Not another phishing email . . . .

In this ever-changing age of technology scammers, hackers, and malicious emails are difficult to stop. Our filtering system takes care of most of these emails; however, some still make their way through. There are many ways to decipher whether an email is legitimate or not. Sometimes this can take only a few moments to determine.

Definitions of fraudulent emails:
Phishing is the use of authentic-looking emails that are not personalized and are often purporting to be from a bank, government agency, or even your own organization. They are meant to trick you into responding with sensitive personal data. The email will typically direct the user to visit a website where they are asked to update personal information that the legitimate organization already has.

Spearphishing is a “targeted” attempt using personal information (your proper name, possibly a photo from a social media site, etc.) in order to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons.

Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source and can apply to emails, phone calls, websites, and more. Spoofing can be used to gain access to a target’s personal information, spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack.

Spam is unsolicited junk email sent indiscriminately in bulk, often for commercial purposes.

One way to improve your ability to determine if an internal email is legitimate is to embrace the use of the new Shoreline email signature blocks. The College has established a standardized email signature for all employees to use. You can easily copy the approved email signature in your Outlook email account.

Primary[3]

This will ensure we are using consistent contact information across the College and help with identifying legitimate email content.

Once you believe you have received a phishing email in the SCC email account what do you do now?  If you have questions about its validity, simply deleting the email is sufficient. The TSS Department generally gets these emails as well as the rest of the college. If you feel something else about the email needs special attention by the TSS department then please contact us at https://help.shoreline.edu/

Reporting phishing to Technology Support Services:
When creating a Help Desk Ticket to advise TSS about a suspicious email, it would be helpful to include these things:

1) That this is an FYI message for us / or your specific concern
2) That you did not click on any links or type credentials of any kind or
3) You did respond to the phishing email, supplied your credentials, and now believe your email and account might be compromised along with any other details about actions performed or information provided.

For more detailed information on phishing emails, please refer to this link on our TSS web page.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s