Online safety should be at the forefront of all our minds. It only takes one momentary slip up to make the most secure environment go belly up. So what action would you take if you received the following email?
Looking at the example above, you could be forgiven for thinking it looks like a legitimate internal message. It asks you to do something you may be expected to do occasionally (e.g. sign-off a policy). It even gives you advice about an application (e.g. Centrify) used to do this. So it must be legit.
Except in this case it wasn’t. It’s a test message created by our company’s security team to test we are paying attention to our online security. Thankfully quite a few of us asked our security team if this was a phishing scam before doing anything.
Email is a popular method of gaining access to personal or business data. Here are some key points to help you identify suspicious messages:
- Check the sender’s email address. Look carefully to make sure the domain is correct. Hackers are smart and use lookalike domains.
- Your gateway may be configured to block messages coming from the internet but using your domain. If so, if you can see it is a legitimate internal address, you know it has come from an account on your domain.
- The steps above are highly effective, but fail if the sender’s account has been compromised. Don’t blindly trust that internal messages are always legitimate. The same advice applies for messages received via business or personal chat applications, especially those like Skype. You may have got the message because your friend or family member’s account is compromised, and you’re one click away from being compromised yourself.
- To guard against a compromised account, check the message and any links in the message. Ask yourself, does the message make sense? Is it expected? Is the grammar correct? Do the links look suspicious? Use the Virustotal website to check if they are known bad links.
- If in any doubt, ask your manager or phone the person who “sent” the message. Don’t use email / chat to ask if they meant to send it. If the account is compromised the hacker will reply!
Remember once you click it’s too late to think!