Tech Tuesday: Phishing

Phishing: what is it?
Briefly, phishing is any fraudulent communication designed to deceive you into revealing private information or exposing a vulnerability in your phone, computer, etc. The goal of the phisher is generally to use that information to their benefit and your detriment, by doing one of more of the following:

  • Selling your information to marketers acting in bad faith.
  • Installing malware on your machine.
  • Using your machine to infiltrate your company’s network.

Some red flags to look for:

  • Link manipulation. The portion of a URL after the last period is the domain extension. Hover the mouse cursor over a link to ensure that the URL’s domain extension matches that of the text. On an iOS device, tap (don’t press) and hold the hyperlink for a few seconds to display the URL target.
  • Malicious attachments. The extension after the last period reveals what kind of document an attachment is. For example, Business Plan.pdf.xslx is xlsx (Excel), not pdf (Adobe). Be wary of attachments you are not expecting.
  • Cloned email. Watch for substitutions like 0 for o, misspellings, odd domain extensions.
    Other warning signs:

  • Unfamiliar Reply-To or From address
  • Asks for password, other confidential information
  • Link redirects to unknown website
  • Generic greeting
  • Offer too good to be true
  • Creates a sense of urgency
  • Misspellings, bad grammar

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s