Cyber security trivia
How to prevent phishing emails
What is a phishing email?
Phishing emails are used by hackers to pretend to be trusted people such as colleagues, partners, friends and family, and trick users into replying to emails, clicking on malicious links embedded in the body of the message, or in attachments, or Trojan spyware, to steal sensitive data, personal passwords, or bank accounts, or to execute malicious programs** on the device to carry out further cyberattacks.
In recent years, the use of phishing emails to spoof has become more and more rampant, and the threat to information security has become more and more significant.
How to identify phishing emails.
1.Look at the recipient's address
If it is an official email, most senders will use a work email, and if you find that the other party uses a personal email address or the email account is spelled strangely, you need to be vigilant. Phishing emails usually spoof the sender's address and set up an account that resembles the name of the organization or the system administrator.
2.Look at the email header
Most of the phishing email subject keywords will involve work-related content such as "system administrator", "notification", "meeting schedule", etc., and you need to be vigilant when receiving emails with such keywords.
3.Look at the wording
Be wary of emails that use generic greetings such as "dear user" and "dear colleague". At the same time, it is also necessary to be vigilant against any content that creates an atmosphere of emergency, such as asking for "must be completed today" or "what is the impact of expiration", etc., so that people are rushing to the wrong means.
4.Look at the purpose of the text
Beware of the other party asking for the login password, normal emails generally do not ask for the recipient's account password and other information.
5.Look at the content of the text
Beware of links that need to be clicked in the content of the email, which are likely to be phishing links, and beware of the unsubscribe button in some emails, by planting malicious**, clicking to unsubscribe will receive more spam emails or be implanted with Trojans.
How to prevent phishing emails
1.Install anti-virus software
Install and regularly update anti-virus software, enable scanning of emails and email attachments, and update computer system patches regularly.
2.Protect login passwords
Install and regularly update anti-virus software, enable scanning of emails and email attachments, and update computer system patches regularly.
3.Bind your email account to your mobile phone
By binding your email account to your mobile phone, you can not only retrieve your password in time, but also receive a remote login reminder from your mailbox.
4.Public and private mailboxes should be separated
You don't need your work email to sign up for public services, and you don't need your work email to send private emails.
5.Do a good job of file protection
You should clean up the emails in your inbox in a timely manner, and you can choose to delete the abnormal emails directlyBack up important files locally to prevent file loss after an attackImportant emails or attachments should be encrypted as much as possible, and decryption passwords should not be attached in Chinese.
6.Don't trust the display name in the sender's address
If there is a link in the body of the email, don't open it directly, as many phishing emails use short links or text with links to confuse the recipient. If you receive an email notification such as an email prompting you to upgrade or deactivate, you should confirm whether ** is the email address itself before clicking the body link.
7.Don't click on links in unfamiliar emails
Install and regularly update anti-virus software, enable scanning of emails and email attachments, and update computer system patches regularly.
8.Do not relax the mail of "acquaintances".
Attackers often use the compromised email address to send phishing emails to friends, and if there is a problem with the content of the email, they should contact the friend in time or confirm the verification at the same time.
9.Don't use public networks for sensitive operations
Try to avoid logging in to your mailbox, messaging software, or online banking in public. In the case that security cannot be determined, try to avoid connecting to Wi-Fi to perform the above operations, and avoid obtaining sensitive personal information by means of data throttling.
10.Do not post sensitive information to the internet
Attackers collect and analyze information posted to the Internet and send phishing emails to users.
I understand the reasoning.
But I always feel that "phishing emails" are far away from me.
After reading this little cartoon below.
You'll find the "master fisherman" around.
Wen Xin reminded
Through the above identification and prevention methods, you can effectively defend against phishing emails and avoid the harm caused by phishing emails. No technical means can achieve 100% elimination of phishing emails, so please raise your awareness of potential risks and prevent them from happening.
end• end •
*|The Third Academy of China Aerospace Science and Industry.