Gone Phishing

How to educate your team and avoid embarrassment

What is Phishing?

Email Phishing is when someone pretends to be someone they’re not through a misleading email scam. For example, a common example would be a message seemingly from your CEO requesting you send her money via iTunes gift cards or a wire transfer.

So what should I look out for?

  • A message seemingly from your CEO requesting money
  • A message from someone you know sent from an unfamiliar or suspicious domain (e.g. FirstName_LastName@xyzyourdomain.com)
  • A well branded email message from a provider (e.g. Dropbox or Microsoft) suggesting the need to click on a link to reset a password.
  • Unusually poor grammar.

What if I clicked anyway?

  • The bad guys don’t have anything till you fill out the info. They’re just leading you to their portal -which, by use of wasted talent, could be very difficult to mistake as an imposter.
  • Send the email and explain everything to your IT Provider

What if I clicked anyway and filled out the info?

  • Contact your IT Provider immediately. If acted on quick enough, there’s a tiny chance they can change your password or even put a stop to the nefarious actions

How do I protect myself?

  • If you get a request to pay any dollar amount over email, call your colleague to verify. 
  • Double check the sending address. It’s likely your CEO wouldn’t send you an urgent message from an @aol, @outlook, @gmail or @xyz<YourDomain>.
  • Microsoft rarely sends non IT Admins suspicious login attempts. Even if it looks real, reach out to your IT Support Specialist.
  • If you see anything suspicious, contact your IT Provider. They can verify the sending address or links associated with the message. 

Other sources on Phishing:

« Previous Post
Next Post »