How do targeted phishing emails work?

Henchmen4Hire

Honorable
Oct 23, 2012
5
0
10,510
0
I'm wondering, how do the scammers who send phishing emails know to make the subjects related to things and places you visit?

Relevant info:
-I have TimeWarnerCable Internet at home. All devices that use that internet have stuff like AdBlock, DoNotTrack, don't share location, etc. No one here uses services like Cortana, only basics like checking email through a browser.

-I recently got a new android smartphone, went through the usual process of removing and disabling everything possible so it's down to bare essentials. This means no using any service except the phone functionality itself, text messaging, and Firefox browser with the usual privacy/adblock add-ons.

From the point that I activated the phone, all I did was:
-Checked my Outlook email (using Firefox on the PC, home wifi) and deleted a few emails (non-phishing yet).
-Checked where the nearest Zankou Chicken store is (using StartPage search engine in Firefox on my phone, home wifi).
-Used the phone's native Messenger app to ask my friend if he wanted some Zankou Chicken, along with providing the cross streets.
-Once we were at the Zankou Chicken shack, I turned off the phone's wi-fi and used the Messenger to give a different friend my new phone number.

Notice I've said "Zankou Chicken" four times already, and those words were thrown around a few times while messaging too. So what are the two phishing emails I received about?...

The Chase bank that was directly in front of the Zankou Chicken.

This is weird because I don't have a bank account, I deal with cash only. I've never even searched for Chase or uttered their name.

The first email was addressed to my main Outlook email address. The second was addressed to an older Outlook email address that I don't use anymore, it's just an alias under the same account.

How does this stuff even happen?
 

USAFRet

Splendid
Moderator
Phishing is often just location based.
ISP of X operates in a certain area. Bank Y operates in a certain area.

Send an email of "Click here for your bank Info" (being bank Y), to customers of ISP X...and you WILL get some people who are customers of both.
And some small subset of those recipients WILL click on that link in the email.

Cost of sending the email? $50, incl buying a somewhat relevant email list.
Potential profit from the poor fools who get scammed? Possibly thousands.
 

USAFRet

Splendid
Moderator
Phishing is often just location based.
ISP of X operates in a certain area. Bank Y operates in a certain area.

Send an email of "Click here for your bank Info" (being bank Y), to customers of ISP X...and you WILL get some people who are customers of both.
And some small subset of those recipients WILL click on that link in the email.

Cost of sending the email? $50, incl buying a somewhat relevant email list.
Potential profit from the poor fools who get scammed? Possibly thousands.
 
Thread starter Similar threads Forum Replies Date
L Antivirus / Security / Privacy 1
R Antivirus / Security / Privacy 1
A Antivirus / Security / Privacy 3
icynicalb Antivirus / Security / Privacy 1
icynicalb Antivirus / Security / Privacy 3
Johnny5 Antivirus / Security / Privacy 2
K Antivirus / Security / Privacy 1
P Antivirus / Security / Privacy 8
Paul Wagenseil Antivirus / Security / Privacy 5
Marshall Honorof Antivirus / Security / Privacy 2
G Antivirus / Security / Privacy 1
H Antivirus / Security / Privacy 1
G Antivirus / Security / Privacy 1
jblove Antivirus / Security / Privacy 1
gussrtk Antivirus / Security / Privacy 13
Stanley112 Antivirus / Security / Privacy 1
V Antivirus / Security / Privacy 5
Paul Wagenseil Antivirus / Security / Privacy 5
Jill Scharr Antivirus / Security / Privacy 12
Jill Scharr Antivirus / Security / Privacy 1

ASK THE COMMUNITY