Phishing (n): The practice of sending fraudulent emails which appear to be from legitimate sources in an attempt to have individuals reveal sensitive information, such as passwords, credit card numbers or banking information, even basic information that can be used to guess an individual's security question answers.
Image source: Edwind Richzendy flickr
It is an important skill to be able to recognize phishing emails. This is not only a work related issue; attackers can and will send emails to your personal email accounts as well.
Things to ask yourself and look for before clicking links or opening documents in emails:
- Was I expecting this email from the sender with this content?
- Is this a typical request that I would get from the sender?
- Is the sender's email address located at the organization it is purported to be from? (email@example.com vs. firstname.lastname@example.org)
- Does a link direct me to the URL that I expect it to take me to?
- If there is an attachment, were you expecting an attachment from the sender?
- Is it the type of attachment you typically receive from the sender?
- Don't open an attachment that you were not expecting without verifying it first.
General tips to avoid being phished:
- Do not click links in email messages. Go instead to the website in question by manually entering the URL in a browser or using a bookmark you have saved for the site.
- Do not use tiny URLs, there is no way to know what site they are directing you to.
- In general, organizations will not ask you for your password or account information via an email or web form. Do not fill out web forms or reply to an email with personal/confidential information. Always try to verify the request first through the organization's official website or organization's contact information. Do not use the contact information provided in the email. Only share sensitive information with sources you can verify and trust.
- Some typical verbiage that is used in phishing scams:
- "Verify your account" or "Update your account"
- "During regular account maintenance"
- "Failure to update your records will result in account suspension"
- Shared Google Drive documents will also be available in the Shared with Me link on the left side of Drive and do not need to be accessed by email links.
When in doubt don't click a link or open an attachment, ask for help first.
Q: Can a phishing email/site contain the organization's logo or look similar to official email messages or websites?
A: Yes, it is common for phishing emails or sites to borrow elements of the organization that they are impersonating. Sometimes phishing emails/sites can be very convincing only having minor differences from the official version.
Q: What should I do if I suspect an email is a phishing scam?
Do not click any links or open any documents in any suspicious emails and submit a ticket to email@example.com
. Include the date that the message was received and the message subject in the ticket. Do NOT forward the message. Delete the message from your mailbox.
Q: What should I do if I think I might have submitted data to a phishing website using my @franklinlakes.k12.nj.us account?
Please submit a ticket to firstname.lastname@example.org
in the ticket provide as much information as possible about what happened as well as information about the message you received.
Q: Why are phishing emails not blocked by our firewall/email filter?
A: While we perform best effort filtering/blocking of phishing emails and other security threats there is no foolproof solution to this problem. Some phishing attacks can be very targeted, for example sending a specifically crafted message to a single email address. These types of attacks are very hard to detect and prevent.