Week 2: Email Safety
In Greek mythology, Sirens lured sailors to certain doom while they were out at sea, by using their mesmerizing singing to draw them in. Similarly, a phishing attack occurs when bad actors send email messages that are designed to trick you into responding to them with valuable information.
Phishing attacks are considered the easiest social engineering attacks used by bad actors. A phishing email might warn you that, “something is wrong with your account,” or “an urgent document is waiting for you,” or to “fill out this form to access important information.” Today we are seeing more specifically-targeted spear-phishing attacks, in which the bad actors pretend to be a colleague to seem more trustworthy.
You should always scrutinize your email before taking action, and be cautious about sharing personal information in an email or on a webpage.
Tips to avoid getting Phished:
- Never share high-risk or sensitive information such as passwords, social security numbers, etc., via email.
- Never click links in an email. Use your own bookmarks or copy/paste the webpage address from the email.
- Avoid opening unsolicited email attachments.
- Beware of web page addresses designed to trick you (such as uic.edu.com, uic.com, or uic.org).
- Report any suspicious email to email@example.com immediately.
Don’t get caught by a phish — be suspicious of unsolicited email. Resist the Siren’s call!