It is the oldest and easiest bit of email social engineering – promise you something that is too good to be true. Your tempted and the hackers have got you.
You think this would have gone the way of “princes offering to share millions with you, if you will just pay a small amount into this account to release the money to you” email. But it hasn’t.
Among the emails in a phishing attack directed at the NHS, was a variant from “Jeff Bezos’s secretary offering $2 million, for a small handling fee! However the real aim of the hacking campaign was to steal Microsoft credentials.
Phishing operation hits NHS email accounts • The Register
The low numbers of email accounts that responded in some way to the phishing campaign was small – the real issue is that the 2017 NHS WannaCry attack was probably caused by a single response to a malicious email.
Clive Catton MSc (Cyber Security) – by-line and other articles
My training courses at Octagon Technology
Social Engineering and Email Cyber Security Training – Octagon Technology
Business cyber security – Masterclass – Octagon Technology
References
Ghafur, S., Kristensen, S., Honeyford, K., Martin, G., Darzi, A., & Aylin, P. (2019). A retrospective impact analysis of the WannaCry cyberattack on the NHS. NPJ digital medicine, 2(1), 1-7.


