Spam & Phishing Emails
Email is a large piece of the cybersecurity puzzle. You may wonder how large.
According to Verizon's 2020 Data Breach Investigations Report:
96% of all social engineering attacks occur via email phishing. Since it's our primary form of communication, email contains financial, personal, and confidential information.
86% of all data breaches involving email phishing are financially motivated - online banking credentials, card details, passwords, etc.
1 in 99 emails is a phishing attack.
Be suspicious of unsolicited phone calls or email messages.
Do not reveal personal or financial information in email.
Check the sender name against the email address.
If you are unsure whether an email is legitimate, try to verify it by contacting the person or company directly over the phone using a number you have acquired outside of the suspicious email or phone call.
Email the sender in question in a new message to verify. Do not reply to the email in question.
If you identify a spam/phishing message, please remember to never reply to these messages.
What is Phishing?
Phishing is the fraudulent practice of sending emails purporting to be from someone inside the district or reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization.
How do you detect phishing?
Phishing emails often include:
Test Your Skills:
Is this message really from Winston? What is wrong with this email? Click on the email picture for the answers.
If you receive a phishing email:
- Never click any links or attachments in suspicious emails.
- If the suspicious message appears to come from a person you know, and if you think it might be from their personal email, do not reply to the message and contact that person via some other means such as text message or phone call to confirm it.
- If it was not from them, see below:
- Report the message using the reporting tools in your email client.
- Delete it.
What's the difference between Phishing and Spam?
Spam is unsolicited email, instant messages, or social media messages. These messages are fairly easy to spot and can be damaging if you open or respond. Phishing is an email sent from an Internet criminal disguised as an email from a legitimate, trustworthy source.