Recognizing a Phishing Email

-

Remember the ‘good old days’ of email (like 12-15 years ago) when the most menacing thing we had to worry about was too much advertising spam!  We still have advertising spam by the virtual truckload but today we have yet another thing to add to our email worries: Phishing attempts.  Phishing is a cleverly disguised email, made to look like it came from a trustworthy source, designed to steal your sensitive information, or worse, simply (and naively) convince you to give it away.


Phishing emails try to get you to do one of two things: first, to simply hand over sensitive information and second, to download malware which more often than not contains ransomware.  Ransomware is very, very bad.  It will literally take ALL THE DATA on your PC (or server) and encrypt (lock) it so as to make it unusable to you.  In order to get the “key” and de-crypt the data back to normal, you must pay a ransom.  Usually this ransom payment is around $500 and must be paid in Bitcoin or other non-traceable methods.


So, how can you spot a clean and legitimate email from one that is malicious and harmful.  Here are just a few of the many ways to spot a phishing email.
1.       If an email is asking you to change passwords, look first at the “From” portion of the email.  Be sure it came from your IT department, bank or other institution where you have a valid login account.
2.       If an email is asking that you log into a web site, be wary.  For example, YOURBANK wants you to log in and verify information.  The email looks exactly like an email from YOURBANK.  To be sure, “mouse over” the link.  This means DO NOT CLICK THE LINK but put your mouse on the link.  Now look at the lower left of your screen.  That area will show you the web site that link will take you regardless of the name of the link.  If its not YOURBANK.COM, its better left alone!
a.       More information on “mouse over” can be found at the XLN web site; http://www.XLNsystems.com/MouseOver.php 
3.       Check the email address of the “From” field.  You may be expecting an email from  Allen.Perk@XLNsystems.com but the field may say Allen-Perk@XLN-SYS.net or something other than the email address you know it should come from.
4.       If there are multiple spelling or grammatical errors, chances are it’s a phishing email.
5.       Emails that encourage for you to act immediately.  – “Urgent Action Require” or “Act now or your Account will be closed”.  Again, chances are it’s a phishing email.
6.       The IRS or Law Enforcement will NEVER email you for information or ask that you call them.  The IRS will ONLY send letters in the mail.
If you encounter such an email, DELETE it!!!  Then notify someone in authority so that others can be warned.  When told to do so by your IT department, “Empty the Wastebasket” as well as your Trash and Junk folders.
Now you’re free to move on to the next email advertisement, I mean, business email.

Comments

Post a Comment

Popular posts from this blog

-
Cybersecurity in 2021: What to expect in the coming year – Jim Schirtzinger, XLN SYSTEMS As any particular year comes to a close, it is typical to look back at everything that has happened. We celebrate the good, mourn the losses, and try to learn from mistakes. Most will agree that 2020 was an unusual year by any standard, highlighted by a major pandemic, lockdowns, civil unrest, and a controversial presidential election. Rather than dwell on all of the bad that came from 2020, it is time to look ahead to 2021 with anticipation and hope for a return to some form of normalcy. Unfortunately, no matter what improvements are made over 2020 (An effective virus vaccine? A calming of political tension? A robust economic recovery?), Cybersecurity will remain a constant and urgent need for everyone both commercially and privately. With that in mind, what new threats should we expect to face in the digital realm as we turn the page from 2020 to 2021? 2020 saw a huge increase in connected de
Read more

Smarter Cyber Security: Passwords Need to be Phased Out!

-
  Passwords simply aren't secure enough! Passwords are a major part of our lives, and we all have far more of them than we care to think about. They are the keys to our “electronic” locks.  The trouble is, our keys are so easy to copy or guess, we might as well not have the locks!  U nfortunately, there isn't any continuity regarding criteria for passwords from one site to the next. Many require an uppercase character or a lowercase character or must have a number or must have a special character AND cannot be a password you have chosen in the past 45 years! As a result of having so many sites where we need passwords, we try to make it easy for us to remember them.  However, if it’s easy for us to remember, it’s easy for the bad guys to guess.  Did you know that the most common passwords are:  Password, Password123, admin, welcome, letmein, QWERTY, QWERTY1234, 123456 and 123123? Not smart! The trick is to come up with a way that is easy to remember your password and make it har
Read more

RANSOMware: Protecting Your Small Business

-
As small business owners, we wear many hats in order to grow and protect our businesses.  In today’s Digital Age, we must wear one more; we are the Protector of our business from the threat of Cyber Intrusion, Data Theft, and Financial Embezzlement. But how can we protect our business when big businesses with deep pockets can barely protect themselves?  We read practically every week another well-known large corporation admit they were “hacked” and millions of customer records have become compromised.  Closer to home, we hear how thousands surrender to “digital pirates” via RANSOMware, where your PC and data are held at ransom by data encryption until you pay the bounty. Keep your head up!  There are things we can do to protect our businesses, and these proactive defenses won’t break the bank. First, EDUCATE yourself and your employees who have access to business computers.  Passwords should be at least fourteen characters long, never shared and never written down near the PC.  When re
Read more