October is Cybersecurity Awareness Month (CSAM) and is dedicated to raise awareness about the importance of cybersecurity. With the theme, ‘Secure Our World’, are reminders of how you can protect yourself and organization from online threats.
Phishing is a form of social engineering through email. The malicious message aims to deceive the receiver by instilling trust in the sender’s message. This could lead to clicking on a bad link or installing malware. The links could lead to a fake site requiring you to log in, therefore, stealing your credentials. Common phishing deceptions used by cyber crooks include:
- Offers that are too good to be true.
- Threatening language or urgency to act
- Poor grammar or misspellings
- Generic salutation
- Requests for personal information or financial transfers
- A sender’s email address does not match the company advertised in the message. Eg.-anazon.com vs amazon.com
Should a phishing email make its way into your inbox yu should report this activity. Chances are that if you got it, so did others in your organization. Many offices have a procedure for reporting risky emails. There are also built in mechanisms in most email platforms that will allow for this reporting as well. Don’t click on any links. Don’t download or open any attachments. Don’t reply or unsubscribe. Just delete it.
Resources:
Phishing