Good morning team!
Through the time I’ve been here at Carondelet, I haven’t seen much in regards to security problems, and it is great to be in this position! Unless, there have been unreported incidents…? ??
Nevertheless, I am here to help!
This is the first email in a series that I will be sharing with you quarterly with informational pieces that can help us understand if an e-mail is legitimate or what some of the malware pieces out there are and what they do. If nothing else, they’re just little tech notes to keep you informed, not only here at work, but also with your home computer, mobile devices, or online accounts.
What is email spoofing?
Bad actors, or malicious entities called “spoofers,” create emails that seem to come from a trusted source, upper management, authoritative figures or legitimate organizations we subscribed to. These emails typically contain links to viruses or can come in combination with phishing scams; which, are essentially links to fake sites requesting the recipient’s username and password, or instructions requesting information from the recipient in any other way.
Typically, if this email is opened, replied to or acted upon in any other way, the recipient’s contact list is stolen and the malicious email is then forwarded to those email addresses.
Examples of Spoofing/Phishing:
- Spoofed email from “Mary Yamoah” asking the recipient to reply.
- Spoofed email from “Apple” stating the user’s Apple ID is locked:
In the web version of Gmail, you may hoover over an email, and it will show you the recipient’s address from there without having to open the message, as in the example below:
Again, most legitimate organizations that abide by proper security strategies will not request your account information via email, or will not ask you to click a link to “update or change” your password. Unless, you have requested this process directly from the organization’s website, always practice caution or delete the message.
And! Remember kids, email is not encrypted, so do not email any username and passwords or any sensitive information such as credit card or social security numbers, bank account info, etc.
Stay safe out there my friends!
Created Feb 04 2020, by Nely Durán