January 2020 Security Awareness

Being a Phishing Detective

  • Watch for these red flags, to prevent getting phished.
    1. Spoofed FROM email address.
    • The email appears to come from someone you know but the actual address is not correct.
    • Always check the FROM address, especially if the email looks suspicious.
    2. Email requesting or offering any of the following:
    • Your personal information, username or password.
    • That you go purchase any type of gift cards.
    • Financial rewards or penalties if you do or don’t do something.
    3. Email body that contains any of the following.
    • Poor formatting, grammar, poor quality logos or inconsistent fonts.
    • Alarming content with warnings and claims of consequences.
    • Incorrect facts like locations, addresses or names.
    4. Emails that you are not expecting or did not ask for.
    • Job applications that include an attached resume.
    • Shared OneDrive or Dropbox files.
    • Financial reports or invoices that are attached or linked.
    5. Links that don’t go where you expect them to.
    • Hover a link before clicking on it.
    • This is especially true if the link is not fully exposed.
    Examples of a good and bad link, after hovering.

    Example of a fully exposed link, these are easier to check.