+ Post New Thread
Results 1 to 6 of 6
General Chat Thread, Tips to avoid Phishing E-mail or other lovely viruses in General; Hey all, I have had a teacher come up to me today, the teacher almost fell for an fishing e-mail. ...
  1. #1
    Grey-gear's Avatar
    Join Date
    Nov 2009
    Location
    Derby
    Posts
    227
    Thank Post
    10
    Thanked 26 Times in 23 Posts
    Rep Power
    17

    Tips to avoid Phishing E-mail or other lovely viruses

    Hey all,

    I have had a teacher come up to me today, the teacher almost fell for an fishing e-mail. After coming to me we check to see that it was a fishing e-mail and then the teacher deleted it and went back to he's Prep time. This got me thinking about the advice a give out on safe use of e-mail when talking to the staff or students, I normal say when they uses their personal: -

    1. Only open e-mail from people you know.
    2. Delete or move to junk anything you think is unsafe.
    3. If it's to good to be ture it's because it's to good to be ture.
    4. Don't give out your e-mail to people on the street or to websites that you visit researching work, or have a diffenet e-mail account just for that.
    5. If you do get an E-mail that looks genuine copy and paste a bit of the text into Google, Yahoo, Bing etc and see if a hit comes up saying it's fake.
    6. Come and show it to me so I can check the links.
    7. Don't use a school computer to check you personal e-mails.

    Have I missed anything?

  2. #2

    LosOjos's Avatar
    Join Date
    Dec 2009
    Location
    West Midlands
    Posts
    5,182
    Thank Post
    1,285
    Thanked 1,029 Times in 729 Posts
    Rep Power
    658
    Even if an email looks completely legitimate, if it's asking you to click a link and log in to your account, don't. Always type the address for the homepage of said site and login yourself from there; if there is really a message waiting for you, it'll be there.

    [PS - I hate to be a pedant, but it's phishing when talking about security attacks!]

  3. Thanks to LosOjos from:

    Grey-gear (21st September 2012)

  4. #3
    Grey-gear's Avatar
    Join Date
    Nov 2009
    Location
    Derby
    Posts
    227
    Thank Post
    10
    Thanked 26 Times in 23 Posts
    Rep Power
    17
    Thanks for your relpy.

  5. #4


    Join Date
    Jan 2009
    Posts
    1,077
    Thank Post
    136
    Thanked 193 Times in 135 Posts
    Rep Power
    146
    Quote Originally Posted by Grey-gear View Post
    Hey all,

    I have had a teacher come up to me today, the teacher almost fell for an fishing e-mail. After coming to me we check to see that it was a fishing e-mail and then the teacher deleted it and went back to he's Prep time. This got me thinking about the advice a give out on safe use of e-mail when talking to the staff or students, I normal say when they uses their personal: -

    1. Only open e-mail from people you know.
    2. Delete or move to junk anything you think is unsafe.
    3. If it's to good to be ture it's because it's to good to be ture.
    4. Don't give out your e-mail to people on the street or to websites that you visit researching work, or have a diffenet e-mail account just for that.
    5. If you do get an E-mail that looks genuine copy and paste a bit of the text into Google, Yahoo, Bing etc and see if a hit comes up saying it's fake.
    6. Come and show it to me so I can check the links.
    7. Don't use a school computer to check you personal e-mails.

    Have I missed anything?
    Only the fact that the moment they sit in front of a computer and check their e-mail, they'll completely disregard everything you told them.


  6. Thanks to Earthling from:

    Grey-gear (21st September 2012)

  7. #5
    CAM
    CAM is offline

    CAM's Avatar
    Join Date
    Mar 2008
    Location
    Burgh Heath, Surrey
    Posts
    3,703
    Thank Post
    755
    Thanked 296 Times in 233 Posts
    Blog Entries
    60
    Rep Power
    243
    Tips below:

    1 - Never click on a link in an E-Mail unless you are expecting to (such as verification after signing up to a site). Visit the website directly and log in there. Example: Person X has added you on Facebook, don't click the link but check by logging in to Facebook directly.
    2 - Offers that look tempting are tempting for a reason, to get you to respond!
    3 - If you don't expect an E-Mail or the E-Mail seems very out of character, do not respond. With the rise in compromised accounts this year, even E-Mails from people you know can be dangerous so if it seems very unusual for Aunt Pam to offer a million pounds to shift money out of Nigeria, it probably wasn't sent by Aunt Pam!
    4 - Any E-Mail requesting log-in details to verify your account due to fraudulent use or risk shutdown will be fake (E-Mails from Blizzard Entertainment and Free E-Mail services are most common). Same with "account purges" or "shutdowns."
    5 - Never unsubscribe from spam mail, they are there to get you to confirm your account is active.
    6 - Unsolicited mail about current issues are very common attack vectors for scammers!

    Common Scams:

    - Large sums of money to be moved, requiring a sum of money by a specific time (revealed later) to resolve a complication. (AKA 419 Scam)
    - Inactive accounts are being purged, please confirm login details or be shut down.
    - Fraudulent activity detected, confirm login or be shut down.
    - Any link leading to fake login pages (very convincing!).
    - Fake password resets. If it wasn't initiated by you, it isn't real!
    - (From person on contacts list) Hey, is this you? http://scamlinkgoeshere (Also seen on social networks).
    - See video of Insert Shocking/Funny/Trending/Bizarre story here (Very common on social networks).
    - Your computer is infected, click here to fix it or nasty things will happen.

    Last but not least, the entire malware and scams landscape is changing. Where trojans and other nasty programs hidden behind adverts were typical attack vectors in a scam campaign, this changed to drive-by-downloads where a vulnerable machine would get hit by a compromised web-page. As anti-virus systems improved, attack vectors changed again to target the more vulnerable parts of the system, the users! Social Engineering is the term used to describe tricking people into handing over personal and sensitive information to carry out attacks by using false Facebook updates or Spam E-Mails, even phonecalls to technical support teams. Security firm HBGary was compromised by Anonymous with a phonecall asking for the server password.

    Then there is the biggest change in the past year or so following high profile breaches of company databases, Pastebin logins dumps. Attackers breached security of websites via technical or social means, accessed databases and discovered unencrypted or easily crackable login information. The raw details were put on the Internet for all to see and analysis showed many people re-used passwords, meaning one breach of an account could result in multiple breaches over multiple Internet services. This is very hard to defend against short of unique passwords over many services (but security questions may be the same and easily discovered through sharing too much information publicly!). A prime example is Guild Wars 2, where on release day people re-used passwords when creating accounts and had their accounts breached on day 1 of launch by attackers trying logins on lists of breached details.

  8. #6

    Join Date
    Jan 2008
    Location
    Cheshire, UK
    Posts
    331
    Thank Post
    63
    Thanked 59 Times in 41 Posts
    Rep Power
    47
    Amongst giving similar tips out I also give this out to staff to help them avoid the pitfalls of sending emails to the wrong people.

    http://www.securingthehuman.org/news...-201203_en.pdf

    The guides are written by experts for ordinary folk to help themselves and computer safe. So far they have gone down well and nobody felt I insulted them (a typical problem with some!).

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 16
    Last Post: 28th July 2011, 04:12 PM
  2. Spreadsheet to Blackberry (or other device)
    By Cache in forum Netbooks, PDA and Phones
    Replies: 2
    Last Post: 3rd March 2010, 07:17 PM
  3. Moved or moving to SIMS or other MIS
    By alandickey41 in forum MIS Systems
    Replies: 2
    Last Post: 11th March 2009, 06:26 PM
  4. Replies: 1
    Last Post: 8th June 2007, 08:43 PM
  5. Environment variables or other method
    By HodgeHi in forum Scripts
    Replies: 3
    Last Post: 21st June 2006, 09:05 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •