With the start of a New Year – we are sending out a reminder asking that you encourage your employees to continue to be vigilant when clicking on links received in emails. We have included a short summary of what a phishing email is and looks like; please feel free to share with your employees.
What is Phishing?
Phishing is a technique that scammers use to collect personal information from unsuspecting users. They send a false email that looks legitimate. These emails usually ask that you click on a link and update personal information.
To successfully “phish” personal information, criminals must get you to go from an email to a website. If you are unsure if an email you receive is legitimate try using the following steps; they may help you discern its authenticity.
Microsoft has outlined some very helpful hints in how to determine if an email received is legitimate:
What does a phishing email message look like?
Here is an example of what a phishing scam in an email message might look like.
Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam.
Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (hover - but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address.
Links might also lead you to .exe files. These kinds of file are known to spread malicious software.
Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised.
Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.
Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered.
One more point: We’ve been seeing a LOT of Word and Excel based macro virus transmission files. Anyone sending something should be requested to do so in PDF format if at all possible. If you do receive a file that is not in a PDF format you can simply click on FILE –> SAVE AS –> PDF (change Save As Type to). While PDF files are not much safer than Office files they are at least marginally better.
We hope this information proves helpful. If you should have any further concerns about questionable emails or links you receive please don’t hesitate to contact our Service Desk at firstname.lastname@example.org.