{"id":5371,"date":"2026-04-02T12:34:42","date_gmt":"2026-04-02T19:34:42","guid":{"rendered":"https:\/\/www.sqlskills.com\/blogs\/paul\/?p=5371"},"modified":"2026-04-02T12:52:02","modified_gmt":"2026-04-02T19:52:02","slug":"sql101-phishing-attacks","status":"publish","type":"post","link":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/","title":{"rendered":"SQL101: Phishing attacks"},"content":{"rendered":"<p style=\"text-align: justify;\">I thought it was bad previously, but in 2026 I&#8217;ve noticed a big rise in emails trying to scam me into clicking a link &#8211; known as phishing. Phishing describes an email that entices the recipient to open it and maybe click a link, which then installs some malware on the computer. This could be something that logs keystrokes and sends them to another system on the Internet.<\/p>\n<p style=\"text-align: justify;\">You\u2019ve likely have received emails like that, purporting to come from Microsoft or PayPal or some other company you recognize, and urging you to click a link to fix something to do with your account. Just since Sunday, I&#8217;ve received many phishing emails, including:<\/p>\n<ul style=\"text-align: justify;\">\n<li>To our A\/P department, purporting to come from me, giving the ok to pay an invoice from a fake CEO training course in my name<\/li>\n<li>Domain-name expiry notifications<\/li>\n<li>Anti-virus order receipts and click\/call if that&#8217;s a mistake<\/li>\n<li>Fake DocuSign emails for contracts\/receipts<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">I&#8217;ve read many books on hacking, from both sides of the ethical fence, and it always strikes me that security checklists and security reviews of SQL Server environments are all well and good, but there are a few missing things that I think are worth considering.<\/p>\n<p style=\"text-align: justify;\">For instance, does your company provide training or guidance on recognizing and avoiding phishing emails? Such phishing emails could be cleverly targeted, especially if hackers are going after a specific company and make an email look like it\u2019s coming from a source the DBA trusts. If a DBA clicked a phishing link and unknowingly installed malware on a personal laptop, say, and then connected to a work system, the hackers could capture the DBA\u2019s login credentials.<\/p>\n<p style=\"text-align: justify;\">Such phishing emails could be cleverly targeted, especially if hackers are going after a specific company and make an email look like it\u2019s coming from a source the DBA trusts. Hacking books have plenty of descriptions of this being done to companies like banks and defense contractors.<\/p>\n<p style=\"text-align: justify;\">A way to test people in your company would be to create a fake email with a link that takes them to a web page showing that they\u2019ve clicked something they shouldn\u2019t have, and to be wary in future \u2013 or just to keep track of what proportion of recipients in the company were fooled into clicking the link.<\/p>\n<p style=\"text-align: justify;\">Another thing to be wary of is social engineering. This is where a hacker calls someone on the phone, pretending to be someone who needs some information that can help them break into a computer system, and fools the person into giving that information out. I\u2019ve read about this being used many times in the past, and is a relatively common technique used by phone scammers. &#8220;Hello, we&#8217;re from Microsoft support and your computer has been hacked&#8230;&#8221;<\/p>\n<p style=\"text-align: justify;\">Finally, one of the things you might consider for your company is engaging the services of a third-party company that does what&#8217;s called penetration testing. These people will deliberately try to hack into your environment, with your permission, to discover security weaknesses that you can then patch before a malicious hacker tries to break in.\u00a0Sometimes this is known as <em>ethical hacking<\/em>, and you can actually learn how to do it yourself, to think about security from the attacker\u2019s perspective and assess your own environment for security flaws.<\/p>\n<p style=\"text-align: justify;\"><strong>Call to Action<\/strong><\/p>\n<p style=\"text-align: justify;\">If you\u2019re responsible for databases that contain any information that you don\u2019t want someone to have unauthorized access to, you need to make sure that your security doesn\u2019t have any problems. That includes making sure that the users are educated about ways that they can be duped into giving out info or installing malware, and testing your system\u2019s defenses to see if they can be broken. You can be sure that someone out there will try to get in sooner or later.<\/p>\n<p>PS A few interesting books on hacking that spring to mind:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.amazon.com\/gp\/product\/0544251792\/ref=as_li_tl?ie=UTF8&amp;camp=1789&amp;creative=390957&amp;creativeASIN=0544251792&amp;linkCode=as2&amp;tag=sqlscom-20&amp;linkId=CP6KVDTYP6AFRJD6\" target=\"_blank\" rel=\"noopener\">@War: The Rise of the Military-Internet Complex<\/a><\/li>\n<li><a href=\"https:\/\/www.amazon.com\/Ghost-in-Wires-audiobook\/dp\/B005HBO3BY?&amp;linkCode=ll2&amp;tag=sqlscom-20&amp;linkId=e01499d068c5617bdcb7ea52212b8969&amp;language=en_US&amp;ref_=as_li_ss_tl\" target=\"_blank\" rel=\"noopener\">Ghost in the Wires: My Adventures as the World&#8217;s Most Wanted Hacker<\/a> (I actually crossed paths with Mitnick when I was at DEC &#8211; R.I.P.)<\/li>\n<li><a href=\"https:\/\/www.amazon.com\/Art-Deception-Controlling-Element-Security\/dp\/076454280X?&amp;linkCode=ll2&amp;tag=sqlscom-20&amp;linkId=aee028d192ca241cc0d192e02fda5ff3&amp;language=en_US&amp;ref_=as_li_ss_tl\" target=\"_blank\" rel=\"noopener\">The Art of Deception: Controlling the Human Element of Security<\/a><\/li>\n<li>(where the word comes from) <a href=\"https:\/\/www.amazon.com\/Hackers-Computer-Revolution-Steven-Levy\/dp\/1449388396?&amp;linkCode=ll2&amp;tag=sqlscom-20&amp;linkId=9527e4e04853d00dc501b57882d56a61&amp;language=en_US&amp;ref_=as_li_ss_tl\" target=\"_blank\" rel=\"noopener\">Hackers: Heroes of the Computer Revolution<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>I thought it was bad previously, but in 2026 I&#8217;ve noticed a big rise in emails trying to scam me into clicking a link &#8211; known as phishing. Phishing describes an email that entices the recipient to open it and maybe click a link, which then installs some malware on the computer. This could be [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[79,108],"tags":[],"class_list":["post-5371","post","type-post","status-publish","format-standard","hentry","category-security","category-sql101"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SQL101: Phishing attacks - Paul S. Randal<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SQL101: Phishing attacks - Paul S. Randal\" \/>\n<meta property=\"og:description\" content=\"I thought it was bad previously, but in 2026 I&#8217;ve noticed a big rise in emails trying to scam me into clicking a link &#8211; known as phishing. Phishing describes an email that entices the recipient to open it and maybe click a link, which then installs some malware on the computer. This could be [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Paul S. Randal\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-02T19:34:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-02T19:52:02+00:00\" \/>\n<meta name=\"author\" content=\"Paul Randal\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Paul Randal\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/\",\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/\",\"name\":\"SQL101: Phishing attacks - Paul S. Randal\",\"isPartOf\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#website\"},\"datePublished\":\"2026-04-02T19:34:42+00:00\",\"dateModified\":\"2026-04-02T19:52:02+00:00\",\"author\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SQL101: Phishing attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#website\",\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/\",\"name\":\"Paul S. Randal\",\"description\":\"In Recovery...\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce\",\"name\":\"Paul Randal\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g\",\"caption\":\"Paul Randal\"},\"sameAs\":[\"http:\/\/3.209.169.194\/blogs\/paul\"],\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/author\/paul\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SQL101: Phishing attacks - Paul S. Randal","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/","og_locale":"en_US","og_type":"article","og_title":"SQL101: Phishing attacks - Paul S. Randal","og_description":"I thought it was bad previously, but in 2026 I&#8217;ve noticed a big rise in emails trying to scam me into clicking a link &#8211; known as phishing. Phishing describes an email that entices the recipient to open it and maybe click a link, which then installs some malware on the computer. This could be [&hellip;]","og_url":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/","og_site_name":"Paul S. Randal","article_published_time":"2026-04-02T19:34:42+00:00","article_modified_time":"2026-04-02T19:52:02+00:00","author":"Paul Randal","twitter_misc":{"Written by":"Paul Randal","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/","url":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/","name":"SQL101: Phishing attacks - Paul S. Randal","isPartOf":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#website"},"datePublished":"2026-04-02T19:34:42+00:00","dateModified":"2026-04-02T19:52:02+00:00","author":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce"},"breadcrumb":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/sql101-phishing-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sqlskills.com\/blogs\/paul\/"},{"@type":"ListItem","position":2,"name":"SQL101: Phishing attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#website","url":"https:\/\/www.sqlskills.com\/blogs\/paul\/","name":"Paul S. Randal","description":"In Recovery...","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sqlskills.com\/blogs\/paul\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce","name":"Paul Randal","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g","caption":"Paul Randal"},"sameAs":["http:\/\/3.209.169.194\/blogs\/paul"],"url":"https:\/\/www.sqlskills.com\/blogs\/paul\/author\/paul\/"}]}},"_links":{"self":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts\/5371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/comments?post=5371"}],"version-history":[{"count":0,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts\/5371\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/media?parent=5371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/categories?post=5371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/tags?post=5371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}