CYBER SECURITY · July 12th, 2020
How to Recognize and Report Phishing Emails
Phishing emails are one of the most common types of cybercrime. Scammers disguise themselves as a trustworthy sender to trick you into sharing passwords, providing financial information, or downloading malicious software onto your computer. Cybercriminals pretend to be reputable companies, clients, colleagues, or even members of our organization. Sadly, in this age, these attempts have become a way of life.
Fortunately, there are things we can do to protect ourselves. The best defense is awareness and knowing what to look for. Here are some ways to recognize and report a phishing email:
How to Spot a Phishing Email
Phishing emails have specific characteristics that make them easier to identify. Be on the lookout for:
- Emails from people you don’t know
- Emails with attachments or links are a warning sign and should not be clicked without careful inspection
- Attachments or links with filenames that end in “.exe”, which denotes an executable program (Example: “invoice.exe” or “NVA.exe” or “clickhere.exe”)
- Unexpected emails that sound urgent or require immediate action (e.g., “your account has been compromised”)
- Unsolicited requests for passwords, bank information or other personal information
Also, check the sender’s email address before opening:
- Carefully inspect the full email address to make sure it’s legitimate
- If it appears to be from an NVA employee, check that it’s the official NVA email address structure of firstname.lastname@example.org
- Remember emails from real people and companies can be faked (also known as spoofing)
- Personal emails that appear to be from actual NVA employees can be fake too (just because you get an email from email@example.com, it doesn’t mean it is legitimate)
Examples of phishing emails sent to NVA team members.
Report Phishing Scams
There are a few ways to report a phishing scam:
- If you receive an email you think is suspicious, immediately forward it to firstname.lastname@example.org. We will contact you with instructions about what to do with the message.
- If you clicked on a link or opened an attachment, turn off your computer and call Technology Services right away at 1-888-777-7804.
Phishing is not limited to email alone. Scammers will use any means they can including texts, browser pop-up ads, calendar spam, and even fake phone calls to trick you into sharing sensitive information such as passwords, credit card numbers, or even employee data. It’s up to all of us to be vigilant and protect our systems and information from cybercriminals.