Phishing Awareness

Oh no!

Alert: There have been multiple failed login attempts to your account. It may have been COMPROMISED. Login to your PayPal account immediately to RESET your pasword. We urge you to login soon or risk losing access to your account. CLICK HERE to reset your password now.

 

Go ahead and click that link!

Wait! We probably shouldn't do that...click the Continue arrow to find out why!

1. Hover

Alert: There have been multiple failed login attempts to your account. It may have been COMPROMISED. Login to your PayPal account immediately to RESET your pasword. We urge you to login soon or risk losing access to your account. CLICK HERE to reset your password now.

http://4z8.info/creditsteal_2309to203z_mal.ware




 

Hover your mouse over the link to see the URL.
Does the URL look related to the rest of the text?

Correct: Incorrect: The web site the link takes you to is http://4z8.info/. Not only does that look suspicious but it is not related in any way to the email content.

2. Word Usage

Alert: There have been multiple failed login attempts to your account. It may have been COMPROMISED. Login to your PayPal account immediately to RESET your pasword. We urge you to login soon or risk losing access to your account. CLICK HERE to reset your password now.

 

Check the email for any misspellings, suspicious tones, or demanding requests. Does this feel like a legitimate email?

Correct: Incorrect: Most professional communications do not use this tone.

3. Email Address

It's important to verify the actual email address instead of just the name. Does the address look real? (Hint: Look for incorrect spelling, as well as added words or characters)

Correct: Incorrect: It's a fake website used to fool people into thinking that they're legitimate. Notice the .ru extension, the number "1" instead of an L in Paypal, and the way they appended "real" to the beginning.

Phish Tank Game

INSTRUCTIONS: On the next slide, you will see various URL's. You must decide whether or not the URL looks safe to click, or not. Every correct answer will add water to the Phish Tank, and every incorrect answer will remove water from it.

Hint: Remember to focus on the actual domain of the URL. For example, https://itunesconnect.apple.com/itc/static/login?appIdKey=e0b80c3bf78523bfe80974d320935bfa30add02e1bff88ec2166c6bd5a706c42&view=1&path=%2FWebObjects%2FiTunesConnect.woa%3F may look like a scary URL. But if we focus on the domain, itunesconnect.apple.com, we see that it actually is a legitimate URL.

 
"www.faceboke.com www.walmart.com/specialOffer www.d1sneylandoffers.com https://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias%3Daps&field-keywords=amazon+fire+stick&rh=i%3Aaps%2Ck%3Aamazon+fire+stick https://www.microsoft.com/en-us/ www.bank0famer1ca.com/signIn http://4z8.info/creditsteal_2309to203z_mal.ware www.microsoftexce1.com/my-attachment https://www.bankofamerica.com http://www.apple57.com/free-iPhone-offer "
Great job! The Phish Tank is completely full. You did well, but didn't quite fill the Phish Tank. Better luck next time!

Things to Remember:

 
  • Hover over a link before clicking.
  • Check for misspellings, suspicious tones, and demands.
  • Verify that the email address URL looks legitimate.
Continue
Go back