Email Phishing Cybersecurity

©2018, ej4 LLC

2

Email Phishing Cybersecurity

Course descriptionYou’ve likely received phishing emails. They’re the emails that bait you to click on them. They show up in all forms, from blatantly fake emails, to confusing emails coming from your actual contacts, to emails disguised to look just like your bank or Netflix, or some other trusted provider. They almost always contain a link that they want you to click, or prompt you to fill out a form, or pay money, or otherwise ask you to reveal personal information in some way. In this course, we’ll discuss why phishing emails are so successful, what you should do if you suspect you’ve received a phishing email, and the steps to take if you inadvertently click on a link.

How phishing emails work• They feed off of emotion. • They target:

• Fear• Excitement• Confusion

• Examples include:• Winning a sum of money• Being given a large discount• Losing access to bank accounts• Breaking tax laws

• Phishing emails aim is to get people to react.

Spam filters• The first step to protecting yourself is to have spam filters turned on. • Most email providers have spam filters.• They look for keywords or unidentified senders and filter out emails they believe to be

spam. • Spam filters don’t always catch everything.

3

Email Phishing Cybersecurity

Ask yourself • Do I know and trust the sender? • Does the subject line clearly identify the purpose of the email? • When I open the email, does the email address actually match the sender’s email

information? • Does the email incite fear, excitement, or an unnecessary sense of urgency?• Is the email requesting sensitive information about myself or someone else? This includes

date of birth, passwords, usernames, or anything personal. • Are there lots of unexplained errors or misspellings in the email? • Does the email prompt me to immediately open a link or attachment? If so, does the URL

link match the company?

Reducing the risk• Do not open links or attachments in a phishing email, and do not reply to the sender. • After you delete a phishing email, remove it from your trash folder as well. • Read emails in plain text rather than HTML. • Report phishing emails to the company that has been spoofed.

Clicking on a phishing email 1. Determine if you’ve acquired malware.

• Disconnect your computer from the network. • Reach out to your IT department. • Use an updated antivirus software to scan your computer for malware. • If malware is discovered, allow the software to clean your system.

2. Monitor your email account. • Change your passwords right away. • Regularly check your spam and sent folders for unusual activity.

3. Monitor your credit.

Application Questions

Recall a time when you received a phishing email. What emotion did it evoke? What was the threat or promise?

How often do you check your spam and sent folders in your email account? If you haven’t recently, check to ensure that there isn’t unusual activity taking place.

1

2

4