This week’s post for Cybersecurity Awareness Month covers Phishing.
What is Phishing?
According to the National Cybersecurity Alliance, phishing is “a form of social engineering by which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague.” Some phishing tactics used by criminals include:
- Forging a message from a financial institution, claiming you’ve been a victim of fraud
- Impersonating a supervisor, asking for help with a task
- Claiming to be a delivery company, alerting you to a problem with a package
When you see these sorts of messages, it’s important to be vigilant.
How do I know if the message is fake?
Some red flags include:
- Email structure
- The sending email address doesn’t match the company it’s coming from
- Poorly-crafted writing with misspellings, and bad grammar
- Greetings that are ambiguous or very generic
- Language that’s urgent, alarming, or threatening
- Requests
- Strange or abrupt business requests
- Requests to send personal information
- Urgency to click on an unfamiliar hyperlink or attachment
- Offers
- Contains an offer that’s too good to be true
See a Phishing Email? Here’s what to do…
- Pat yourself on the back for recognizing that an email is fake and part of a phishing scam.
- Report the phishing message through Outlook by selecting the Junk option in the top ribbon and then Report as Phishing option. If you’re using the web version of Outlook, simply right click on the preview of the phishing email, hover over Report and select Report Phishing.
- Not sure? Ask the Help Desk!
Suggested Articles from your IS Team
- Brandon Buchholz – Why Am I Getting Spam From My Own Email Address?
- Katrina Frank – Microsoft: Phishing and suspicious behaviour
The content on this page was adapted from the National Cybersecurity Alliance’s information on phishing.
Subscribe to our Posts
Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!