Phishing emails and SMS messages often impersonate legitimate sources such as the ATO, or people in need like a troubled Nigerian Prince:
Please click on to access your $20 million gift from a Nigerian Prince.
We've seen messages "from the federal police", having issued a warrant for your arrest. Surprisingly enough, email isn't one of the ways the AFP issues warrants!
But most of us never ever will come to the attention of the federal police, so there's no reason for us to go down to the Kmart and buy $800 worth of Apple gift cards.
When you receive a message that has nothing to do with the situation you are operating within, or asks you to click on a link inside the message, you should become suspicious. There are plenty of courses available on the Internet on how to identify phishing emails and SMS's, and Clearstone's Phishing and Scam training course will follow this unit and fill out further details on Phishing and Scams.
In the meantime, let's quickly introduce SLAM as a way to assess emails and messages for their dodgyness -
- Sender - who is the sender of the email. If it says Paypal, does the email address match other Paypal messages or is there a weird part of the email (like ppaypal.xy) which is misspelled, or points somewhere else?
- Links - are there links in the email that ask you to click to change a password, restore access to email, banking or some other service, or ask you to log in to fix something? These are all dodgy!
- Attachments - Don't open an attachment to find out what the message is about. Attachments from unknown sources are to be handled carefully.
- Message - Spelling, grammar and the tone of the email should be considered when deciphering an email's legitimacy.
If your SLAM analysis suggests something is off about the email, ditch it!
Comments are closed.