During National Cyber Security Awareness Month, the WCC Information Technology Services (ITS) department is sharing messages to increase your security awareness. Today’s message is about phishing awareness.
See previous messages: Week 1 | Week 2
“Phishing” is the term used to describe when a scam artist sends an official-looking email to try to get the recipient to reveal person information such as user names, passwords, account numbers, or other personally identifiable information. The email encourages the recipient to respond to the email, download an attachment, or click a link provided in the message and “login” to a website such as a bank account, agency, or store. Here are some tips to help you identify malicious phishing emails:
- Urgency: Be careful of unexpected email messages that portray a sense of urgency such as “you
must act now,” or “urgent!” Attackers often use this technique to confuse the recipient.
Examples include:
- You have an urgent message from the President of the Organization.
- “Your Bank Account has been hacked” and you are asked to click on a link.
- “Your Email Account Will Be Deleted” if you do not click on a link and divulge personal information. Reputable email providers will never ask for your ID or password.
- “You have won the lottery” or “You stand to inherit millions of dollars” (generally from a foreign country).
- A foreign government official would like your assistance in transferring funds and will pay you a hefty commission if you agree.
- Links or attachments: If you were not expecting an attachment or link and you do not know the sender, do
not open it. Use your mouse to hover over the links in the message (don't click) and
see if the actual destination matches the text displayed in the body of the e-mail.
Also, watch out for web addresses that resemble the name of a well-known company,
but are slightly altered by adding, omitting, or transposing letters. For example,
the address www.microsoft.com could appear instead as micosoft.com or mircosoft.com.
- Grammar and tone: Some malicious emails contain poor grammar, punctuation, or spelling. If you receive
an unexpected email that contains poor grammar and tone, carefully look for other
signs of phishing before responding.
- Check the addresses: If the sender email address is different than the reply to address, this is unusual
and should be reviewed. Also, pay attention to the details of the email address.
Sally.Smith @highered.edu is legitimate but [email protected] is
almost certainly a scam.
- Logos: Many phishing emails contain fuzzy or fake company logos.
- Lack of signature: Phishing emails may not contain email signatures or any contact information such as telephone numbers.
Want even more tips on how to avoid Phishing emails? Watch these short videos:
If you have questions or need assistance, contact ITS at [email protected] or 734-973-3456.