Should I respond to this email?

Posted on by cyberspof.uk

What are the main things that have been seen in an email to make us think its a Phishing email…

  1. Asking us to do something urgently
  2. Asking us to do something that we normally wouldn’t do
  3. Making spelling and grammar mistakes
  4. Sending the email from an unusual address
  5. Not sounding like they normally do when they send you an email
  6. Asking for lots of personal details
  7. I have no idea who you are, why are you sending me this?

What should we do then?

I go with the simple, just don’t answer and delete the email, if it is important they will send another one or make contact another way. If you really do want to follow up on this, don’t email back, pick up the phone and ring them to check that its valid.

Should I enter my password here?

Posted on by cyberspof.uk

I wish this was the first question that everyone asked themselves before they happily enter their passwords whenever they are asked. Sadly, the reality is anything but.

So, what can we do to help the users make a sensible choice, and work out if it is safe to enter their password

  1. Awareness, Awareness, Awareness – Lets try and get the message through to everyone that their password is a key, and they must keep them safe and secure.
  2. Double Check – Look at the screen, check out the wording, if its a web page then make sure the URL is correct.
  3. If we are in a corporate environment, lets turn on all the branding we can to help the user identify that its a safe place to enter their password.

All of this is much easier said than done. Even if we are sure the message is out there, we can also guarantee that there will be times when we as a human forget, so seems we are just going to have to have a backup plan – technology…