Tips on Identifying Phishing Scams

Think, Then Slow Down And Think Again

The article linked below lists a few tips on how to identify phishing scams in your daily life or while you are working. Here is a short list of some clues to help identify phishing emails.


  • The email address does not match business name or location. With many phishing emails if you look closely at the FROM address, you might notice misspelling  or even something that doesn’t match the organization at all. One type that has been seen at UMBC are scammers having an email that ends with <.umbc@gmail.com> to try and trick users into thinking it is from a UMBC source.

  • A sense of urgency. Many phishing emails will have a sense of urgency that are created to distract the user from the emails true intentions. The idea is that the victim is too preoccupied with getting the action completed to see that it is a false request.

  • Uncommon request from someone within the organization. Is this email coming from someone you do not normally work with? Would they normally be asking you to help complete this task or project? 

  • Poor grammar and spelling. Many times the true sign of a suspicious email are common words being misspelled. There could also be capitalizations in almost random spots of a sentence and the spacing between words might be off.


Phishing scams are not the only tactics that are used by malicious actors. Many are impersonating or creating fake charities and using social media to further expand their campaign. Twitter has been seeing many of the “send me $1 and I will send you $2” scams as well as an increase in scams promoting bitcoins.


With charities, malicious actors are creating seemingly wholesome and thorough charity websites or social media profiles to target those who want to help. These scams often come as telemarketers or prompted phone calls. If you would like to give to an organization please do your research before giving any personal or financial information.


If you do receive any email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu


How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 


For more information, please check out: 

https://securityboulevard.com/2020/08/identifying-covid-19-phishing-scams/


To read more articles published by DOIT visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19 

Tags:

Posted: December 16, 2020, 5:30 PM