Phishing: Bait Examples
This is an example of a simple but effective Impersonation Attack.
Email impersonation attacks are a type of phishing attack where the attacker impersonates a legitimate sender in order to trick the recipient into clicking on a malicious link or attachment. These attacks are typically used to steal sensitive information such as login credentials or financial information.
How to identify this is a phishing attempt (information is highlighted in yellow):
- The display name says from a supervisor.
- Email is a random, misspelled Gmail address.
- Request for a response or more information; intentionally vague.
To help combat these kinds of emails, CSHL IT and Cybersecurity incorporates the following safeguards:
- Our system identifies that this is external email
- Display message: "You often don’t get mail from [this sender]."
In cases of phishing, "Responding to the email" means either clicking a link in the email or clicking the link and submitting credentials.
Best practices:
DataImage63.png
| Files | ||
|---|---|---|
|
|
DataImage63.png
122 KB
|