Changes - learn.equalit.ie

I'm worried someone is trying to lure me with a fake email (phishing)

74 bytes added, 8 years ago

edited threat (was: Malware Infection)

|Scenario Task Format=Solution

|Scenario Task Parent=I want to be protected from malicious emails

|Scenario Task Type=~~Malware Infection~~Unauthorised Access|Scenario Tools and Services=NetCraft, WorldIP

|Scenario Task Description=Receiving messages asking you to click on a certain link, reply with private and sometimes confidential data or open an attachment, could also be a [https://en.wikipedia.org/wiki/Phishing Phishing attack]. Targeted attack messages - whereby the content is specifically tailored to be relevant to you are known as [http://www.wired.com/2015/04/hacker-lexicon-spear-phishing/ spear phishing]. In the everyday humdrum of working life, reading dozens if not hundreds of emails per day, it is quite easy to mistakenly click on a link or open an attachment, without giving a second thought to the sender's identity or intent. Targeted attacks (an email purportedly from your friend or your boss) are even harder to detect. Please review the [https://ssd.eff.org/en/module/how-avoid-phishing-attacks How to avoid phishing attacks] guide from the EFF.

Some of the bigger email providers like [https://support.google.com/mail/answer/184963?hl=en&ref_topic=3394464&vid=1-635773191968940616-20681252 Gmail] or [http://www.microsoft.com/security/online-privacy/phishing-scams.aspx#Recognize Hotmail] offer help to detect and report phishing attacks. The [http://toolbar.netcraft.com/ NetCraft ~~tool~~] tool can protect your web browser from accessing known websites used for phishing re-directions. Firefox users can also install additional [https://addons.mozilla.org/en-us/firefox/addon/worldip/ add-ons] to double-check a site's validity before visiting it. In principle you should:

* Never click on links in email messages directly (copy and paste them into the browser manually if you're intent on opening it)

* Never open an attachment unless you are sure of the sender's identity and intent. Sometimes ~~its~~ it's better to reply ~~confirming~~ to the sender in order to confirm the message before opening it

[https://www.google.com/chrome/browser/desktop/‎ Google Chrome] and the open source [https://download-chromium.appspot.com/ Chromium] browser have built-in [https://support.google.com/chrome/answer/99020?hl=en phishing protection] . It may warn you in advance of opening up a known phishing site.

}}

Floriana

Bureaucrat, administrator

312

edits