Take Google's Phishing Quiz to see examples of phishing emails. PHISHING QUIZ
Phisher’s Spring Cleaning
With the changing of the seasons we are all doing some form of Spring Cleaning. Whether we are actually cleaning up around the house, or assessing paper, and digital information that we have collected over the year, it is unfortunately easy to let our guard down at protecting personal/financial information. Even as we go through this seemingly short season between Spring and the end of the school year malicious cyber actors never stop at trying to get you to disclose personal/financial information.
There are several ways to carry out a phishing attack. Some malicious cyber actors spoof reputable merchant websites, creating an almost perfect double to get unfortunate victims to give them payment information, payment updates, or other personal information. Other scammers simply send out phishing emails/texts/robo-calls through false accounts of people and/or organizations which we know, hoping to get information from potential victims by the simple click of a link or a reply.
Most of the time their messages seem innocent. And other times, their messages attempt to coerce you into immediately acting to secure your account or divulge information to them.
Key ways to identify a phishing email include:
The sender’s email address looks right, BUT it contains extra characters and/or misspellings;
Misspelled words and/or the use of bad grammar within either the Subject Line or anywhere in the message body;
Addresses you with generic terms such as “Mr.”, “Ms.”, or “Dear Customer”, instead of by your name;
The message warns that if you do not take immediate action by clicking on the link and entering personal details and/or payment information then you will ‘lose out’;
The message promises refunds, extra coupons, or other freebies after the purchase;
If you are still unsure whether you have received a phishing email/text/phone call do not reply to their message or click on their link. Instead, you can search for the company's website through a search engine, and also check to see if there are scams going on under their name. If the email is from someone you know simply check their email address (school email addresses are pretty easy to discern).
If you finally determine that what you received is a phisher’s ‘Spring Cleaning’ attempt then report it too. By reporting the phishing email it not only pulls the email from your inbox but from others here on campus who may have received it too.
As we traverse through the second semester of the 21-22 school year we need to continue to exercise both awareness and vigilance when working in this ever evolving digital age; whether you are educating or learning from home, or in the classroom, by following these best practices you can avoid being phished into a ‘Spring Cleaning’ of personal/financial information.
Don’t fall for these bad actors clean-up your information!
For More Information...
--On how to Enable Two-Factor Authentication for both school and personal email accounts. It is NOT difficult to set up, nor is it inconvenient. TWO FACTOR SETUP - https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome
--On how to recognize and avoid Phishing Scams click HERE. You will be redirected to the Federal Trade Commission on Consumer Information and Online Security.
--On how you can prevent yourself from becoming a victim of a Phishing Scam click HERE. You will be redirected to an Avast blog written by Jeff Elder.