Email Safety - How much do you know about Phishing?
This topic has recently been troubling me because I have gotten several emails from our "System Administrator" informing me that I am over the limit on my mailbox storage, emails that I know are fake. The problem is, they are written convincingly enough that I'm worried that if people don't know what to look out for, they could be taken in by it.
Here's the full text of the email that was sent to me:
Your mailbox has exceeded the storage limit which is 20GB as set by your administrator,you are currently running on 20.9GB,you may not be able to send or receive new mail until you re-validate your mailbox. To re-validate your mailbox please CLICK HERE
Now, this is a pretty serious threat. If I can't send and receive email, I can't keep up with my job. That's a problem. However, I used some pretty fundamental tools in my toolbox to checkout if this was a legitimate email.
To determine if the email was legitimate, I checked the email address of the person it was coming from. "System Administrator" <email@example.com> Hmmm, there are several things that are sketchy there. First, While the username is listed as System Administrator, the return address is not one I recognize. I can guarantee you that any System Administrator for Denver Public Library will not have an email address that ends in "petsconnect.org." Second, the name connected with this account seems to be Kim D, not Alyssa Wilson. Those kinds of inconsistancies lead me to believe this might not be a legitimate email.
If I ever have any concerns over the legitimacy of an email, I call a number I know and trust to verify that it was sent by someone I should be responding to. Here's some tips on what to do if you receive and email that smells phishy:
- Don't click on any links - they could take you to a webpage that will download malicious software onto your machine
- Don't reply to the email or send any personal information
- Use Google to search for a legitimate phone number for the organization the email is purporting to represent to call and ask if the email is real (don't use any contact information contained within the email)
- Report the email to the Federal Trade Commission at www.ftccomplaintassistant.gov
To prepare yourself in the future for potential online threats, you can find a ton of information at onguardonline.gov or you can attend the Community Technology Center's Computer Basics: Staying Safe Online class. We will be offering Computer Basics: Staying Safe Online on Thursday 5/31, 11am - 12:30pm and Monday 7/2, 2pm - 3:30pm.
As always, feel free to call the Community Technology Center at 720-865-1706 if you have any questions or concerns.