January 2020 Security Awareness

What to watch out for in a phishing email.
https://northerncomputer.ca/anatomy-of-a-phishing-email/

Controlling Junk Email

Your email is filtered for phishing, spam other malicious emails.
Suspicious emails are sent to your Junk Email folder in Outlook.
Adding your Junk Email folder to favorites.
    * Scroll down and find your Junk Email folder on the left.
    * Right Click on the folder and select Show in Favorites

Managing Junk Email.
* Right click on the email in question.
* The email might be in the Junk Email folder or your regular mailbox.

* At the bottom of the menu select Junk> and the option you want.
* If a good email shows up in Junk Email, select:
                * Never Block Sender’s Domain to allow emails from this company.
                * Never Block Sender to allow emails from this email address.
                * Not Junk to move just this email out of Junk Email Folder.
* If an unwanted email appears in your inbox select:
Block Sender to add the user to blocked list.

Watching the Browser Address Bar

All modern browsers (Chrome, Firefox, Edge) attempt to track potentially malicious websites but it’s still up to you to check the address bar for information.

Here’s what to watch for.

Secure or Not Secure.
If logging in and transferring sensitive data the site should have a valid security certificate.

Check the beginning of the website name:
     *  http     =  Non-Secure site.
     *  https   =  Secure site.

Sites can start with https but NOT have a valid certificate. 
Do not proceed unless you explicitly trust the site.

How to tell if the certificate is valid.

Real or Fake Website Name
When you are directed to a website, check that the address is what you expect.
In this first example the actual domain name is securesite.com and not cibc.ca.

https://cibc.ca.acct.securesite.com/page.html

The domain name will always be last in the address and have subdomains ahead of it, have directories/pages after it, or both.

Look at these examples, bottom two addresses are not valid.

https://rbc.ca/accountlogin.php
https://login.rbc.ca
https://login.rbc.ca/account

https://rbc.loginaccount.ca/directory
https://rbcaccount.mainlogin.com