WAIT! Before you click on that link, let’s take a moment to evaluate what your email is trying to tell you. The internet is filled with malicious “phishermen” who want to gather and exploit your precious information. Making yourself familiar with identifying phishing attacks that come by way of emails can save you from inadvertently placing your personal information into their hands. Lucky for you, your Information Security team is here to cut the line and keep you from taking the bait.
The following tips are being provided for your awareness when receiving unsolicited emails requesting a response requiring your protected information:
- Bad spelling/grammar, very seldom will you receive any type of official correspondence from a business entity with misspelled words and/or bad grammar.
- The email will request that you enter personally identifiable information like account numbers, credit card numbers, Social Security numbers, date of birth, passwords and PIN numbers.
- The message will be written in an alarming manner and may even threat that your account could be locked, closed, or disabled if you do not provide an immediate response.
- The domain name that the message is coming from is named similar to the authentic site…but not exact. (e.g., phishing site: trustbank.com instead of official site: www.trust.com).
- Avoid clicking on popups and hyperlinks if you are not sure of the authenticity of the email.
- When in doubt, call. It doesn’t hurt to look up the company and ask them if the email was sent by them. It not only saves you from being a victim, it also saves others that are being lured as well. Putting the institution on alert will provide them the opportunity to investigate and bring the perpetrators to justice.
If you encounter a phishing attempt within your enterprise email account, please forward it to the security office for further investigation and remember to pay attention to the clues.