Phishing

Use the arrow keys or on-screen arrows to navigate.

Phishing attacks try to steal your user credentials by sending you to fake websites.

Usually emails are used to trick you.

Signs that an email is a phishing attack

The email comes from an unassociated email address.

An email pretending to be from Microsoft. The sender's address ends in @hotmail.com.

hotmail.com is not Microsoft's official corporate email.

The email is overly dramatic

An email with the subject line 'YOUR ACCOUNT WILL BE DEACTIVATED (WARNING!!)'

Usually phishing mails will claim that immediate action is required.

The email has poor or colloquial spelling and punctuation.

An email full of spelling mistakes and missing punctuation.

Double exclamation marks, no spacing after commas and poor spelling.

The email is marked as spam

Your email server sees a lot of technical information about the incoming message. If it thinks it is inauthentic, it will likely label it as spam. If you receive a seemingly legitimate message which was labeled as spam, be extra careful.

Even if a spam message is not a phishing scam, it is still detrimental to your organization.

It is therefore not necessary to explicitly differentiate between spam mails and phishing mails.

In most cases, these indicators will be enough to let you identify basic phishing emails. However, the website you end up visiting offers a lot of identifiable signs as well.

The website has no domain name.

A bank's login page. A red square highlights the address bar. Instead of a domain name, it shows an IP address.

A legitimate business organization will never do this.

The domain is a subdomain of something unrelated.

A bank's login page. It shows the domain 'bankofamerica.evil.com'

evil.com has nothing to do with the bank.

The domain only sounds similar.

A bank's login page. It shows the domain 'bankofamerica-corporation.com'

While the right name is included, this domain has nothing to do with the bank.

The domain is misspelled.

A bank's login page. The domain is 'bankofanerica.com'

Casual observers may miss the n in bankofanerica.com.

The site does not use HTTPS

Instead of your the url starting with https://

It starts with http://

Legitimate login forms will never be unencrypted.

Your browser warns you regarding an invalid security certificate.

A browser showing an 'invalid certificate' warning.

Never continue if this warning is issued.

Let's put what you've learned into practice.

Click on all elements that apply.

What warning signs do you see in this email? (0 of 7 found)

Where would you click when your browser shows this warning?

A browser showing the 'invalid certificate' warning page.

How can you tell this bank website is a fake?

Spear Phishing & Social Phishing

Sometimes phishing mails address you by name, mention common friends’ names, or even refer to things you bought recently.

An email pretending to come from a coworker.

This is called a spear phishing attack, which is highly targeted against one specific person. Attackers perform research to learn about the names and activities of friends and coworkers to create a much more convincing phishing email.

Other messages look like they came from your friends or colleagues.

This is called social Phishing: the abuse of previously compromised email or social media accounts to then attack the victim's friends and colleagues.