Differences

This shows you the differences between two versions of the page.

--- engineering:computer_science:security:identify_protect_email_scam_phishing [2024/08/26 23:10] – created carlossousa
+++ engineering:computer_science:security:identify_protect_email_scam_phishing [2024/08/26 23:11] (current) – carlossousa
@@ Line 5: / Line 5: @@
 **Last Reviewed:** 26/08/2024
-  *
+----
 **Verify the 'From' Domain:**
-      * Always check the email address of the sender to ensure it matches exactly with the official domain of the organization it claims to be from.
-      * Look for common tricks such as similar-looking domains (e.g., "paypal-mail-server.com" instead of "paypal.com").
+   * Always check the email address of the sender to ensure it matches exactly with the official domain of the organization it claims to be from.
-  *
+  * Look for common tricks such as similar-looking domains (e.g., "paypal-mail-server.com" instead of "paypal.com").
 **Inspect the 'Reply-To' Field:**
-      * Check if the 'reply-to' address is different from the 'from' address. Scammers may use a legitimate-looking domain in the 'from' field but direct replies to a different email.
-  *
-**Check 'Mailed By' and 'Signed By':**
+  * Check if the 'reply-to' address is different from the 'from' address. Scammers may use a legitimate-looking domain in the 'from' field but direct replies to a different email.
-      * In Gmail, examine the 'mailed by' and 'signed by' fields, which should match the claimed domain if the email is legitimate.
-      * A mismatch can indicate a potential spoofing attempt.
+**Check 'Mailed By' and 'Signed By':**
-  *
+  * In Gmail, examine the 'mailed by' and 'signed by' fields, which should match the claimed domain if the email is legitimate.
+  * A mismatch can indicate a potential spoofing attempt.
+**Look for 'Via' in Gmail:**
+  * If Gmail shows a 'via' label, it means the email was sent by a domain different from the 'from' address. This could be a sign of a spoofed email.
+**Use Email Authentication Records (SPF, DKIM, DMARC):**
+  * **SPF (Sender Policy Framework):**  Verifies if the sending server is authorized to send emails for the domain. A pass indicates the email was sent from an approved server, but a fail suggests potential spoofing.
+  * **DKIM (DomainKeys Identified Mail):**  Ensures the email content has not been altered and confirms the sender’s identity via an encrypted signature.
+  * **DMARC (Domain-based Message Authentication, Reporting & Conformance):**  Confirms that the email aligns with SPF and DKIM checks and is a robust method for preventing spoofing.
+**Examine the Domain Closely:**
+  * Be wary of domains with subtle differences, such as using foreign characters or combining letters to mimic legitimate domains (e.g., using "rn" instead of "m").
+**Check for Unicode and ASCII Characters:**
+  * Use tools like a 'Unicode Inspector' or 'ASCII Validator' to detect non-standard characters that might be used to deceive the recipient by mimicking legitimate letters.
+**Inspect the Full Email Headers:**
+  * In Gmail or other email programs, you can view the full headers to see the path the email took and verify the SPF, DKIM, and DMARC results manually.
+**Be Wary of Unexpected Attachments or Links:**
+  * Phishing emails often contain links or attachments that lead to malware or fake login pages. Avoid clicking on these unless you are certain of the email’s legitimacy.
+**Critical Thinking and Awareness:**
+  * Always scrutinize emails, especially unexpected ones, that ask for sensitive information or urge immediate action. Phishing attempts often create a sense of urgency.
+**Use Spam Filters and Anti-Phishing Tools:**
+  * Employ robust spam filters and anti-phishing tools in your email client. These can automatically detect and block many phishing attempts before they reach your inbox.
+**Check for Grammatical Errors and Unusual Language:**
-**Look for 'Via' in Gmail:**
+  * Many phishing emails contain poor grammar, unusual language, or awkward phrasing, which can be a red flag.
-      * If Gmail shows a 'via' label, it means the email was sent by a domain different from the 'from' address. This could be a sign of a spoofed email.
-  *
-**Use Email Authentication Records (SPF, DKIM, DMARC):**
+**Hover Over Links to Verify URLs:**
-      * **SPF (Sender Policy Framework):**  Verifies if the sending server is authorized to send emails for the domain. A pass indicates the email was sent from an approved server, but a fail suggests potential spoofing.
-      * **DKIM (DomainKeys Identified Mail):**  Ensures the email content has not been altered and confirms the sender’s identity via an encrypted signature.
-      * **DMARC (Domain-based Message Authentication, Reporting & Conformance):**  Confirms that the email aligns with SPF and DKIM checks and is a robust method for preventing spoofing.
-  *
-**Examine the Domain Closely:**
+  * Before clicking any link, hover your mouse over it to see the actual URL. Ensure it matches the legitimate site and doesn’t redirect to a suspicious domain.
-      * Be wary of domains with subtle differences, such as using foreign characters or combining letters to mimic legitimate domains (e.g., using "rn" instead of "m").
-  *
-**Check for Unicode and ASCII Characters:**
+**Verify Requests Through Official Channels:**
-      * Use tools like a 'Unicode Inspector' or 'ASCII Validator' to detect non-standard characters that might be used to deceive the recipient by mimicking legitimate letters.
-  *
-**Inspect the Full Email Headers:**
+  * If you receive an email asking for personal information or claiming there’s an issue with your account, contact the organization directly using their official website or phone number.
-      * In Gmail or other email programs, you can view the full headers to see the path the email took and verify the SPF, DKIM, and DMARC results manually.
-  *
-**Be Wary of Unexpected Attachments or Links:**
+**Monitor Financial Statements and Accounts:**
-      * Phishing emails often contain links or attachments that lead to malware or fake login pages. Avoid clicking on these unless you are certain of the email’s legitimacy.
-  *
-**Critical Thinking and Awareness:**
+  * Regularly check your bank and credit card statements for any unauthorized transactions. Early detection of fraud can limit damage.
-      * Always scrutinize emails, especially unexpected ones, that ask for sensitive information or urge immediate action. Phishing attempts often create a sense of urgency.
-  *
-**Use Spam Filters and Anti-Phishing Tools:**
+**Enable Two-Factor Authentication (2FA):**
-      * Employ robust spam filters and anti-phishing tools in your email client. These can automatically detect and block many phishing attempts before they reach your inbox.
-  *
-**Check for Grammatical Errors and Unusual Language:**
+  * Enable 2FA on all accounts that support it. This adds an additional layer of security, requiring a second verification step beyond just your password.
-      * Many phishing emails contain poor grammar, unusual language, or awkward phrasing, which can be a red flag.
-  *
-**Hover Over Links to Verify URLs:**
+**Update Software Regularly:**
-      * Before clicking any link, hover your mouse over it to see the actual URL. Ensure it matches the legitimate site and doesn’t redirect to a suspicious domain.
-  *
-**Verify Requests Through Official Channels:**
+  * Keep your operating system, browser, and antivirus software updated to protect against vulnerabilities that phishing attacks may exploit.
-      * If you receive an email asking for personal information or claiming there’s an issue with your account, contact the organization directly using their official website or phone number.
-  *
-**Monitor Financial Statements and Accounts:**
+**Educate Yourself and Others:**
-      * Regularly check your bank and credit card statements for any unauthorized transactions. Early detection of fraud can limit damage.
-  *
-**Enable Two-Factor Authentication (2FA):**
+  * Stay informed about the latest phishing techniques and educate those around you about how to recognize and avoid them.
-      * Enable 2FA on all accounts that support it. This adds an additional layer of security, requiring a second verification step beyond just your password.
-  *
-**Update Software Regularly:**
+**Report Phishing Attempts:**
-      * Keep your operating system, browser, and antivirus software updated to protect against vulnerabilities that phishing attacks may exploit.
-  *
-**Educate Yourself and Others:**
+  * If you receive a phishing email, report it to your email provider or the company being impersonated. Many companies have dedicated email addresses or forms for reporting phishing.
-      * Stay informed about the latest phishing techniques and educate those around you about how to recognize and avoid them.
-  *
-**Report Phishing Attempts:**
+**Use Email Sandboxing or Virtual Machines for Suspicious Attachments:**
-      * If you receive a phishing email, report it to your email provider or the company being impersonated. Many companies have dedicated email addresses or forms for reporting phishing.
-  *
-**Use Email Sandboxing or Virtual Machines for Suspicious Attachments:**
+  * Open suspicious attachments in a sandboxed environment or a virtual machine to prevent any potential malware from affecting your main system.
-      * Open suspicious attachments in a sandboxed environment or a virtual machine to prevent any potential malware from affecting your main system.