A Reminder About Phishing Attacks
By Jeff Ray | 10.5.2017
Just a reminder to everyone regarding “Phishing” attack emails, what they look like and what they do. These kinds of emails attempt to compromise a user or user’s email address and/or password. Typically, the email will postulate a threat, express urgency, and/or direct you to a link requesting that you input your mailbox type, username, and password. In reality, this information is passed along to someone that will use the information to compromise your mailbox. Firewalls and Antivirus cannot protect users against such a threat. The best way to counteract phishing attacks (as they are called) is to educate the user environment to be aware and vigilant. Users should NEVER input usernames and passwords into any site whose request comes via a link in an email. While such sites (and the links that connect to them) appear legitimate, they are not. First, be hesitant and then allow that hesitation to direct an immediate call to Auxzillium in order to be certain. I have attached some information below that better describes “phishing” attacks, how they work, and what we can all do as a user community to prevent them from happening.
Many times the link will take you to a site that looks legitimate. Its been created to look like something you would expect but in reality, it’s not. The address bar is a big tell. In the screen shot below, the bottom left corner says Docusign but the actual address bar at the top says something totally different. Also, just because the URL in the address bar may contain a name similar to the site it is purported to be does not mean it is… docusign.signature.stealyourinformation.com (fake) is not the same as docusign.com (legit). Always read what precedes the domain suffix i.e. .com, .net, .org etc.
Be mindful that if such an email comes to you, there is a high likelihood the person it came from has been compromised and their contact list will be used to spread the chain
Here is a helpful like that better explains these scams. http://www.bustspammers.com/phishing_links.html