Versions Compared

Old Version 7

changes.mady.by.user burg1653

Saved on

compared with

New Version Current

changes.mady.by.user Daniel LaGrow

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What is Phishing?

Phishing is a psychological attack used by cyber criminals to trick you into giving up information or taking an action. Phishing originally described email attacks that would steal your online username and password. However, the term has evolved and now refers to almost any message-based attack. These attacks begin with a cyber criminal sending a message messages pretending to be from someone re something you know, such as a . There are a wide range of forms this could take, some could pretend to be your friend, your bank, or a well-known store.

These messages that will entice you into taking an action, such as clicking on a malicious linklinks, opening an infected attachment, or responding to a scam. Cyber criminals craft these convincinggood-looking emails and send them to millions of people around the world. The criminals do not know who will fall victim, they . They simply know that the more emails they send out, the more people they will have the opportunity chance to hack. In addition, cyber criminals are not limited to just email but will use other methods, such as instant messaging or social media posts.

...

The concept is the same as phishing, except that instead of sending random emails to millions of potential victims, cyber attackers send the targeted messages are sent to a very few select individualsfew people instead of many. With spear fishing, the cyber attackers research learn about their intended targets, such as by reading the intended victims' LinkedIn or Facebook accounts or any . They would also read messages they posted on public blogs or forums. Based on this research, the attackers then create a highly customized email that appears relevant to the intended targets. This way, the individuals are far more likely to fall victim. 

...

You may not realize it, but you are a phishing target at work and at home. you and your devices are worth a tremendous amount of money to cyber criminals, and they will do anything they can to hack them. YOU are the most effective way to detect and stop phishing. If you identify an email you think is a phishing attack, or call your security team right away. If you are concerned you may have fallen victim, contact your help desk or security team immediatelydo not hesitate to contact them. To learn more about phishing or to demo the SANS Securing The Human phishing testing platform, please visit http://www.securingthehuman.org/phishingSecurity Awareness Website.


Phishing Indicators

A. Check the email addresses. If the email appears to come from a legitimate organization, but the See if the "FROM" address is someone's personal account, such as @gmail. If email address reads @gmail.com or @hotmail.com , this it is most likely an attack. Also, check the "TO" and "CC" fields. Is the email being sent to people you do not know or do not work with?

...

  • May contain fuzzy logo symbols, which are not genuine
  • May not contain email signatures or any contact information
  • May contain bad grammar and capitalization capitalized letter errors
  • Generally require you to take quick action, such as verifying your account to prevent it from being deactivated
  • Be particularly vigilant during holidays or during significant events since attackers heighten their activity during these times.

...

Send any phishing emails you receive, including its full header information, to the Fredonia Information Security Office (ISO) at security@fredonia.edu.

  • If you suspect it may be a phishing email, Fredonia ISO can review the message and advise if it is legitimate or not.
  • Never respond to any email with confidential information. Fredonia and other legitimate businesses will never ask for this information via email.
  • Use your mouse to hover over links in an email. This will show you the actual website you will be directed to if you click on the link. It is always best to type the address yourself into your web browser, rather than clicking a link in an email.

What should I do if I clicked on a link, opened an attachment or provided information via a phishing email?

  • Contact the Email the Fredonia ITS Service Center immediately at immediate or call 716-673-3407 / its.servicecenter@fredonia.edu.
  • If you entered your password, change it immediately.If clicked on the link, right away.
  • Check your anti virus software or computer security if you click a link but did not enter your password, please check that your computer security or anti virus program is on and up to date.
  • Depending on the type of phishing attempt, you may need to check you other online accounts (e.g. financial etc.).

...

  • Beware of messages that claim your account has been suspended
  • Be suspicious of any email containing urgent requests for personal financial information
  • Never click on a link in an email. Instead, always type the legitimate Web address of the site you want to reach directly into your Web browser.
  • Be suspicious of email messages and other electronic communications from sources you do not know or recognize
  • Use the latest versions of your operating system (OS) and applications
  • Have the latest security software updates (patches) installed. This includes patches for your OS and applications
  • Keep your anti-virus software up to date
  • Report any suspicious emails
  • Avoid and report phishing emails in Googlehttps://support.google.com/mail/answer/8253?hl=en#zippy=%2Creport-a-phishing-email  

    Avoid and report phishing emails

...


...

Live Search
sizelarge
additionalpage excerpt
placeholderSearch Answers
typepage

...