Manage Learn to apply best practices and optimize your operations.

Email attacks that threaten networks and flood inboxes

4/8

Identify a phishing attack and reel in fraud attempts

Source:  id-work/iStock
Visual Editor: Sarah Evans

A form of fraud, phishing occurs when an attacker tries to learn information, such as login credentials or account information, by impersonating a reputable individual via email.

Spear phishing is a form of targeted phishing wherein an individual is pursued to compromise their credentials or account information. It's hard to identify a phishing attack since spear phishing email messages are crafted to look almost exactly like a legitimate email; these email messages frequently bypass automated phishing protections.

However, certain indications will help you identify a phishing attack. Train end users to alert the IT team if they notice the following: Phishing attackers typically use bad grammar and often misspell simple words. These cybercriminals also include hyperlinks. In a suspicious email, hover your mouse on the link, but don't click, to see if the address matches the link. If the message includes a threat of some kind, usually that your account will be closed if you do not respond, it is most likely a phishing attack. Beware of graphics in the message body that appear to be associated with legitimate websites.

To protect against phishing, users should alert their administrator before they open email messages that look suspicious, and before they click on any links within suspicious email. Another way to avoid phishing is by installing an antiphishing toolbar that assesses the site and compares it to a list of known phishing sites. Also consider firewalls as a buffer that keeps imposters out of your users' computers. End users need to be more aware of the risks from phishing email messages because human evaluation is more accurate than automated tools in many instances.

After you identify a phishing attack, learn how a buffer overflow attack can overwhelm your memory space.

Text by Nick Lewis (CISSP), a Program Manager for Trust and Identity at Internet2.

View All Photo Stories

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Block and protect e-mail treats before it reaches inbox also fuseMail
Cancel
This is easy for some to do. In the business world or during the holidays, they just impersonate a delivery service. The will use a subject similar to "there was a problem with your delivery".  Another good on is " Your UPS tracking number is....."  Most people do not think twice opening these.
Cancel

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close