Versions Compared

Old Version 6

changes.mady.by.user Eileen Galvin

Saved on

compared with

New Version Current

changes.mady.by.user Eileen Galvin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Anatomy of a suspicious email

...

  1. Is the email tagged “External?” If so, then it came from an address outside of CCAD, even if they claim to be from within the organization.

  2. Do you recognize the email address? It’s easy to look at the sender and miss the actual email address just to the right of it. An email that is from CCAD would have an address that ends in @ccad.edu, not @ccaddd.edu.

  3. Click the down arrow next to “to me” to expand the sender information. In this example, the sender’s domain is ccaddd.edu, which is not legitimate.

  4. Examine links in the email carefully before clicking on them. In this example, https://ccad.google.com/mail is not a real address. You can also hover over a link with your mouse to see a preview of the address it redirects to. In this example, the link forwards to: https://34.75.2o2.lol/XVkVkRVNtOXRSamRhYUdSSk9WZFpVM3BPYkhKdmRrSkR etc.

  5. Does the message create a sense of urgency? Breathe. It’s natural to act before thinking when you’re panicking, and that’s exactly what these emails want you to do. Sometimes, it will be obvious that the situation doesn’t apply to you (I don’t even have an American Express account). Other times it will seem much more plausible.

  6. Is the email asking you for personal information? Never send personal information in an email—addresses, credit card information, driver’s license information, Social Security number, etc. Never send account passwords to anyone. Email is not a secure form of communication, and most organizations realize that. That’s why banks and doctor’s offices often have their own secure platforms for uploading files. The IRS will never ask you to provide information over email, they’ll send it to your mailing address.

  7. Finally, does anything just seem off about it? Are there a lot of misspellings or grammatical errors in the email? If you recognize the sender, is the wording different from their normal communication style? Look out for red flags, and keep in mind that many harmful emails will seem credible when taken at face value such as the example shown above.

What should I do if I’ve received a phishing email?

...