Can you spot a phishing attack?
Video Transcript:
"Welcome back for another Tech Tip. This week is gonna be on phishing.
"This isn't the fun kind of fishing where you're at a lake or in a boat and it's relaxing.
"It's the type of phishing where someone sends you an email that looks legitimate. The email gets you to click on a link or open an attachment, and both of those are bad.
"In these emails the link looks legitimate. It looks like somewhere you're familiar with going.
"It looks like it should be fine, but it's not. When you click on it, it takes you to a malicious site and tries to download viruses, malware, or keystroke loggers.
"The attachment in the email does the same thing. It tries to execute a security exploit in Adobe or Word or one of the other products that the the attachment opens.
"What do we recommend?
"First, ask your IT folks to put a header on that says "External Email" for any emails coming in.
"It can be very simple, just when you see that banner don't click on attachments or links unless you know the sender.
"That's one of the best things, to recognize that it's not an internal person sending you the email.
"If somebody's trying to spoof you the second thing you can do is make sure your antivirus is totally up to date. It's always watching for those malicious sites, and it can help you avoid visiting one of them.
"The third thing, and actually the most cost-effective thing, is training. Teach your end users: don't click on links; don't open attachments unless it's somebody you know and you're expecting a file from them.
"Sometimes I'll even call people because I got an email from them saying: 'Hey, I want you to check this out. I wasn't expecting it.'
"So, I call them - they didn't send it - they got hacked.
"Just think through: Am I expecting this? Why was it sent to me? What's the purpose?
"If people claim to be sending you free money - it's usually too good to be true.
"User training helps your users understand: don't click on links; don't open attachments; and put a little banner at the top that says: 'this email came from outside the organization.'
"That's your tip for this week."