Juan Pablo Guzmán I build at nodolab.ai
ESEN中文
Back to writing Security

Phishing 101

· 2 min read

We are all susceptible to falling for messages designed to steal our credentials, emails, bank accounts, cards, or any data that can be used to impersonate our identity.

We are all susceptible to falling for messages designed to steal our credentials, emails, bank accounts, cards, or any data that can be used to impersonate our identity. Just by checking the Spam folder, we can see dozens of emails with catchy subjects trying to grab our attention:

“Your account has been suspended” “Update your payment method” “Confirm your identity” “You must pay this invoice”

Social Engineering in Action

There are more elaborate attempts: customized attacks where someone investigates your profile and pretends to be a recruiter, executive, or professional contact. In my case, the goal was to take over my account and the guz.mx domain.

I have received requests to schedule calls and interviews for supposed Marketing Director positions, using domains that appear to be from Google Careers, but they are not.

This email I received from a tool called Hiri

Nobody who speaks Spanish says Schedule a conversation. NOBODY.

How to Detect a Phishing Email

Hover over the links before clicking.

If the link points to an address you don’t recognize or that seems like an imitation, do not enter. Delete the email.

The domain is not the same as what Google Careers uses

Check the full sender. Not the visible name, but the real email (what is after the @). Example: recruiter@google-careersteam.net is not the same as @google.com.

Analyze the domain. You can verify its creation date on who.is or dnschecker.org. If it was created just a few days ago, be suspicious.

They hid the domain registration data, but I can see that the registration was in my early morning.

The domain they used today was registered on the same day of the attempt, which is already a clear sign of a scam attempt.

Hover over the links before clicking.

If the link points to an address you don’t recognize or that seems like an imitation, do not enter. Delete the email.

Be wary of urgency. Fake emails often create pressure: “last chance”, “account suspended”, “verify in 24 hours”.

Never share your credentials. No serious company asks for passwords, access codes, or sensitive data by email or external form.

Beyond Email

Phishing is not limited to Gmail. It also occurs on:

  • SMS (smishing).
  • WhatsApp and Telegram (false verification messages).
  • Facebook, Instagram, or X (false infringement or copyright notifications).

The general rule: if something feels / looks / smells / is strange, it probably is.

Satisfy curiosity:

If someone is really that interested in my domain, they can write to me at tecomprodominio@guz.mx.