Skip to content
,
Skip to search
learn.equalit.ie
From learn.equalit.ie
Menu
Main page
Trainer's Curricula
Secure Hosting
Digital Security Lessons
(N+1)sec
Digital Security QA
Page
|
Discussion
|
View form
|
View source
|
History
|
Edit a Scenario Task: I'm worried someone is trying to lure me with a fake email (phishing)
You do not have permission to edit this page, for the following reasons:
The action you have requested is limited to users in the group:
Users
.
You must confirm your email address before editing pages. Please set and validate your email address through your
user preferences
.
Format:
Tool
Service
Resource
Solution
Scenario
Parents:
Comma-separated
Threat Category:
Comma-separated
Tools and Services
Comma-separated
Description:
Receiving messages asking you to click on a certain link, reply with private and sometimes confidential data or open an attachment, could also be a [https://en.wikipedia.org/wiki/Phishing Phishing attack]. Targeted attack messages - whereby the content is specifically tailored to be relevant to you are known as [http://www.wired.com/2015/04/hacker-lexicon-spear-phishing/ spear phishing]. In the everyday humdrum of working life, reading dozens if not hundreds of emails per day, it is quite easy to mistakenly click on a link or open an attachment, without giving a second thought to the sender's identity or intent. Targeted attacks (an email purportedly from your friend or your boss) are even harder to detect. Please review the [https://ssd.eff.org/en/module/how-avoid-phishing-attacks How to avoid phishing attacks] guide from the EFF. Some of the bigger email providers like [https://support.google.com/mail/answer/184963?hl=en&ref_topic=3394464&vid=1-635773191968940616-20681252 Gmail] or [http://www.microsoft.com/security/online-privacy/phishing-scams.aspx#Recognize Hotmail] offer help to detect and report phishing attacks. The [http://toolbar.netcraft.com/ NetCraft] tool can protect your web browser from accessing known websites used for phishing re-directions. Firefox users can also install additional [https://addons.mozilla.org/en-us/firefox/addon/worldip/ add-ons] to double-check a site's validity before visiting it. In principle you should: * Never click on links in email messages directly (copy and paste them into the browser manually if you're intent on opening it) * Never open an attachment unless you are sure of the sender's identity and intent. Sometimes it's better to reply to the sender in order to confirm the message before opening it [https://www.google.com/chrome/browser/desktop/ Google Chrome] and the open source [https://download-chromium.appspot.com/ Chromium] browser have built-in [https://support.google.com/chrome/answer/99020?hl=en phishing protection]. It may warn you in advance of opening up a known phishing site.
Summary:
Cancel