Phishing
Phishing is a form of social engineering designed to trick you into revealing sensitive information or to install malicious software.
Email remains one of the primary ways to compromise your system or gain access to your information. All it takes is one click to compromise our network, so be careful what you click on.
There are many things you can look for in messages that you receive to identify phishing emails and protect yourself and the network from attack :
Phishing emails play on emotions like fear, curiosity, recognition, opportunity, and a sense of urgency in order to rush you in to opening attachments or clicking links.
It is important to examine hyperlinks in suspicious emails. Here’s how to check where a link goes without clicking :
Whether it’s an email, text or a phone call, be aware what you are asked to do and be cautious when clicking links or opening attachments.
Best Practices :
Spear phishers have many techniques at their disposal to fool not only you, but any email-filtering solutions your organization may have in place. When spear phishing attacks make it through your organization's defenses, it is up to you to identify them as potential threats.
To tell if an email is a spear phishing attempt, be aware of emails and messages that:
Legitimate companies will not ask for passwords or other sensitive data via email.
Always check the URL of the site you are visiting. In many instances, a phishing email will direct you to an imitation website that appears legitimate, but attempts to steal your password or other sensitive data.