CNCounty News

MS-ISAC: Phight the phish by learning to identify malicious emails

Image of MISC.png

Key Takeaways

October is Cybersecurity Awareness Month, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) wants to help empower the community with information on how to combat a cyber-attack known as phishing. Phishing is when a cybercriminal sends an email that aims to trick the recipient into providing personal information or into becoming infected with malicious software that can steal such information or cause other forms of damage. The cybercriminal will often purport to be sending this email from a trusted or legitimate source, such as a known business or organization that you may commonly deal with.

Tactics used in phishing attacks commonly aim to lure you into opening attachments, responding with personal information, or clicking links that download malicious software or bring you to a fraudulent form for collecting your information.

Persuasive language and a sense of urgency are common ways that cybercriminals capture attention and accomplish their malicious goals. Common examples include fraudulent shipping notifications, false fraud warnings on your account, requests to verify information on your account, or offers that seem too good to be true. 

Below are a few steps you can take to identify and appropriately react to Phishing emails.

  • Check the email address of the sender. Carefully examine if the sender’s email address is correctly spelled, as attackers commonly may use a special character or one-letter spelling mistake to approximate a legitimate looking email address.
  • Hover over links to see where they really go. By hovering your cursor over a link, you can see the address it will really take you to rather than simply what the displayed text says. Avoid clicking shortened links, especially when received from untrusted sources, as they cannot be easily examined in this way.
  • Avoid opening attachments. Don’t open attachments from untrusted sources and be wary of ones you are not expecting to receive from known contacts.
  • Don’t share personal or private information over email. Especially do not provide such information in response to an unsolicited email you received.
  • When in doubt, contact the real organization or sender! If you aren’t expecting the email, it asks for personal information or credentials, or it seems suspicious, contact the person or organization through known contact methods. For example, if the email states it is from your bank and they urgently need to speak to you, call them through the customer support line you have used in the past or is publicly listed, not via the method referenced in the email.
  • Report phishing emails. Report suspicious emails received at work to your Information Technology (IT) help desk or contact. Emails you receive personally can always be reported to www.ic3.gov.

Additionally, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has created a guide linked below to educate people on how to identify, understand, and safely or securely react to such attacks. The link to other CISA Cybersecurity Awareness Month resources is also below:

Image of MISC.png

Attachments

Related News

US Senate
Advocacy

U.S. Senate releases roadmap on artificial intelligence

On May 15, the U.S. Senate’s Bipartisan AI Working Group released their roadmap on artificial intelligence entitled Driving U.S. Innovation in Artificial Intelligence: A Roadmap for Artificial Intelligence Policy in the United States Senate.

Image of GettyImages-1355381242.jpg
Advocacy

Senate Rules Committee considers elections and AI legislation ahead of 2024 General Elections

Senate Rules Committee held business meeting on May 15 to markup and consider legislation on the role of artificial intelligence in elections.

Image of GettyImages-1281545908.jpg
Advocacy

U.S. Senate eyes funding the Affordable Connectivity Program through broader telecommunications package

The ACP is under a short timeline to receive additional funding. After May 31, all 23 million enrolled households will cease to receive any benefit from the program. Several Senate proposals could lead to expedited passage of funding to save the program.