Most of the phishing emails I see are fairly rudimentary, often targeting users of the same-old websites (Facebook, Apple, PayPal, etc…) or a variety of online banks. It’s not that unusual for the emails to be less than convincing.
What I don’t remember receiving before is an email purporting to come from Amazon Web Services (AWS), claiming that unless I confirm I have given my correct contact information for a domain’s WHOIS record, a website I administer could be suspended.
The email is professionally presented, and might fool unwary users into clicking on the link. So the potential is definitely there (especially if you do have a server running on AWS) for credentials to be stolen.
Fortunately my wits were about me. The email address the email was sent to was not the same one that I use for my AWS account.
But even if that hadn’t been the case, following the advice of the email and clicking on the link provided isn’t going to take anyone anywhere malicious. Why? Because the phishers malformed the link right at its beginning…
We cannot always rely on criminals making elementary blunders with their phishing attacks, but thanks heavens some still do.