Phishing & Social Engineering
Phishing
Phishing is a form of social engineering that uses email or malicious websites to steal personal information. For example, an attacker may send an email that appears to be from a reputable credit card company or financial institution requesting account information to resolve a problem. When the victim responds, the attacker can gain access to their account.
If you’re unsure whether an email request is legitimate, try to verify it by contacting the company directly. Don’t use contact information or links from the suspicious email or website. Penn Manor students and staff should report suspected phishing attacks to support@pennmanor.net as quickly as possible.
98% of cyber attacks use social engineering.
Social engineering is tricking someone into giving up information or access to a computer system.
Identifying Phishing Emails
Look before you click
You can see where a link is taking you by hovering your mouse over the hyperlinked text. Try hovering your mouse over this link. In the bottom left corner of your browser, you'll see that 'this link' will take you to homepage.pennmanor.net.
If an address looks weird, send an email to support@pennmanor.net. We'll help you determine if it's legit or not. Sometimes, clicking on one link is all it takes to compromise a system.
Weird things to watch for:
Suspicious sender's address
Generic greetings and signature
Spelling and layout
Spoofed hyperlinks and websites
Suspicious attachments