Phishing Attempts

Overview

Phishing is the attempt by an attacker to trick you into giving them credentials or some form of access to the system you are currently using. These attacks are often seen through email and consist of an outside attacker posing as either an employee or someone that would be trustworthy to see an email from.

These techniques and attempts can range from someone trying to trick you into running malicious code or to simply click on a link and try to log-in. Often, when trying to attempt these, the attacker will use a sense of urgency to get the user to respond. Using words such as "This action must be completed immediately" or "I need you to reply as soon as possible". These attempts have allowed an attacker into many businesses and phishing is one of the easiest methods to breach a company.

How Can I Spot a Phishing Attempt?

There are usually tell-tale signs to be able to differentiate between a real email and a phishing email. With the following examples, do NOT consider these the only way to spot a phishing attempt.

1. Give Me The Money: Phishing attempts often call for immediate action and to try to get you to send them money. This can range from claiming they have hacked into your laptop and stole personal files. Or to claiming to be a boss asking for a gift card to be bought. Unless if you have spoken to this person, it is usually a scam. If you believe there is a virus on your computer or worry about the claims, create a ticket or email IT Support! (phishing@teamdynamix.com)
2. Incorrect "From" address or even from yourself: This example is a very common example and is easily fallen for. When you receive an email from anyone, be sure to look at the "From" address and confirm the email was from that specific person. Often, this is using a free email service and may attempt to look like it is from someone in the company. When you receive an email that appears to be from yourself, this is using email spoofing to send the fake email. Yet, if you receive a spoofed email, be sure to check any security-related settings or usage to ensure there have not been any new log-ins. If you are unsure, check the Reply-To box, this often will show the original sender. 
3. Spelling and grammar: When reading an email, look for spelling mistakes or grammar issues. While there are occasional phishing emails that are free of any spelling or grammar issues, there are often mistakes in these emails.
4. Links: Providing a link through email is one of the easiest ways to create a phishing attempt. It is possible to post a URL that may look legitimate but actually leads to another website. A safe example is here: https://www.google.com while the link says it is to Google, it actually leads to https://www.teamdynamix.com/  How can I avoid this link issue?  Well, it is easy! When your mouse cursor is hovering over the URL, look in the bottom left corner of your browser, this will often reveal the true destination of a link. An example is below:
5. 
   In this case, the link I am hovering over is to the Gmail button on Google's main page.
    
   When using Outlook, the URL will appear when hovering over the link!
   With URL's, ensure the link is spelled correctly. www.teamdynamix.com and www.teamdynmaix.com are NOT the same.
6. Documents: Another very common tactic is to include a document or PDF through an email. This is the largest worry when receiving a phishing email. Each computer has Anti-Virus that should be able to detect before it causes any harm. But, please take heavy precaution with any documents received through email, and check the steps above to make sure they are a trusted source. An easy way to avoid this issue is to receive documents by sharing them through OneDrive rather than email.

I Received a Phishing Email! What Should I Do?

Ensure that you have not clicked or opened any documents from the phishing email. If you have, please immediately contact IT Support (itsupport@teamdynamix.com). Let us know if you have clicked any of the links or documents inside. If you have not clicked anything inside the email, forward as an attachment it to the IT Support phishing email (phishing@teamdynamix.com). We can ensure that the sender is on a blocked list and more action can be taken.

Still need assistance? Click the "Request Assistance" button on the left.