#BeAware: Spear Phishing

15. May 2019

Phishing emails are still the main gateway for viruses, Trojans and other malware. They are also often used to gain access to the personal data of their recipients. A phishing email sent for the purpose of spreading malware can reach a computer in two ways: Either via compromised attachments or links designed to trick the recipient into visiting a compromised website.

Attackers who send out phishing emails are becoming more and more professional. Obvious spelling and grammar mistakes or outrageous stories of Nigerian princes whose fortune you are supposed to have inherited still exist, but have become the exception. Here is a list of things you should check in all your incoming emails:

  • Is the sender correct? Is the name spelled correctly and is the address after the @ correct?
  • Where does the link in the e-mail lead to? If you hover over the link with your cursor (without clicking!), the destination address is displayed next to the mouse or in the lower part of your browser window and you can check whether the link matches the content of the e-mail and the sender.
  • Does the content of the e-mail match the sender or is it too good to be true?
  • Does the attachment match the sender?

If you receive an email that you think might be suspicious, even in the slightest, do not click on any links or open any attachment, but forward the email to the appropriate contact person at your company. Your IT department will then be able to verify whether the mail really is a phishing attempt.


About #BeAware:
We all know them from our daily work: security tips, the latest virus reports, horror stories from the world of cyber security. With #BeAware, usd security awareness experts would like to help you understand these messages. The articles highlight relevant IT security issues and the most common methods used by hackers and criminals, and give tips on what anyone can do to protect themselves and their company. For more security.

Also interesting:

SWIFT CSCFv2025 - The Three Most Important Questions About the Update

SWIFT CSCFv2025 - The Three Most Important Questions About the Update

Users of the SWIFT network are required to demonstrate compliance with the mandatory security controls through an annual independent audit in accordance with the Customer Security Control Framework (CSCF). As part of this SWIFT Assessment, the security of an...

From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings

From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings

In the dynamic field of cybersecurity, it is often the obscure and long-forgotten vulnerabilities that pose a hidden threat to otherwise hardened systems. One such vulnerability lies in invalid character encodings that violate the UTF-8 standard. While overlong UTF-8...

Categories

Categories