CNCounty News

MS-ISAC: Phight the phish by learning to identify malicious emails

Image of MISC.png

Key Takeaways

October is Cybersecurity Awareness Month, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) wants to help empower the community with information on how to combat a cyber-attack known as phishing. Phishing is when a cybercriminal sends an email that aims to trick the recipient into providing personal information or into becoming infected with malicious software that can steal such information or cause other forms of damage. The cybercriminal will often purport to be sending this email from a trusted or legitimate source, such as a known business or organization that you may commonly deal with.

Tactics used in phishing attacks commonly aim to lure you into opening attachments, responding with personal information, or clicking links that download malicious software or bring you to a fraudulent form for collecting your information.

Persuasive language and a sense of urgency are common ways that cybercriminals capture attention and accomplish their malicious goals. Common examples include fraudulent shipping notifications, false fraud warnings on your account, requests to verify information on your account, or offers that seem too good to be true. 

Below are a few steps you can take to identify and appropriately react to Phishing emails.

  • Check the email address of the sender. Carefully examine if the sender’s email address is correctly spelled, as attackers commonly may use a special character or one-letter spelling mistake to approximate a legitimate looking email address.
  • Hover over links to see where they really go. By hovering your cursor over a link, you can see the address it will really take you to rather than simply what the displayed text says. Avoid clicking shortened links, especially when received from untrusted sources, as they cannot be easily examined in this way.
  • Avoid opening attachments. Don’t open attachments from untrusted sources and be wary of ones you are not expecting to receive from known contacts.
  • Don’t share personal or private information over email. Especially do not provide such information in response to an unsolicited email you received.
  • When in doubt, contact the real organization or sender! If you aren’t expecting the email, it asks for personal information or credentials, or it seems suspicious, contact the person or organization through known contact methods. For example, if the email states it is from your bank and they urgently need to speak to you, call them through the customer support line you have used in the past or is publicly listed, not via the method referenced in the email.
  • Report phishing emails. Report suspicious emails received at work to your Information Technology (IT) help desk or contact. Emails you receive personally can always be reported to

Additionally, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has created a guide linked below to educate people on how to identify, understand, and safely or securely react to such attacks. The link to other CISA Cybersecurity Awareness Month resources is also below:

Image of MISC.png


Related News

Rep. Marc Molinaro (R-N.Y.) speaks in support of an extension of the Affordable Connectivity Program Tuesday at a Capitol Hill press conference. Fellow members of Congress and county officials also took turns speaking at the rally. Photo by Denny Henry
County News

County officials, members of Congress team up to support extension of Affordable Connectivity Program

Several members of Congress teamed up with county officials Tuesday, Feb. 13 at a Capitol Hill press conference to show their support for extending the Affordable Connectivity Program, which provides internet access to more than 23 million households across the country.

Evan Feinman, deputy associate administrator of the NTIA’s Broadband, Equity and Deployment program, talks about its progress with members of the NACo Telecommunications & Technology Policy Steering Committee. Photo by Denny Henry
County News

Broadband administrator to counties: ‘I need you to lead on this issue’

Evan Feinman, who is charged with leading the $42.5 billion Broadband, Equity and Deployment (BEAD) program, led county officials through the application process during the Telecommunications & Technology Policy Steering Committee meeting.

Members of NACo's AI Exploratory Committee toured Microsoft's offices.
County News

NACo AI Exploratory Committee tours Silicon Valley

The committee’s trip included a visit to several major technology corporations, including Microsoft, Google, Salesforce, Amazon Web Services and Adobe’s DocuSign.