October is National Cybersecurity Awareness Month, and as such, we wanted to share some information on a technique known as Phishing.
“Phishing” uses fraudulent email messages designed to impersonate a legitimate person or organization and trick the recipient into downloading harmful attachments or divulging sensitive information, such as passwords, bank account numbers, and Social Security numbers.
But how can you identify when an email is fraudulent?
The tried and true email safety rule has been: Don't open something from someone you don't know. However, in phishing scams, the sender is pretending to be someone you may know or trust.
In the image below, the email came from someone within your organization. If that individual is someone you may not regularly collaborate with, or the message lacks context to the purpose, it's ok to be suspicious.
Other areas to consider are grammar and the fine print items. While this email had proper spelling and grammar, this link claims to be a OneDrive document (a Microsoft product), but the fine print refers to Google Sheets. These small discrepancies are reasons to suspect it may be phishing.
What if I clicked on the link?
The small indicators mentioned above can be hard to identify, and often times we don't realize we shouldn't have done something until it's too late. In this case, the link in the email took us to the website below. It appears to be a Microsoft sign-in page, where you would enter your username and password to gain access to OneDrive. This is actually a continued part of the phishing scheme.
Fake Login Page
If you look at the web address of the page, this is not a Microsoft website, and to the left of the URL it shows that the page is "Not Secure." Just like the email was pretending to be legitimate, this website is pretending to be a trusted Microsoft site. By entering your login credentials on this page, you're giving the Phishing perpetrators the information they need to compromise your account as well.
Fake Web Address
Real Sign-In Page
What if I signed into the fake page?
If you did end up putting your login credentials into the fake page, all hope isn't lost. There are a number of steps you can take to secure your account for the future.
Step 1) Reset your IUSD password at: https://identity.iusd.org. This will reset your password for all IUSD services and be the best step to protecting your account.
Step 2) Contact the Helpdesk by calling 949-936-5060 or by emailing email@example.com. Let us know what happened and we'll be happy to help you out.
Step 3) Consider changing your password for other websites where you used the same username and password combination. While the best practice is to not use the same password for everything online, sometimes it happens. Using a different password will help protect your account on these sites from being compromised.