Difference between revisions of "Phishing and Spoofing-Masquerading Spam"
Line 23: Line 23:
 
:'''Spoofing''' or '''Masquerading''' is when someone sends an email and it appears to come from someone else.  You you could receive spoofed/masqueraded email in the form of a phishing email.  Please see above for info on phishing email.
 
:'''Spoofing''' or '''Masquerading''' is when someone sends an email and it appears to come from someone else.  You you could receive spoofed/masqueraded email in the form of a phishing email.  Please see above for info on phishing email.
  
:'''Spear Phishing''' ''extends'' the masquerading, as spear phishing is a type of phishing spam where a spammer sends mail that ''appears'' to be from someone you know/trust, but is actually from the spammer. In the case of spear phishing, the spammer tries to get you to send them information (financial, etc.), as you might think you're actually sending it to the person you know/trust (and you're really not.)   It's a very easy thing for a spammer to do. It's also a very common thing. Spammers can make the From: address in your email look like any name or email address, like that of your trusted friend, family member, co-worker, etc.  However, the actual e-mail was sent by the spammer.  Examining the full mail headers for your email (different methods for each email client), can help you determine the actual sender's (spammer's) email address.  (And that email address they are using to actually send the mail might be stolen as well.)
+
:'''Spear Phishing''' ''extends'' the masquerading, as spear phishing is a type of phishing spam where a spammer sends mail that ''appears'' to be from someone you know/trust, but is actually from the spammer.
 +
 
 +
: In the case of spear phishing, the spammer tries to get you to send them information (financial, etc.), as you might think you're actually sending it to the person you know/trust (and you're really not.)   ''It's a very dangerous type of email,'' and it's easy to fall prey to it. It has become a common personal information-fishing tactic.   It's also a very easy thing for a spammer to do.  
 +
 
 +
:Spammers can make the From: address in your email look like any name or email address, like that of your trusted friend, family member, co-worker, etc.  However, the actual e-mail was sent by the spammer.  Examining the full mail headers for your email (different methods for each email client), can help you determine the actual sender's (spammer's) email address.  (And that email address they are using to actually send the mail might be stolen as well.)
  
 
:If you receive email that looks like it comes from someone you know, but the message content seems suspicious in some way, examine mail headers for the actual sender's email address, to be sure.  If you receive mail asking for personally identifiable information, financial info, login credentials, etc., be wary, and make sure you are replying to the legitimate audience.
 
:If you receive email that looks like it comes from someone you know, but the message content seems suspicious in some way, examine mail headers for the actual sender's email address, to be sure.  If you receive mail asking for personally identifiable information, financial info, login credentials, etc., be wary, and make sure you are replying to the legitimate audience.

Revision as of 19:44, 2 April 2021

Phishing

Phishing can generally be defined as non-legitimate email you receive that tries to get you to provide the sender some type of personal information. The sender is "fishing" for info from you.

What are some elements of phishing email?

  • It could be in the form of an html-based email with a login page embedded.
  • It could be something as simple as someone emailing you requesting you to send them info directly.
    • And sometimes, the sender might have first created an account, like a gmail account, that looks similar to one you might already know, but not exactly the same.
    • Or it might be a masqueraded sender address. See the Spoofing (Masquerading)/Spear Phishing section below.
  • A phishing email might have a link to a login or info request page.
The above are just some examples of characteristics of phishing emails.
It is very important that you examine all incoming email to make sure it comes from a legitimate source. Your mail client should provide you a way to look at full mail or message headers so you can see if what you think is a legit address in the From: part of your message is actually the real address the sender is sending from.
If your email has a link to a page, the text for the link you see in your email maybe not be where the link actually takes you. Examine the link carefully. If you're at a computer, you might be able to hover your pointer over the link to see its true URL.

Spoofing (Masquerading)/Spear Phishing

Spoofing or Masquerading is when someone sends an email and it appears to come from someone else. You you could receive spoofed/masqueraded email in the form of a phishing email. Please see above for info on phishing email.
Spear Phishing extends the masquerading, as spear phishing is a type of phishing spam where a spammer sends mail that appears to be from someone you know/trust, but is actually from the spammer.
In the case of spear phishing, the spammer tries to get you to send them information (financial, etc.), as you might think you're actually sending it to the person you know/trust (and you're really not.) It's a very dangerous type of email, and it's easy to fall prey to it. It has become a common personal information-fishing tactic. It's also a very easy thing for a spammer to do.
Spammers can make the From: address in your email look like any name or email address, like that of your trusted friend, family member, co-worker, etc. However, the actual e-mail was sent by the spammer. Examining the full mail headers for your email (different methods for each email client), can help you determine the actual sender's (spammer's) email address. (And that email address they are using to actually send the mail might be stolen as well.)
If you receive email that looks like it comes from someone you know, but the message content seems suspicious in some way, examine mail headers for the actual sender's email address, to be sure. If you receive mail asking for personally identifiable information, financial info, login credentials, etc., be wary, and make sure you are replying to the legitimate audience.
If you are not sure if the email is legit, contact the sender by an alternate means, e.g, by phone (a phone number you know is legit) or send a separate email to that individual (do not just click reply on the suspicious email) using an email address you know for that individual.

If You Receive Phishing/Spoofing Email...

If you receive phishing/spoofing email , especially if it's requesting you to log in to the JHU login page, please be wary of it, and if you think it's not legit, please forward it (and any mail headers, if possible), to spam@jhu.edu so that they can examine it and take proper action. Additionally, cc: your forward to wsehelp@jhu.edu (WSE IT's helpdesk.)
In addition, if you received spam (including phishing, etc.) email at your @jhu.edu account directly, you can also visit JHU's How-to page for reporting spam.

Filtering Spam Received At Your CS Email Account

Please see: Spam Filtering At CS

Do's & Don'ts Of Protecting Yourself From Phishing, Malware, & Ransomware-based Emails Scams

In a recent email to the JHU public, Darren Lacey, JHU's Chief Information Security Officer, compiled an excellent collection of Do's and Don'ts to protect yourself from phishing, malware, and ransomware-based email scams. Click the link below to read Darren's email.
Be Cautious and Avoid Phishing Attacks - Do's & Don'ts