Phishing EmailsPosted on: Sep 26, 2017
Phishing email messages has been observed to periodically appear in Concordia University of Edmonton email Inboxes. Please be aware that these phishing emails intend to lure you into giving your login credentials or financial information to supposedly reputable entities or individuals. Being aware of what to look for is one of the most important safeguards to prevent being a victim of phishing.
Some of the things to watch out for include:
1. Check for the email sender address
2. The email usually use generic greetings
3. There is an alarming message tone to the email asking for immediate information/response
4. Be wary of spelling/grammatical mistakes in the message
5. If a hyperlink is part of the message, hover your mouse (do not click) over the hyperlink contained in the email; it may be redirecting you to a different website
Checking the sender address
Although the display name of the sender says email@example.com (or an actual person’s name), the actual sender of the email is firstname.lastname@example.org
Message contains alarming message asking for an immediate response
Demand for immediate an action/information because an alarming situation has arisen is usually the main ploy of phishing emails so that the recipient has little time to think things through.
Having a hyperlink in the email message
It is worth checking the link before actually clicking on it. By hovering your mouse over the link (do not click it), you can display the actual URL to which the link will direct you to if you had clicked on the hyperlink. In this example the link will redirect you to http://www.igign.com/login
If it is a URL that is not related to the email, there is a good chance it is a phishing message. It is better to err on caution, and better to be safe.
If you are absolutely sure that the message your received is a phishing email, you can directly report it to Google, by clicking on the More options button, and click on Report phishing.
If you have any apprehension as to the legitimacy of the received email, do not click on any links within the email, nor open any attachments, but forward the email to email@example.com
Also, please note that IT Services will never ask for your password in any communication.