Download presentation
Presentation is loading. Please wait.
Published byGervais Fletcher Modified over 7 years ago
1
Important Information Provided by Information Technology Center
NO PHISHING GSU Important Information Provided by Information Technology Center
2
How can I protect myself from phishing?
What is phishing? How can I protect myself from phishing? /ˈfiSHiNG/ According to Wikipedia, Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The best way to protect yourself from phishing is to learn how to recognize a phish. EMPLOYEES ARE OFTEN THE WEAKEST LINK in a company's security chain. But with a little knowledge and foresight you can mitigate the risks. In order for Internet criminals to successfully "phish" your personal information, they must get YOU to go from an to a website. Phishing s will almost always tell YOU to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via .
3
PLEASE READ THE SMALL PRINT!
10 Tips on How to Identify a Phishing PLEASE READ THE SMALL PRINT! Tip 1: Don’t trust the display name A favorite phishing tactic among cybercriminals is to spoof the display name of an . Since most banks don’t own the domain “secure.com,” authentication defenses will not block this on My Bank’s behalf. Once delivered, the appears legitimate because most user inboxes and mobile phones will only present the display name. Always check the address in the header from—if looks suspicious, flag the . Tip 2: Look but don’t click Cybercriminals love to embed malicious links in legitimate-sounding copy. Hover your mouse over any links you find embedded in the body of your . If the link address looks weird, don’t click on it. If you have any reservations about the link, send the directly to IT. Tip 3: Check for spelling mistakes Brands are pretty serious about . Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your s carefully and report anything that seems suspicious. Tip 4: Analyze the salutation Is the addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name. Tip 5: Don’t give up personal or company confidential information Most companies will never ask for personal credentials via --especially banks. Likewise most companies will have policies in place preventing external communications of business IP. Stop yourself before revealing any confidential information over .
4
10 Tips on How to Identify a Phishing Email
continued Tip 6: Beware of urgent or threatening language in the subject line Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or ask you to action an “urgent payment request.” Tip 7: Review the signature Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details. Check for them! Tip 8: Don’t click on attachments Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any attachments you weren’t expecting. Tip 9: Don’t trust the header from address Fraudsters not only spoof brands in the display name, but also spoof brands in the header from address, including the domain name. Keep in mind that just because the sender’s address looks legitimate (e.g it may not be. A familiar name in your inbox isn’t always who you think it is! Tip 10: Don’t believe everything you see Phishers are extremely good at what they do. Many malicious s include convincing brand logos, language, and a seemingly valid address. Be skeptical when it comes to your messages—if it looks even remotely suspicious, do not open it.
5
YIKES!!!! I’VE BEEN HOOKED, NOW WHAT???
Please notify Information Technology (IT) HelpDesk ASAP. To minimize risks, IT will disable your account. You will be required to participate in a brief anti-phishing training. IT will assess the situation and enable your account when all risks have been resolved and you have completed training. Depending on the severity of the attack, it may take up to 48 hours to complete this process and restore the use of your account.
6
RESOURCES What is Phishing & How do I Protect Myself?
How to Spot Phishing s? GSU IT HelpDesk | |
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.