Phishing
Email has become one of the primary ways we communicate in our personal and professional lives. Because e-mail is so widely used, it is one of the favorite ways cyber criminals use to attack individuals and businesses. Phishing refers to an attack that uses email that tricks into taking an action, such as clicking on a link or opening an attachment. By falling victim to such an attack, you risk having your personal information stolen and/or your computer infected. Attackers work hard to make their phishing emails convincing. For example, they will make their email look like it came from someone or something you know, such as a friend or a trusted company. They will even add logos of your bank or forge the email address so the message appears more legitimate. Be aware and use common sense, if an email seems odd or too good to be true, it is most likely an attack.
With Tax season approaching, be aware of IRS and Bank scams associated with tax refunds
Security is everyone’s responsibility.
E-Mail Safety
Everyone is using Email these days in one form or another, personal and professional, but are we using it the best
and safest way? Here are some thoughts and tips to help you:
Autocomplete
Autocomplete is a commonly used feature for users to quickly add addresses to an e-mail. While it can be very helpful, it can also be a little dangerous too. For example, you just finished up your Monthly Expense Report and you need to send it to Darrel Young in the Finance Office. You type in Darrel, the e-mail autocomplete fills in the rest for you and you hit the Send button. Only to realize you just sent the Report to Darrel Johnson, your next door neighbor, because you did not verify the address Autocomplete used.
Verify the addresses before you send the e-mail.
Cc / Bcc
Cc “Carbon Copy” and Bcc “Blind Carbon Copy” are used in e-mails to keep people informed of the information in the e-mail.
Both of these options are useful but could possibly get you into trouble. When someone sends you an email and has Cc’ed people on it, you have to decide if you want to reply to just the sender or reply to everyone that was included on the Cc. If your reply is sensitive, you may want to reply only to the sender so you do not use the “Reply All” option. A Bcc presents a different problem. When sending a sensitive email, you may want to copy someone privately using Bcc, such as your boss. However, if your boss responds using “Reply All,” all of the recipients will know your boss was secretly Bcc’d on your original email.
Verify the addresses before you send the e-mail.
Distribution Lists
Distribution Lists are a collection of email addresses represented by a single email address, sometimes called a mail list or a group name. When an email is sent to the Distribution List address the message gets sent to everyone in the group. Likewise, when you Reply to the message, the response is sent to everyone in the list. If you want to Reply to an individual, you will have to find their e-mail address and send your response to them directly.
Verify the addresses before you send the e-mail.
E-mail and Emotions
Every once in a while you will receive an e-mail that will make you wonder “What were they thinking?” or “Why would they even say something like that?” If an e-mail like that gets your emotional charged, it is best not to respond…right away. It is best to never send an email when you are emotionally charged. Emails written while you are in an emotional state could cause harm in the future, perhaps even costing you a friendship or a job. Instead, take a moment and calmly organize your thoughts. If you have to vent your frustration, open a new e-mail in your email client, make sure it is not addressed to anyone and type exactly what you feel like saying. When you are done, get up and walk away from your computer, perhaps make yourself a cup of coffee. After taking a little bit of time, come back to your desk, delete the email and start over again. Even better, pick up the phone and talk to the person, as it can be difficult to determine tone and intent with just an e-mail.
Privacy
When sending e-mail, keep in mind traditional email has few privacy protections. Anyone who gains access to your email can read your messages and, unlike a phone call or personal conversation, you no longer have control over an email once you send it. Email can easily be forwarded to others, posted on public forums and may remain accessible on the Internet forever. If you have something truly private to communicate, pick up the phone. Also, if you are using your work computer for sending email, keep in mind that your employer may have the right to monitor and read your email. Check with your supervisor if you have questions about email privacy at work.
Do your part – Be Security Smart!
Phishing Expedition
Phishing E-mails are becoming more difficult to detect. If you receive a suspicious e-mail that contains links you can avoid getting caught in a Phishing Expedition by hovering over the URLs to make sure they are legitimate links.
Don’t blindly click on links that you receive in email, especially from people that you don’t know or whose identity you cannot verify. Phishing is a technique used by criminals in which they send you an email message and ask you to click on a link to visit a website. The stated name of the website might be for a company that you already trust and use, but the actual link takes you to a fake or copycat website designed to steal your account’s login information. Always hover your cursor over links to make sure they are legitimate and will take you to the right URL. When in doubt, put do NOT click on the link. Think Security First.
Forwarding Emails
E-mail is one of several ways individuals communicate during the day. When used correctly, it can be very effective for distributing information to a select group of people.
If the conversation gets to the point where you will need to forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Emails Asking for Personal Information
Never Respond to Emails Asking for Personal Information
Companies you do business with should never ask for your account information, credit card numbers or password in an email. If you have any questions about an email you receive that supposedly came from your financial institution or service provider, find their number on their website and call them.
Links in E-mail
A link in an email can appear to go anywhere, but it may not always go where it says it does. To find out where a link will really take you, move your mouse over a link without clicking on it to see the actual address of the site. If the address is different from what you expected, you should not click on the link. If you do not see a tool tip or a status that displays the link address, you can right click and copy the link and then paste it into a text file. This will show you the actual URL address and help you see where the link leads.
Managing your Inbox
Do you keep all your email in your Inbox or separate folders, sometimes going back years? Is it necessary to keep all that email for that length of time? Think about this: when you last time you had to refer to an email that was over a year old? It’s very quick and easy to delete or archive old e-mail that’s been sitting in your Inbox for ages.
Here are some tips to remember when you are trying some email “house-cleaning”:
- Empty your Junk Mail folder.
- Empty your Trash or Deleted Items folder.
- Save desired attachments to a local drive or network shared drive.
- Delete messages with large attachments.
- Eliminate unwanted Sent Messages.
- Delete unused folders.
- Archive older messages.
- Use auto-archive to move or delete files based on age.
Time spent now managing your email will be timed saved later.