Identifying and Avoiding Phishing Emails

Phishing is a way of stealing important information by deceiving people into believing it is an authentic source. Phishing methods include emails, websites, and phone calls. In falling to these scams, the victim will give away personal information (such as email or credit card info) or will download and install malware.

One example of a phishing email specifically targeting UCLA users is below.


Subject: University of California
Date: Mon, 12 Sep 2016 07:15:32 +0000
From: IT HELPDESK <hannah.brackin804@topper.wku.edu>
*Dear ********UCLA email account user*
*Your email account has been temporarily disabled by the System Mail Administrator due to some unusual activities in your email account, as some information has not yet been verified , to activate your account
click on the below link to verify your account*
*** <https://www.surveymonkey.com/r/5QB8FZY>***
* You may the find this message in your Junk E-Mail folder due to the unusual activities, kindly move to your inbox and click on the link the above.*
* Failure to do this will lead to total lock down of your email account and your email will be deleted from the mail server, Do not ignore this notification. Treat very urgently *
*Copyright © 2016 University of California, Los Angeles*
***UCLA MANAGEMENT TEAM.*
The following tips will help users identify and avoid phishing emails.

 

Tip 1: Check the display name and email.
Always check the sender's email to see if the source is legitimate. In Outlook’s email list, only the display name will show up, which may be fake. By viewing the email, the whole email address of the sender should show, which should be checked to make sure the source is real.
In the email near the top, the sender name is simply “IT HELPDESK”. However, the actual email address has nothing to do with the UC system.

Outlook's email list only shows the sender name. Make sure to check the sender email as well.

Outlook’s email list only shows the sender name, eg. "UCLA BruinAlert". Make sure to check the sender email as well.

 

Tip 2: Do not immediately click on links.
Phishing emails will often include links for the victim to click, so users should be wary of any links within an email. These links may lead to a fake website to steal info (disguised as a bank or email website) or to install malware (disguised as a software site or security warning).
The resulting address in a link may be hidden. Only by hovering over the message can one know where the link goes.

The link is hidden.

 

When hovering over the link, the link address will show.

 

Tip 3: Check for spelling mistakes.
Phishing emails may contain many spelling and grammar mistakes. Official emails typically will have no mistakes at all.

This email claims to be from UCLA. Not only is the sender's email address

suspicious, there are multiple grammar mistakes in the body of the message.

 

Tip 4: Check the salutation.
General salutations, such as “Dear sir or madam”, can indicate that the email is spam, sent to many people at once.

Tip 5: Don’t give out personal information.
There have been previous attempts to fool people into giving away personal info, such as UCLA online login credentials. In some cases, the website link in the email will look just like UCLA’s websites or a bank’s website. When you enter and submit your info in these sites, the scammers will receive your info.

Tip 6: Beware of urgent or threatening language in the subject line.
Another technique that phishers use is language or alerts that creates a sense of emergency. These may include warnings about security or account disabling. Always check with the corresponding department to see if these warnings are real.

This scam email threatened to block users’ email accounts from sending messages in order to fool them into clicking a link.

 

Tip 7: Review the signature.
Phishers may not always include email signatures, ending with only a general name such as "IT Department". Businesses and departments will typically have email signatures containing contact info.

Tip 8: Do not click on attachments.
Phishers may attach files or programs that will install malware. If an email is suspicious, do not download or open its attachment.

Tip 9: Don’t trust the header from the email address.
In a few cases, the sender's email address may appear to be trusted but it is fake or spoofed. In suspicious cases, it would be best to directly contact the company or person to make sure the email came from them.

The email address is “@ucla.edu”, but it is a spam message.

 

Tip 10: Don’t believe everything you see.
Phishing attacks have become incredibly advanced and some may be hard to identify as scams. If you have any suspicions at all, please contact your local IT department about it.

 

If you have been phished

Immediately change your password and contact your local IT department.

Sources:
http://www.seasnet.ucla.edu/latest-phishing-scams/
https://www.it.ucla.edu/security/alerts/phishing-scams
https://www.it.ucla.edu/security/alerts/phishing-scams/what-phishing
https://blog.returnpath.com/10-tips-on-how-to-identify-a-phishing-or-spoofing-email-v2/



Water in the middle east and africa: A nexus of cooperation and conflict