tech_tipsTips for Technology

Reading your email safely

Over the past month chances are you have received an email from what appears to be someone or some company you are familiar with.  You recognize the name, so you open the message.  From this point, you may be part of a spoofing or phishing scheme meant to gain access to personal information.

Definition of spoofing

  1. :  Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. (TechTarget – Security, 2016)

Definition of phishing

  1. : a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly (Merriam-Webster, 2017)

In the scenario above the person received an email appearing to be from someone they know (this is the spoof).  They are then redirected to a website that looks similar to a legitimate site, but is not (this is the phishing).

 

Phishing Facts

  6.1 Billion - Number of phishing e-mails sent world-wide each month

  $1,200 - Average loss to each person successfully phished (Federal Trade Commission)

  22,273 - Number of unique phishing attacks in June 2011 (Anti-Phishing Working Group)

  28,148 - Number of phishing Web sites found in June 2011 (Anti-Phishing Working Group)

 

(SonicWall Phishing IQ Test, 2017)

 

Preventative Tips

  • Be cautious of emails asking for personal information like credit card numbers or passwords unless you have personally contacted them
  • Don’t be intimidated into giving information through the use of scare tactics
  • Familiarize yourself with website privacy policies
  • Look for signs in the email header that look deceiving
  • Never submit personal information within forms embedded in the email
  • Type the URL directly into the address bar to avoid clicking on illegitimate links
  • Ensure sites are secured. Look for HTTPS or the lock symbol within the address bar: https
  • Maintain current anti-virus and internet security software

(Symantec, 2017)

 

Additional Resources

Take the phishing quiz
https://www.sonicwall.com/phishing/

 

Phishing Awareness
http://www.technology.pitt.edu/security/phishing-awareness

 

6 Common Phishing Attacks and How to Protect against Them
https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/

 

Spoofing Awareness
http://www.identity-theft-awareness.com/email-spoofing.html

 

Information Awareness – Spoofing (Video)
https://www.youtube.com/watch?v=Wux0TwEv9Aw

 

12 tips on how to identify a phishing or spoofing email (Video)
https://www.youtube.com/watch?v=zKOowNVBbds