What is phishing? - How to avoid getting caught
Phishing is defined by Wikipedia as an "attempt to obtain sensitive information such as usernames, passwords, credit card details (and indirectly, money,) often for malicious reasons by somebody disguising himself as a trustworthy entity in an electronic communication."
Every day, we face threats from individuals and organisations who are trying to steal our information, or block our access to it. While ICT Services has applied multiple layers of defence to stop phishing messages from reaching staff and students, it is not possible to stop all attacks. One of the most common approaches used to compromise your data is to send a phishing message (email or text) which tries to trick you into clicking on a web link, or opening a malicious document.
Telling the difference between real messages and phishes can be a challenge, as many fake messages are carefully crafted to look genuine. However, there are things you can look for when trying to assess if a message is real or not, and some of these are listed below. Remember, if in doubt, delete the message, or contact the sender if it is somebody you recognise, and confirm if they did send the message.
REMEMBER: If you believe your DIT email account has been compromised, try to change the password immediately if you can at DIT MyPassword. Then contact the DIT Service Desk as soon as possible at x3123 or via the Service Desk portal. The longer a DIT email account is misused, the more likely all DIT emails will be blocked.
Examples of phishing messages
The following phishing examples are intended to try and give a sense of how criminals are trying to gather your personal details. The ways in which they try to this this change constantly, so continual awareness of the threat they pose may be your best last line of defence.
For more information on protecting yourself and your data, check out our top tips here
WARNING: These are real examples of phishing emails. Do not attempt to visit the links shown in the screenshots below:
The purpose of this type of email is to get you to click on a web link, and give away some of your personal information. Some of the things to watch are for are noted below:
1. By using the word "URGENT" in the subject line, the sender is hoping to provoke an immediate response by the recipient without considering the risks involved.
2. The use of a phrase like "valued customer" is a giveaway, as you would expect a large company to know your name. However, more elaborate phishing emails will have your details if these are publically available.
3. Some of the wording used reads a little strange, though correct grammar is no guarantee of legitimacy.
4. The link suggests it will bring you to Vodafone. However, hovering your mouse over the link will show the real destination "tuckytucky" which is unlikely to have any connection with Vodafone.
The same email as above is now shown in a Google Mail window. You will see that the Vodafone logo is now displayed. By default, this is disabled in Microsoft Outlook. Also, take note of where the web address is shown when you hold the mount pointer over the link, it appears in the bottom left corner of the window.
To change the automatic display of images within Google Mail, go to Settings -> General -> Images and select “Ask before displaying external images.” Click “Save changes” at the bottom of the screen.
In the example shown below, an email has arrived from a recognised sender with an attached document. However, the wording is very vague, and not what you would usually expect from that sender. In this case, the email account of the other person was compromised, and was used to send malicious emails to contacts in their address book.
If an email such as this doesn’t look right, ring the sender for confirmation that it is real. Otherwise, delete it.
Compromised messages don’t just come via email. Be very careful if you get an unsolicited text on your phone with a web link, and a vague message offering something like a photo or other file. It could be attempt to extract your username and password for malicious purposes.