Sunday, August 14, 2016

Cyber Security: Spotting a Phishing Email

Example phishing email. Logo of Trusted bank – looks real. Text claims to be from bank, claiming there is fraudulent activity on your account and asking the recipient to confirm personal details. Real banks will never ask this via email.
© Andrew Levine http://commons.wikimedia.org/wiki/File:PhishingTrustedBank.png
Implementing Cisco Threat Control Solutions (SITCS) v1.0 e-learning course   Data Science Specialization from Johns Hopkins University   Python Specialization from University of Michigan

Spotting a phishing email

Although a phishing attack may appear plausible at first glance, there are some tell-tale signs that should make you very cautious about clicking on any links or giving any personal information to the supposed sender.
Read through the points below to find out what to look out for.
  • Spelling mistakes Most English-language phishing expeditions are sent from countries where English is not the primary language. Attackers often give themselves away by imprecise use of English, even with quite common phrases, and including spelling errors. So read the message carefully.
  • Who is it to? Many, but not all phishing attacks do not use your name in the introduction – preferring ‘Dear valued customer,’ or ‘Dear user,’. This is because they cannot personalise the emails sufficiently. Your bank or online store can do this and should address you as ‘Dear Bob,’ or ‘Dear Mrs Jones,’ (or whatever your name is).
  • Poor quality images Sometimes, the images used in the emails are fuzzy, or your information may appear as an image rather than type. These images have been copied from screens and would not be used by original companies. It is easy to obtain images every bit as good as the originals though, so a high quality image should not persuade you the message is genuine.
  • Content of the email In almost all countries, banks and other financial bodies will not email you to tell you about problems with your account. They recognise that email is fundamentally insecure and that personal information should not be sent by email. So, even the method of communication will give you a clue about whether it’s genuine. The email may give a false sense of urgency, claiming that your account is at risk if you do not act quickly. This is not the case.
  • Links The text of a web link is not the same as the destination of the link itself – the link might say it is taking you tohttp://www.trustedbank.com, but in fact it can take you anywhere on the web – including to a phisher’s computer impersonating that of a reputable company. You can easily spot a fake link by hovering your mouse pointer over the link – but do not click the button. The actual destination of the link will appear at the bottom of the window or in a small floating window next to the link. In a phishing email, the link will probably be to an address you aren’t familiar with.
Big Data Specialization from UC San Diego   Learn Algorithmic Programming Techniques with UCSD/HSE and Coursera. Prepay and receive a 10% discount.   Data science is one of today‰Ûªs fastest-growing fields. Become a Data Scientist in 2016 with Coursera.
The example message below claims to come from a fictional site called ePay and is about unauthorised activity on the account. The link says it goes to ePay’s site, but the address is slightly different and is unlikely to be owned by ePay.
Example screen shot of a web page displaying a phishing email. Tab states: MyEmail – Inbox. Web address line states: www.myemail.com/inbox. Navigation across the top of the example web page: Inbox, Sent, Junk Mail, Contacts, Recycle Bin, Settings. Content of the message: logo of ePay, Dear ePay customer, We recently reviewed your account, and we suspect an unauthorised transaction on your account. Protecting your account is our primary concern. As a preventive measure we have temporary limited your access to sensitive information. To ensure that your account is not compromised, simply hit the link below and confirm your identity as a member of ePay. http://www.epay.com/confirm *Please do not reply to this message, Mail sent to this address cannot be answered. Copyright © 2007-2014 ePay. All rights reserved. A mouse arrow is hovering over the web site address and at the bottom of the message there is the address to which this link points. It is: www.epay-secure-check.com/en/login.php A phishing email claiming to come from the fictional ePay site
So the rules are to be suspicious and to look at the details of the message, the language, the quality of the images and where the links actually take you. Banks and shops will always prefer you to call them and check rather than risking your security.
Default Creative-30percent   April0416-20off-sitewide300X250   Course-specific creative-The Complete Ethical Hacking Course: Beginner to Advanced!

at
Labels: , ,

16 comments:

  1. harny dackerMay 11, 2018 at 9:54 AM

    business efficiency and success depends on many factors. the working efficiency of payment department is also very important. Securitasepay systemis that what improves the online transactions efficiency of the company.

    ReplyDelete
  2. Honeypool41June 4, 2018 at 1:30 PM

    It was thinking about whether I could utilize this review on my other site, I will connect it back to your site though.Great Thanks.
    siber güvenlik

    ReplyDelete
  3. Will smithJune 27, 2018 at 6:31 PM

    sometime it becomes very hard to find out a well written and nicely mounted lavatory which provide you correct and useful facts concerning tests and syllabus. but, i discovered this weblog and have been given a few relevant facts which is probably clearly beneficial for me. best cyber security unit

    ReplyDelete
  4. YK AgencyJanuary 2, 2019 at 3:47 AM

    Security+ training Great Information sharing .. I am very happy to read this article .. thanks for giving us go through info.Fantastic nice. I appreciate this post.

    ReplyDelete
  5. Faiza JeeFebruary 23, 2019 at 3:26 AM

    Thanks for sharing the post.. parents are worlds best person in each lives of individual..they need or must succeed to sustain needs of the family. hotmail.com

    ReplyDelete
  6. lettymineryApril 11, 2019 at 9:56 PM

    Professionally written blogs are rare to find, however I appreciate all the points mentioned here. I also want to include some other writing skills which everyone must aware of.
    concierge in mykonos

    ReplyDelete
  7. Susan LittleMay 30, 2019 at 2:18 AM

    Outstanding article! I want people to know just how good this information is in your article. Your views are much like my own concerning this subject. I will visit daily your blog because I know. It may be very beneficial for me. IT Security Toronto

    ReplyDelete
  8. Muhammad HassanJune 21, 2019 at 10:24 PM

    It is my first visit to your blog, and I am very impressed with the articles that you serve. Give adequate knowledge for me. Thank you for sharing useful material. I will be back for the more great post. click here

    ReplyDelete
  9. Alia parkerJuly 13, 2019 at 9:41 PM

    Grateful for sharing, for instance, basic information, Its help me to comprehend about bleeding edge security. As a general rule, it wires plots in a general sense in regard to controlled best cybersecurity services virginia benefits It additionally gives you striking data about Cybersecurity, cloud gathering, cloud approaches.

    ReplyDelete
  10. appuAugust 17, 2019 at 10:19 PM

    thank you for this such a good information about hotmail email login on www.hotmail.com

    ReplyDelete
  11. Muhammad HassanAugust 4, 2020 at 10:26 AM

    We have sell some products of different custom boxes.it is very useful and very low price please visits this site thanks and please share this post with your friends. hotmail

    ReplyDelete
  12. pranaySeptember 17, 2020 at 12:29 AM

    Very interesting to read this article.cyber security course in India!

    ReplyDelete
  13. jamesDecember 2, 2020 at 1:03 PM

    I am always looking for some free kinds of stuff over the internet. There are also some companies which give free samples. But after visiting your blog, I do not visit too many blogs. Thanks. one funnel away challenge

    ReplyDelete

Subscribe to: Post Comments (Atom)