IT Quick Tips

SECURITY

Phishing business

Home>MyAUP>

WHAT IS PHISHING?

Phishing is a type of malicious email where the sender poses as a reputable company. The email sender’s goal is to induce individuals to reveal personal information (think passwords, credit card numbers, etc.). Once acquired, this information is usually used in a malicious way. 

These emails are sometimes very clever and look official. Please be careful.

  • NEVER CLICK A LINK FROM A SUSPICIOUS EMAIL.
  • If you receive a suspicious email, forward it immediately to helpdesk@aup.edu explaining why you think it is a phishing attempt.  

 

WARNING SIGNS

 

Who is the sender? 

Legitimate emails usually come from someone with an email address associated with the company. So if you are getting an email about Microsoft’s Office 365 from beyonce35@massygroup.com , more than likely, they do not work for Microsoft and this is a Phishing attempt. Ignore beyonce35. 

 

Who is it addressed to? 

If the email greeting is vague (i.e. “Dear Customer”  or “Dear <insert your username>”) there is a chance the email did not come from a safe source. Most companies you subscribe with know your name and will include it in the email message. 

 

How is the grammar? 

Phishing emails tend to have a lot of misspelled words and grammatical errors. If you see a lot of mistakes in the email, this may be a phishing attempt. Of course, in some phishing attempts the grammar is perfect. So do not use grammar as a sole indicator of a phishing email.

 

Where do these links actually lead to? 

If you hover (do not click) over the links in the phishing email, then look at the bottom of your internet browser, it displays the URL of the link. If all of the links lead to the same place or to a place that does not coincide with the legitimate company, there is a high chance that it is a phishing email.  

 

is it in a foreign language? 

In a phishing email, the sender may have a foreign name and most of all work for a company you've never heard of. If the message is in French, it won't be from AUP since all our communications are in English. Part of the message, such as a disclaimer in the footer, can be in a foreign language too, and can be a sign of a suspicious source.

Check the official website yourself

In many phishing attempts, the sender gathers encourages you to click links that seem to come from an official structure (taxes, social security, bank, etc.). However, these links usually lead to a site that steals any personal information you enter. So, instead of clicking the links within the email, navigate to the company website yourself and check if the message you received is genuine. If  that's the case, you will find the same information when you log into your account on the legitimate website.

EXAMPLES OF PHISHING EMAILS

Example 1

Example of Ransomware