Email Authenticity Awareness

NEXTWORKS IT SECURITY TRAINING SERIES

April 2019 | Nextworks

Even with antispam technologies, “phishing” scams are at an all-time high. Unfortunately, there is no easy technical solution to this problem. It is the responsibility of all individuals within the organization to ensure they understand how to identify and avoid phishing attempts.

The goal of a phishing scam is simple. The attackers hope to impersonate someone with authority within your organization (often a CEO or Manager) and convince you to take actions that result in financial loss or other damages to the organization.

Alternatively, the attackers will send an email impersonating a vendor, such as Microsoft or Google, asking that you confirm your identity, billing information, etc.

A common email scam warns you that your mailbox is full, or that you need to change your email password. They provide a link to remedy the problem. The web site they direct you to will look legitimate, but it’s not. By entering your password, you have just provided it to them.

These simple steps can help you prevent becoming a victim:

Rarely trust email from entities you don’t know. And if you do know them, be alert if their email requests a peculiar action. Maybe it’s not really them, or perhaps their email was hacked.

Do not provide sensitive personal information (like usernames and passwords) over email.

Verify the "From:" address in the email. And verify links in the email. (explained in the next section.)

Contact the individual making the request and confirm legitimacy. (Don’t just click Reply.)

If in doubt, forward suspicious email to support@next-works.com.

How to Verify the “From” Address in an Email

On the surface, an email may appear to be from someone familiar. If you are in doubt, or something seems out of context, confirm!

Observe the email address (not just the name). Depending on your version of Outlook (or other email client), you can often see the address. Sometimes you need to mouse over the name, or right-click on it.

Here we have an email from ADP. Is it from ADP? Notice the address is adpsurveys.com. This seems legitimate.

This test doesn’t provide 100% assurance. But it certainly helps.

If the From address was adp.client.satisfaction@gmail.com (for example), then you know it's a scam. ADP would not use a free gmail.com address.

How to Verify a Web Site Link (URL) in an Email

While is best to avoid clicking links in email in general, it is nearly impossible to get work done without sharing links.

When you must click a link first verify where the link goes. Here is an example:

You may receive a link that appears from Docusign. But let’s mouse over the link to confirm where we will actually go.

Notice here that we are going to docusign.net. This is legitimate. (It’s not something like docusign.cx1.ru.)

Q & A

Why doesn’t my spam filter help?

These are personal and directed emails. They are written from one individual to another. They are sent from a legitimate mail provider such as Google, Yahoo, Outlook.com, etc. It’s difficult for a spam filter to detect them all. Many get blocked. Some don’t.

What if emails are going out to people from me that I didn’t send?

See our other whitepaper, Email Spoofing.

Contact Nextworks today for a no cost Email, IT, and Network Security Risk Assessment.

[ Return to IT Security & Training home. ]

[ Return to Nextworks IT home. ]