Fraudulent emails – Identify and discard
By our IT department.
Based on Hong J. (Hong, 2012) Phishing emails are a type of targeted email attack where social engineers lure the recipient into performing specific actions such as clicking on a malicious link, opening a malicious attachment, or visiting a web page and entering their personal information.
Furthermore, Singer PW and Friedman A (Singer & Friedman, 2014) mentions that Phishing attacks seek to trick recipients into believing that an email is legitimate, in order to solicit sensitive information (e.g., usernames, passwords, and credit card numbers) or install malware. As a result, phishing is a fundamental component of many cyber-attacks and is often used as a first step in advanced persistent threats.
Below you can find instructions on how someone can identify and deal with suspicious emails:
If the answer to both questions is no, delete the email immediately.
Call or compose a new email to the sender, asking if they have sent such an email.
Be careful when you are using a tablet or mobile device. Attempting to detect phishing emails from such devices is getting more challenging.
Cybercriminals rely on the fact that users are in a hurry or busy and combined with the fact that spam emails appear to be legitimate maximizes the risk of falling victims.
References:
Hong, J. (2012). The state of phishing attacks. Communications of the ACM, Volume 55, Issue 1, 74-81.
Singer, P., & Friedman, A. (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford University Press; Illustrated edition.