Learn How to Spot a Phishing Email
By Eric A. Nielsen
Cybersecurity is everyone’s responsibility. With more than 5.2 billion people now roaming around the Internet, security must be a top priority. In 2021, there has been an increase in phishing, and that can lead to ransomware attacks. What is ransomware? Ransomware is malicious software that blocks access to your system and holds your information hostage until a ransom is paid.
“Cybersecurity Awareness Month is an unprecedented effort to promote safe online behavior.”
STOP. THINK. CONNECT. is the national public awareness campaign to increase the understanding of cyber threats and empower you to be safer and more secure online. According to the Cybersecurity and Infrastructure Security Agency (CISA), “this campaign is an unprecedented effort among federal and state governments, industry, and nonprofit organizations to promote safe online behavior.”
Let’s Talk Phishing!
Week Two in Cybersecurity Awareness Month is all about “phighting the phish!” Phishing is an attack that typically utilizes a messaging service or email to trick an individual into clicking on a malicious link, opening an infected email attachment, or sharing your password.
Bad “actors” make the notifications look legitimate from someone or something you know like a trusted individual or business leveraging curiosity, urgency, fake logos, and forged email addresses.
“Phishing attacks are deployed in the hopes someone will fall for them.”
The phishing attacks are deployed to many people in the hopes someone will fall for the attack. The tactics and technique you can leverage to spot a phishing email include:
- Demands immediate action or suffer the consequences
- Use of poor grammar, spelling errors but says it is coming from an official source or organization
- Requests sensitive information a legitimate sender should know (i.e., password or credit card)
- The email comes from an unofficial email (your direct supervisor for example) but contains a Reply to address going to a personal email account
- Use of generic salutations “To Whom It May Concern” or “Dear Customer”
- If an email or message seems suspicious or odd do not click on it and \ or report it to your organization’s security team
- Creative Commons license
Cybersecurity Awareness Month, now in its 18th year, continues to raise awareness about the importance of cybersecurity, and making sure that all Americans are safer and more secure online. Remember: “Do Your Part. #BeCyberSmart.”
Special thanks to Eric A. Nielsen, M.H.A., CISSP, C|CISO, CCSP, HCISPP, CAP, CRISC, for sharing his knowledge and expertise. Eric is the CEO of Defense In-Depth Cybersecurity, and specializes in cybersecurity curriculum content development. Eric has an established track record of accomplishments, demonstrating subject mastery and leading functional security teams in security operations, security engineering and architecture, access and identify management, threat and vulnerability management, and security risk and compliance.
Eric is the lead instructor in our Applied Cybersecurity Professional Achievement Award. The courses in this program are offered as continuous enrollment. This means that the courses are open for the entire quarter, available to enroll in and begin at any time. Simply complete the coursework by the last day of the course as stated on your enrollment verification, and kick start your career in cybersecurity.
Need on-the-job experience? Apprenticeship opportunities may be available. Chat with us or schedule a meeting with a Student Success Coach to learn more.