5 Tips to Prevent Phishing

What is Phishing?

A phishing attack is a fake email designed by malicious hackers to look like it's coming from a trusted brand or institution (like Lamar University, the LU Helpdesk, or IT department, banks, or credit card companies).

Why do Hackers Phish?

The goal is to get you to click on the links and/or open an attachment.

Once you give up your user names and passwords or any personal information, it can be used to breach your employer's systems, steal money, or your identity.

5 ways to identify and avoid a phishing attack in your email.

Who is the real sender?

Does the purported sender match the address inside the “<>s”? Ex. From : LamarServiceDesk<jdoe987@example.com>

While this may be a legitimate email, it is not from the Lamar Service Desk. This email has been compromised or spoofed and is being used to send out phishing emails.

Most phishing attacks are sent from an individual email account that has nothing to do with the organization represented, or it’s close to the real thing… but not close enough (amaz0n.com vs. amazon.com)

Check the address.

If the email comes from a brand or institution you do business with, your name should always appear in the first line of the email itself. If it says "Dear Customer", or something equally impersonal, that's a warning sign.

Use your "mouse hover".

The most effective tool we have to defend ourselves against phishing attacks is the mouse hover. It tells us where the hyperlink or button in an email wants to take you without having to click the link. To use it, just hover over any email links with your mouse.

Caution: Do not click on the link, just hover over it, and you'll see a bubble pop up with a URL in it.

If the destination address in the hover doesn't lead to a site you'd expect, it's likely a phishing attack. Hover over the other links in the email. If it's a phishing attack, they'll all have the same destination.