Add to collection(s) Add to saved
  1. Standardized tests
Uploaded by Matisse Hawthorne

Email and Phishing Transcript

advertisement 
You get an email in your inbox or a message on your phone. There is a problem
with your bank account, and details need to be updated right away. All you have to
do is click a link. Before you do, stop and think: this may be a phishing attack.
Phishing is a type of social engineering attack that uses email or messaging the
same way bait is used to catch fish. Cyber attackers send thousands, if not millions,
of emails in hopes that someone will take the bait. These emails attempt to fool
you into taking an action, such as clicking a link, opening an attachment, or
completing a form. The cyber attackers are not sure who exactly gets these emails,
but taking any one of these seemingly harmless actions can get you hooked.
Because phishing is an effective method to target large numbers of people all at the
same time, it is an extremely common attack method used by cyber criminals.
Phishing attacks can happen through any type of email or messaging service.
Additionally, trusting a third party has become a part of many successful phishing
attacks, exploiting those trust relationships with vendors and even contractors to
gain access and compromise networks. Stay alert on your computer, phone, and
any other device you use to receive messages.
How do you know if an email or message is a phishing attack? Here are some signs
to look for:
A greeting such as “Dear Customer,” “Undisclosed-Recipients,” or some other
generic opening. The bad guys don’t know who you are; they just try to phish as
many people as possible.
Creating a strong sense of urgency or curiosity. If the message seems odd,
suspicious, or too good to be true, it may be a phishing attack.
Pressuring you to bypass or ignore policies or procedures put in place to protect us.
Cyber attackers will try to use you to get around security they might not be able to
avoid by other means.
Email messages where the From address is an official email account, but the
Reply-To address points to a different or personal account.
Messages requesting highly sensitive information, such as your credit card number
or password. Most organizations will not request this type of information through
an email or text.
A message from someone you know, but the tone or wording just does not sound
like them. Remember, it is easy for a cyber attacker to create an email that appears
to be from a friend or coworker. If someone you know sends you a suspicious
message, the best way to verify if it was sent by them is to call them using a
known, trusted number.
You should always be suspicious of emails containing links to external sites or
files. Instead of clicking a link to access a site, bookmark all the websites you
commonly use in your browser. For example, if you get an email that appears to
come from your bank and asks you to click a link to access your account, you can
go to your bank’s website using the bookmark in your browser, avoiding the
possibility of falling victim to a phishing attack.
When messages have attachments, only open those you were expecting. Antivirus
software cannot protect you from every type of malware. You are the best defense
we have against infected attachments. If you receive an email or message with any
signs of phishing, or a suspicious message, report it right away.
Accidental errors can be just as damaging as falling victim to a phishing attack.
Therefore, take care not to accidentally expose sensitive information when using
email or messaging. Email features such as auto-complete and Reply All make it
easy for you to accidentally email the wrong person. For example, you may be
trying to email someone in human resources, but because of auto-complete, you
accidentally email a friend. Additionally, using Reply All by mistake can result in
many people receiving your email when you only wanted to contact the original
sender. Always double-check who you are sending the email to before clicking the
Send button.
Falling victim to a phishing attack or sending a sensitive email to the wrong person
can happen to anyone. We know the bad guys can be tricky. If you suspect an
email is a phishing attack or you think you may have fallen victim to one, help us
by reporting it right away.
Related documents
IANKIM
IANKIM
Task 5 Safe online Student
Task 5 Safe online Student
ANTI PHISHING HANDOUT
ANTI PHISHING HANDOUT
MALICIOUS ATTACKS What is Phishing?
MALICIOUS ATTACKS What is Phishing?
IS440 WillisW6, assignment
IS440 WillisW6, assignment
social engineering presentation
social engineering presentation
Download
advertisement