Geez, I skimmed the image with the "steps" and the devtools next to it and assumed it was steps to get the user to open the DevTools, but later when he said it would download a file I thought "You can tell the DevTools to download a file and execute it as a shell script?!".
Then I read the steps again, step 2 is "Type in 'Terminal'"... oh come on, will many people fall for that?
They don’t need “many” people to fall for it. It’s a numbers game. Spam the message to 10k emails and even a small conversion rate can be profitable.
Also, I’d bet the average site owner does not know what a terminal is. Think small business owners. Plus the thought of losing revenue because their site is unusable injects a level of urgency which means they’re less likely to stop and think about what they’re doing.
Our call center had to develop a procedure and do training around explaining to grandmas why we will not let them purchase those iTunes giftcards, and that their relative is not actually in prison anywhere, and that no prison accepts iTunes gift cards for bail.
There's no such thing as "too obvious" when it comes to computers, because normal people are trained by the entire industry, by every interaction, and by all of their experience to just treat computers as magic black boxes that you chant rituals to and sometimes they do what you want.
Even when the internet required a bit more effort to get on to, it was still trivial to get people to delete System32
The reality is that your CEO will fall for it.
I mean come on, do you not do internal phishing testing? You KNOW how many people fall for it.
I've seen these on comporimsed wordpress sites a lot. Will copy the command to the clipboard and instruct the user to either open up PowerShell and paste it or just paste in the Win+R Run dialog.
These types of phishs have been around for a really long time.
Then I read the steps again, step 2 is "Type in 'Terminal'"... oh come on, will many people fall for that?