Preventing a potential phishing attack

Protecting your money

Email serves as one of the main ways that we communicate. However, since a large percentage of the world depends on it, it is one of the primary attack methods used by cyber criminals. Courtesy of the SANS Institute, this month’s cybersecurity post addresses phishing and ways to protect yourself from becoming a victim.

Opening and reading an email is typically fine to do. For a phishing attack to work, attackers must trick you into doing something. Here are some clues that a message is a potential attack:

  1. Sense of urgency – The email demands “immediate action,” rushing individuals to make a mistake without thinking.
  2. Emails with attachments – The received email includes an attachment that you were not expecting or entices you to open the attachment. Examples include an attachment announcing employee salary information or a letter from the IRS saying you are being prosecuted.
  3. Generic salutation – Instead of using your name, the email will use a generic salutation like “Dear Customer.”
  4. Email requesting highly sensitive information – Highly sensitive information includes your credit card number, password and/or personal contact information.
  5. Unofficial organization or odd link – If you notice poor spelling or grammar from a supposed official organization or suspicious pop-ups if you move your cursor over the link, it should not be trusted.

If you believe an email is a phishing attack, simply delete it.

For additional information on ways attackers use phishing to get what they want, review the following:

https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201512_en.pdf

Keep an eye out for next month’s installment on cybersecurity!