Phishing is an email scam designed for identity theft. The most successful phishing emails are typically disguised to look like they come from a known or reputable source. These emails usually contain attachments or download links to malicious software, such as keystroke loggers, banking trojans, spywares, and rootkits. A keystroke logger is one of the most dangerous threats. An attacker can use a keystroke logger to steal user names and passwords as you type, including credentials to your emails, remote computers, HR systems, etc.
Tips on how to identify a fraudulent email
Legitimate organizations typically do not request sensitive information via email. No legitimate company will never email you for any of the following sensitive information:
- Verify your account information – except to verify your email address..
- Ask for your password.
- Confirm personal information such as age, credit card number, or home address.
- To provide information of a financial nature.
- Download any program from a provided link.
If you receive a suspicious email purporting to be from a legitimate address or even company you frequently deal with, we recommend the following actions:
- Do not reply
- Do not open any attachments
- Do not click on any links
- Delete the email
Tips on how to identify phishing scams
- Threats and Calls to Action – Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Most phishing campaigns include a call to action. If the content places any kind of urgency as far as “you must click into your account now”, it is potentially a scam.
- Too generic – Watch out for generic-looking requests for information. Fraudulent emails are often not personalized.
- Bad grammar – Scammers are not known for good grammar and spelling. This is a common trait among many fraudulent email scams. Some of these messages have been poorly translated from other languages, or use letters from the alphabet to substitute certain symbols (which is a common tactic meant to evade spam filters).
- Links in email – If you see a link in a suspicious email message, don’t click on it. Hover your mouse over the link (without actually clicking on the link) to reveal whether the real address matches the URL that was typed in the message. In the example below, the link reveals the real web address that the user will be routed to, as shown in the red box. Notice that the URL string in the text looks nothing like the web address to which the user will be directed.
- Email body as an image – It is a common tactic of many spammers to make the whole message body an image so as to track the user and evade spam filters.
- IP reputation – You can look up the sender IP’s reputation through the Return Path’s Sender Score (www.senderscore.org) website. The lower the score, the more likely the email is a phishing attempt.
Tips on what to do if you think you’ve been phished
- Clean your computer system of possible malware (including key loggers) – Immediately clean your system to remove any malware and key loggers that may have been installed.
- Change passwords – Once your device is clean, change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
- Do not fill embedded forms with sensitive information – Never submit sensitive, personal or confidential information via forms embedded within email messages. Senders are often able to track all information entered.
- Be careful with URLs – Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but be aware that the URL may use a variation in spelling or a different domain.
- Protect your computer – Make sure you maintain effective anti-virus, anti-spyware and anti-malware software to help combat phishing.
- Think twice before opening an attachment – Be careful about opening or saving any document or attachment that come with spam mails. If the attachment has the file name suffix of .ZIP you can safely be sure this it is a VIRUS in the attachment.
- Don’t disclose personal information – Never ever send any information about your account in an email. Contact our technical support for assistance if you are unsure.
- Make sure your receiving mail server does a Sender Policy Framework (SPF) check – SPF allows recipients to verify sender identity (at the organizational level) by allowing domain owners to publish, via DNS, the IP addresses that are authorized to send emails from the specified domains. Your email server should be configured to include a SPF validation – this is usually done in the spam filter.
- Resources:
Ways to report a suspected phishing scam
Reproduced from Attila Torok- LogMeIn Inc.