Cybersecurity - Detecting a Phishing Emai

13 Mar 2019

Dear Colleagues,

With the rise of ransomware infections that are often activated through phishing emails, it is crucial to protect yourself and your organisation’s security. Detecting phishing emails is a proactive and critical step in protection.

Here are some quick steps on how to spot a phishing email;

  1. Don’t trust the display name of who the email is from: Just because it says it’s coming from a name of a person or organization you know, or trust doesn’t mean that it truly is. Be sure to look at the email address to confirm the true sender.
  2. Look but don’t click: Hover your mouse over parts of your email without clicking on anything. If the link text looks strange or doesn’t match what the link description says, don’t click on it.
  3. Check for spelling errors: Attackers are often less concerned about spelling or being grammatically correct than a normal sender would be.
  4. Consider the salutation: Is the address general or vague? Is the salutation to "valued customer" or Dear "[insert name here]?"
  5. Is the email asking for personal information? Legitimate companies are unlikely to ask for personal information in an email.
  6. Beware of urgency: These emails might try to make it sound as if there is some sort of emergency (e.g. the ED needs a $1M wire transfer, or a staff member is in trouble.)
  7. Check the email signature: Most legitimate senders will include a full signature block at the bottom of their emails.
  8. Be careful with attachments: Attackers like to trick you with an official-looking attachment. It might be a fake icon of Microsoft Excel that isn’t the actual spreadsheet you think it is.

Staffs are hereby reminded to complete the UN Secretariat Mandatory Information Security Training which is available under INSPIRA under the code LMS-1833 or LMS-1834 . This training would only require between 1.5 to 2 hours of your time.

We would like to encourage those who have not yet completed the training to please login to Inspira and the mandatory learning programs will appear on your home page. For more information, please see the guide on how to enroll / register for a course here.

Posted on: 13 Mar 2019