Phishing
The rest of this 'course', covering advice specific to Windows 10, Windows 11 and MacOS, is available to customers with the Cyber Essentials Gap Analysis & Remediation Advice package.
General Passwords
Windows 11 Malware Protection & Firewall Software Accounts
Defending yourself against phishing
Staying alert for phishing attempts
First, what is Phishing?
Phishing is where you receive an email, message, text or phone call that appears genuine, but it's actually malicious.
Phishing attempts might try to trick you into revealing sensitive information, or may contain a link to a malicious website or attachment that is infected with a virus. Some attempts are random, others are more targeted.
Spotting a phishing email
The advice you will hear a lot is to look out for signs like poor spelling and grammar. While these are a good place to start, they can't be used to spot all phishing emails. Here are three things to look out for:
Urgency
Using tight deadlines to create a sense of urgency that distracts you from the rest of the message and pressures you into acting quickly.
Authority
Using the authority of the sender, such as by pretending to be a senior executive, trusted colleague or reliable company, to convince you that the message comes from a trustworthy source.
Imitation
Exploiting 'normal' business communications, processes and daily habits to trick you into reacting to a message. Check who the email is addressed to, if it's 'friend' or 'valued customer', then this might be because the sender doesn't know you.
Meet Omar
"Hi, I'm Omar. I work for the Holtwich Trust, a small charity supporting local families. It's a fantastic organisation, and we are doing some really great work. We are still growing though, so outreach and events are a huge priority for us right now. I'm always keeping an eye out for exciting opportunities to get our name out there!"
Omar needs your help
Omar has clicked on the link in an email asking him to register his charity for a local event before spaces ran out. When he clicked on the link, he got a notification from his antivirus software telling him that a virus had been detected.
The email Omar received was a phishing email. It was an easy mistake to make, particularly because the phishing email was designed to be relevant to his interests. It's what Omar does next that matters.
What do you think Omar should do first?
That's right!
His first action should be to tell someone what happened, such as his Manager or IT department.
Fraudsters rely on people feeling too ashamed of falling for the phishing attempt to report it. Never give them the satisfaction – you did nothing wrong! If you do click by mistake, the most important thing to remember is to tell someone immediately to reduce the potential harm caused.
Not quite!
While he should consider changing his passwords, his first action should be to tell someone what happened, such as his Manager or IT department.
Fraudsters rely on people feeling too ashamed of falling for the phishing attempt to report it. Never give them the satisfaction – you did nothing wrong! If you do click by mistake, the most important thing to remember is to tell someone immediately to reduce the potential harm caused.
Not quite!
Blocking the email address would not resolve the situation. His first action should be to tell someone what happened, such as his Manager or IT department.
Fraudsters rely on people feeling too ashamed of falling for the phishing attempt to report it. Never give them the satisfaction – you did nothing wrong! If you do click by mistake, the most important thing to remember is to tell someone immediately to reduce the potential harm caused.
Omar feels vulnerable
The phishing email Omar received used his digital footprint to make the message more convincing. This includes any publicly available information about him which could be found on websites, social media and professional networking sites.
In Omar's case, the hacker exploited the information from his social media which was linked to the charity. He is feeling vulnerable and wants to know how to better protect himself.
What does Omar need to do?
What do you think Omar should do to protect himself from future attacks like this one?
Not quite!
There is no need for Omar to delete his social media or even limit his usage of it too much.
He should review the privacy settings on his accounts and check guidance provided by the social media platform. It's important that he thinks about what he is posting and who he wants to see it.
For example, avoid posting specific details about your organisation and role, especially if it involves sensitive information, money or having highly privileged IT access.
Not quite!
There is no need for Omar to limit his usage of social media too much.
He should review the privacy settings on his accounts and check guidance provided by the social media platform. It's important that he thinks about what he is posting and who he wants to see it.
For example, avoid posting specific details about your organisation and role, especially if it involves sensitive information, money or having highly privileged IT access.
That's right!
He should review the privacy settings on his accounts and check guidance provided by the social media platform. It's important that he thinks about what he is posting and who he wants to see it.
For example, avoid posting specific details about your organisation and role, especially if it involves sensitive information, money or having highly privileged IT access.
There is no need for Omar to delete his social media or even limit his usage of it too much.
Thank you!
You have helped Omar to navigate a tricky situation. Accidents happen, but responding quickly and being aware of the consequences is essential.
Stop and reflect
Phishing attempts can be hard to spot, and anybody might click on a phishing email at some point. Don't worry too much, just remember these key points:
- Manage your digital footprint - review your privacy settings and keep personal information to a minimum
- Look out for key identifiers - keep an eye out for signs of urgency, using the authority of the sender, imitation attempts and spelling or grammar errors
- Know your policies and processes - read your organisation's policies and processes to help you know what to do
- If in doubt, check it out - if you make a mistake, or you're unsure about something then you should always report it within your own organisation and consider contacting the NCSC using the email [email protected]
Ready to carry on?
Select the button here to explore the next topic: creating strong passwords.
Ready to carry on?
Select the button to get access to the full course.
Commenting is not enabled on this course.