WHAT is a PHISHING SCAM?
Definition of Phishing - the act of luring unsuspecting people to provide sensitive information such as usernames, passwords, and credit card data via seemingly trustworthy electronic communications OR luring them to click on a link that will deploy malware onto their computer. It is an ongoing global threat of massive scale and nearly unlimited reach. (Thawte, Inc.)
According to Thawte, Inc.
"Approximately 156 million phishing emails are sent every day, with some 16 million successfully passing through filters. Roughly 50 percent of the remaining emails—about eight million—are opened, with 800,000 users lured into clicking on a malicious link. Again, that’s not 800,000 per year. It’s 800,000 per day!"
Regardless of any email filter, an increasing number of phishing attacks are able to make it past all barriers. YOU must become the last line of defense to protect yourself and others on your network. YOU must become aware of how these attacks are presented and keep yourself safe from them. Also be aware that phishing takes place on mobile phones and through texts.
IDENTIFYING PHISHING SCAMS:
(1) Because most of these threats are now coming from China, there will often be misspelling (less common as phishers become more sophisticated)
(2) Generic greetings instead of a personalized one. (Dear Sir or Madame)
(3) Account status threats (Your password has been compromised, please supply your old password and a new one you would like to use in the future) NO ONE should ever ask for your password via email!!!! Not even me ;-)
(4) Requests for personal information (Please confirm your name and address, etc.)
(5) Fake domain names/links. A valid, secure website will have a green address bar and a URL that is HTTPS
(6) If you don't know these folks and if you have NOT done business with them, DO NOT OPEN your email. This is VERY important. DO NOT Click on any email that is not from someone you are expecting email from or that you know to be a real identity. DO NOT forward any weird email to your network administrator!!! This just spreads the disease.
(7) Place all weird email in your SPAM folder to train your email to recognize unsolicited email.
What MIGHT an infected machine LOOK like: