Email is the number one way used by hackers to steal information. One reason this is true is that almost everyone has an email address. This means the number of people who can be reached is very high. If only a fraction of the people sent a phishing email fall for the phishing, the payoff is still large.
Clicking is an action that can have consequences. Care and responsibility should be exercised just like when driving a car.
Clicking to follow a link and downloading attachments are the most frequently used ways to infect a computer. One click is all it takes to infect a computer with malware.
Once infected, your data and personal information is at risk.
Phishing emails are designed to look authentic and some are quite clever.
Identifying Phishing Starts in the Inbox
Critically examine all emails. This process should begin before you open an email.
Hover your mouse over the name of the Sender. A window will open and give you the senders name and email address.
In this case the sender name is Email Team. The email address is email@example.com. Both of these should be red flags.
Names of people or departments you are not familiar with are initial warning signs that there may be a problem.
Unfamiliar email address with dot (.) extensions in other countries can be a red flag. The extension .ac.uk is an educational extension, just not in the USA where we use .edu.
Look for clues as to the authenticity of the address. Hackers will try to fool you with clever switches that are similar to, but not the same as, a company's official email address. Example: ArnericanBank.com with a r and a n instead of AmericanBank.com with an m
Fraudsters often sign up for free email accounts with company names. These email addresses are meant to fool you.
Read the Subject and see what clues you get from the information it contains.
In this case the subject says Account unusual sign-in activity.
Right away the fact that this is from an email team and they are talking about account sign-in is a red flag. Information like this is exactly what hackers are looking for.
The way the subject is written is also concerning. Common practice would be Account, then a comma, dash, or colon before unusual or Unusual account.
Message information. Ask yourself if you know the sender or know about the subject. Do they know you or use a generic greeting?
Fraudsters often send thousands of phishing emails at one time. They may have your email address, but they seldom have your name. Be skeptical of an email sent with a generic greeting such as "Dear Customer", "Dear Member", or Dear Account User.
Emails that are sent from the NSU IT Service Desk will always be sent from firstname.lastname@example.org and email@example.com.
The NSU IT Service Desk will address you formally using Mr. or Ms. with your Last Name. In some cases, when mailing to all faculty, staff, or students the NSU IT Service Desk may simply say Hello to begin an email.
If there are attachments, you will see a paperclip icon to the right of the title/subject.
Attachment can be dangerous because they may contain malware. This icon combined with other warning signs is a strong red flag.
Ask Yourself...Should I open this email?
If every element discussed above sends up red flags you can delete or move the message to spam.
If you are not sure, you may open and read the email. DO NOT CLICK on anything in the email.
Continue down this page to learn what to look for in the body of the email.
The better you get at recognizing red flags the safer you, your data, and NSU will be.
Back to Top
Back to Cyber Security