CYBER RESILIENCE – GET SAFE ONLINE WEEK
Phishing is a scam where criminals typically send emails to thousands of people pretending to come from banks, credit card companies, online shops and auction sites as well as other trusted organisations.
Don’t be tricked into going to a fraudulent site through a phishing email – it may look exactly like the real thing but is actually a fake, designed to trick victims into entering personal information.
Signs you are being phished:
* The sender’s email address may be different from the trusted organisation’s website address.
* The email may be sent from a completely different address or a free webmail address.
* The email may not use your proper name, but a non-specific greeting such as “Dear customer.”
* A sense of urgency; for example the threat that unless you act immediately your account may be closed.
* A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.
* A request for personal information such as username, password or bank details.
* You weren’t expecting to get an email from the organisation that appears to have sent it.
* The entire text of the email may be contained within an image rather than the usual text format. The image contains an embedded link to a bogus site.
Use email safely:
* Do not open emails which you suspect as being scams.
* Do not forward emails which you suspect as being scams.
* Do not open attachments from unknown sources.
* If in doubt, contact the person or organisation the email claims to have been sent by … better safe than sorry.
* Do not readily click on links in emails from unknown sources. Instead, roll your mouse pointer over the link to reveal its true destination, displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.
* Do not respond to emails from unknown sources.
* Do not make purchases or charity donations in response to spam email.
* Don’t click on ‘remove’ or reply to unwanted email.
* Check junk mail folders regularly in case a legitimate email gets through by mistake.
* When sending emails to multiple recipients, list their addresses in the ‘BCC’ (blind copy) box instead of in the ‘To’ box. In this way, no recipient will see the names of the others, and if their addresses fall into the wrong hands there will be less chance of you or anybody else receiving phishing or spam emails.
* Similarly, delete all addresses of previous parties in the email string, before forwarding or replying.
* If you are suspicious of an email, you can check if it is on a list of known spam and scam emails that some internet security vendors such as McAfee and Symantec feature on their websites.
* Most Microsoft and other email clients come with spam filtering as standard. Ensure yours is switched on.
* Most spam and junk filters can be set to allow email to be received from trusted sources, and blocked from untrusted sources.
* When choosing a webmail account such as gmail, Hotmail and Yahoo! Mail, make sure you select one that includes spam filtering and that it remains switched on.
Cyber Resilience Strategy Team