IT Quick Tips

Security

Phishing business

WHAT IS PHISHING?

Phishing is a type of malicious email where the sender poses as a reputable company. The email sender’s goal is to induce individuals to reveal personal information (think passwords, credit card numbers, etc.). Once acquired, this information is usually used in a malicious way. 

These emails are sometimes very clever and look official. Please be careful.

  • NEVER CLICK A LINK FROM A SUSPICIOUS EMAIL.
  • If you receive a suspicious email, forward it immediately to helpdeskataup.edu explaining why you think it is a phishing attempt.  

 

WARNING SIGNS

 

Who is the sender? 

Legitimate emails usually come from someone with an email address associated with the company. So if you are getting an email about Microsoft’s Office 365 from beyonce35atmassygroup.com , more than likely, they do not work for Microsoft and this is a phishing attempt.

 

Who is it addressed to? 

If the email greeting is vague (i.e. “Dear Customer”  or “Dear <insert your username>”) there is a chance the email did not come from a safe source. Most companies you subscribe to know your name and will include it in the message.

 

How is the grammar? 

Phishing emails tend to have a lot of misspelled words and grammatical errors. If you see a lot of mistakes in the email, this may be a phishing attempt. Of course, in some phishing attempts the grammar is perfect. So do not use grammar as the sole indicator.

 

Where do these links actually lead to? 

If you hover (do not click) over the links in the phishing email, then look at the bottom of your internet browser: it displays the URL of the link. If all of the links lead to the same place or to a place that does not coincide with the legitimate company, there is a high chance that it is a phishing email.

 

Is it in a foreign language? 

 

In a phishing email, the sender may have a foreign name and most of all work for a company you've never heard of. If the message is in French, it won't be from AUP since all our communications are in English. Part of the message, such as a disclaimer in the footer, can be in a foreign language too, and can be a sign of a suspicious source.

Check the official website yourself

In many phishing attempts, the sender encourages you to click links that seem to come from an official structure (taxes, social security, bank, etc.). However, these links usually lead to a site that steals any personal information you enter. So, instead of clicking the links within the email, navigate to the company website yourself and check if the message you have received is genuine. If  that's the case, you will find the same information when you log in to your account on the legitimate website.

EXAMPLES OF SUSPICIOUS EMAILS

Example of phishing email #1

Example of Ransomware

Fake Microsoft message in French (very convincing)

Fake Microsoft message in English