Phishing & Fake Support
Impersonation tactics to steal credentials, intercept 2FA, or push malware.
Red flags
- Look‑alike domains or homoglyph characters in URLs.
- Search‑ad traps that place fake support pages above real ones.
- Urgent login/payment prompts with scare tactics.
- Requests for 2FA codes or remote‑access installs.
What to do
- Close the page/app; do not enter credentials.
- Reset passwords from the official app/site you type manually.
- Rotate recovery codes; revoke sessions and app passwords.
- Check for unwanted extensions or remote‑access tools.
Evidence to collect
- URL and full‑page screenshot.
- Emails with full headers; SMS sender info.
- Hashes of any files you downloaded (if known).