @Exposingscammers said and more. I usually detonate the links in an isolated forensics sandbox and monitor all kinds of activity in the background.
@@wizix9877 forensics sandbox is equal to a kali/tails vm? Using tor?
Lol my ofc tricked me in clicking a link.
I think some of these are windows defender phishing sites? would be a great tool also for the scam-baiting community?.
Agreed. I'm going to be taking a look . I need more calls.
1st
What do you mean "phishing scams"?
A scam typically involves no URLs or attachment in the initial attack vector (1st mail), attempting to socially engineer the would-be victim into taking action in some aspect for the threat's own gains (an example would be the classic Nigerian prince email). A phish, on the other hand, usually attempts to masquerade as a trust-worthy entity, attempting to create some sense of urgency (either via threatening actions such as account closure or via expected item being provided way ahead of time, such as your son's birthday gift being delivered 1 week in advance) in order to get the victim to unknowingly provide access to company systems/ bank accounts/ etc.
It would be rather disconcerting if a SOC service starts treating scam emails with the same criticality/severity as phishing emails.
Hi, thanks for the long explanation. I am pretty sure he used the term "scam" to target audience with less knowledge about the field. Sometimes long explanations such as this one will be boring for some viewers as they came to become more aware about threats and not to become hackers and learn terminology.