Phishing: Understand, Identify & Action

Phishing is when criminals send out a malicious message to try and trick you into giving out sensitive information or taking a dangerous action, like clicking on a malicious web link or downloading an infected attachment. They do this by using email disguised as contacts or organizations you trust to avoid your suspicion of potential identity or data theft.

REMEMBER: The burden of proof almost always fall on victims of identity fraud.

It can be a stressful and time-consuming process, trying to prove you are who you say you are.

Identifying Phishing

Review the following 4 examples and see if you can pick out the red flags of each phishing attempt (click on the slides to reveal answers and to move through each example):

Phishing_gmail_examples

Review of examples - things that might look normal:

Sender name: Anyone can change their name on email headers to appear familiar to their potential victims.
Formatting / Email layout - including embedded forms.
Intention of email subject may be familiar, perhaps related to job or family responsibilities.
Increasing sophistication in phishing emails' design can potentially let them slip past spam filters.

Review of examples - things to look out for:

Spelling and grammatical errors, in the email subject and/or message body.
Unfamiliar email addresses e.g. mattmelecolumbus@ITHelpAcademy.co.uk
Hidden or shortened links, e.g. click here (hover to see an example of a strange web site address)
THREATENING LANGUAGE / ACTION REQUIRED (!!!) to divert victims' attention from detect phishing red flags.

Actions to Reduce Phishing

Verify the sender and the request. If an email seems strange, is unexpected, asks you to reply with personal or financial information, or open an attachment, don’t do it! If you know the sender, verify directly with the sender in a separate email or phone call to ensure that the request is legitimate before taking any action.
Never click on a link without checking it out! Always hover your mouse cursor over links to make sure they are correct. Look for differences like changes in spelling or special characters or numbers in addition to, or in place of, letters.If you are on a mobile device, you should wait until you get to a computer to check the link.
Stop, look, and think. If the email sounds urgent or pushing you to get you to act fast, remember to stop, look, and think about what they want you to do, before you take any actions.

Once you have identified an email message that you believe to be a phishing attempt by malicious parties, you can also report it to Google via the "Report phishing" option in Gmail:

This will help the Google security team refine their spam filters and also reduce the amount of similar phishing emails from returning to your Inbox. You can still check your spam folder periodically for 'false positives', as sometimes spoofed emails can cause the wrong assumption by Gmail's security system and file away legitimate emails into the spam folder.

If you have questions about phishing or strange emails, you can always reach out to the CA Tech Office team for advice or clarification!

BONUS READ: Business Times article describing an interesting phishing-related incident encountered by the reporter, though not directly causing identity theft to the reporter, it still demonstrates how indirect phishing could inflict financial loss that can be difficult to recover.