Beware of Phishing E-mails

By Lee MyersAnnouncements, Security

Summary

Phishing Emails are on the rise. Please be cautious!

What is Happening?

One of the most common attacks that we as an organization face is called Phishing. Phishing is usually through e-mail or over the phone. The attacker impersonates a real person or company to try and trick you into divulging your logon credentials, credit card or checking account information.

If you receive an e-mail asking for any of this information or asking you to purchase something or make wire transfers, please be very suspicious. The attackers are often very crafty forging e-mails that look very legitimate and appearing to come from legitimate e-mail addresses such as fathersmith@archphi1a.org (where they might use a One rather than an L in the domain name).

Some phishing e-mails have a link that looks normal but if you float the mouse over it (don’t click it!) the URL will show a different address behind the scenes.

What can I do to avoid these scams?

  • Avoid downloading or opening attachments or links from e-mail unless you are sure of the sender.
  • Manually type the URL in the browser address bar rather than clicking links.
  • Check the e-mail address of each sender to ensure they are legitimate.
  • Feel free to contact the sender to verify if the e-mail was sent by them.
  • Contact the help desk if you have any suspicions and we can assist.

What do I do if I fall victim to phishing?

  • If you logged into a website that was suspicions, you will need to change your password immediately. Not only for that web site, but for any accounts on any website that use the same password.
  • Take advantage of Multi-Factor Authentication (MFA) on any web sites that allow it.
  • If you sent a check or divulged credit card information, contact you bank immediately. They will be able to help curtail any potential damage.
  • Contact the help desk so that we can block the suspicious site or sender from the rest of our systems.

Phishing e-mails are made to look legitimate and avoid detection by automated systems like SPAM filters, so the best line of defense is a suspicious and cautious user base. Thank you for you help and support in protecting our systems and user base from this.

Print Friendly, PDF & Email