If anyone receives a phishing e-mail, it can be very unnerving and frightening. In most cases, nothing will infect your computer if you don’t click any links or respond.In most phishing e-mails, the sender tries to get you (their intended victim) to click a link or give them personal information, like your banking details or passwords. This is a conventional social engineering attack. Here is what to do (and what not to do) should you receive a phishing e-mail.

The human factor is always the weakest link in security

Kevin D. Mitnick

@kevinmitnick

q

Don’t panic and Don’t click any links...

This first thing to do when you get a suspected phishing e-mail is not to panic. All modern e-mail clients, like Outlook and GMail, do a good job of filtering out e-mails that contain malicious code or attachments. Just because a phishing e-mail arrives in your inbox, it does not mean your computer is now infected with a virus or malware.

It is perfectly safe to open an e-mail by using the preview panel. By default, mail clients do not allow code to run when you preview an e-mail.

However phishing e-mails are a real security risk. You should never click on a link in an e-mail or open an attachment in a message, unless you are 100% confident you know and trust the sender. By implication, you should also never reply to the sender – even to tell them not to send you any further mail.

Phishers might send e-mails to hundreds of thousands of addresses every day, and if you reply to one of their messages, it will tell them that your email address is live, and this will make you even more of a target. Once the phisher knows you are reading his e-mails, he will send more attempts and hope one of them will work.

Do not click any links. Do not open any attachments, and do not reply.

t

Check with the Sender

If a suspicious e-mail appears to be from someone you know or work with, check with them to see if the message is legitimate. Do not reply to the email! That is asking for trouble! If it appears to be from someone you know, create a new email message to them, SMS, WhatsApp or call the person and ask if they sent you the mail. Do not forward the email, as that will just spread the potential phishing attack.

If the email claims to be from a company you use, like your bank, medical aid, couriers, or online retailer, go to their website and contact them from there. Once again, do not click any links in the email. Type in the website address yourself (or use your preferred search engine) and use their contact options to ask the company if they sent it out.

If it appears the e-mail was sent to a lot of people, such as communication about an online survey, contact the company or department and ask them directly to find out if they did sent out a communication to all customers.

k

Report the Email

There are four types of organization you can report phishing emails to:

  • The university
  • Your email provider (Like Google or Microsoft)
  • A government agency
  • The organization the email is allegedly from

Report it to the university.

If you receive a phishing email at your @SUN address, you should follow the university’s policy rather than doing anything else. Information Technology security policies require you to forward a phishing email to a specific address, fill out an online report, log a ticket, and merely delete it.

At the end of many phishing warning e-mails that we send out, there two methods that you can use to report phishing e-mails.

  1. By reporting it on the ICT Partner Portal:
  1. By sending an email:​​
  • Start up a new mail addressed to csirt@sun.ac.za.​​
  • Use the Title “SPAM” (without quotes) in the Subject.​​
  • With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.​​
  • Send the mail.​​

Report it to your E-mail provider:

E-mail provider’s like Google have a process that you can follow to report phishing emails. The mechanism varies from provider to provider, but the intended result is the same. The more data the company has on phishing emails, the better it can design its junk filters to prevent scams from ending up in your mail box.

If Google or Microsoft provide your email account, they have a reporting mechanism built into their clients.
In Google, click the three dots next to the Reply option in the email, and then select “Report phishing.”

Mark the Sender as Junk or Spam

You definitely don’t want to get any more emails from the person who sent you this phishing e-mail. Mark it as spam or junk, and your email client will block any further mail from that address. There is a very good article on how to do this in Outlook on How-To Geek. Keep in mind that a phisher will usually use a number of e-mail addresses that they control to send out phishing e-mails. If you block abc@phisher.com, then only this address will be blocked and not def@phisher.com. To block the entire domain you can use wildcard characters: *@phisher.com will block all mail from that domain.

You can add senders to a spam/junk list in any email client.

Delete the E-mail

Finally, delete the email. Usually, this only sends it to the Recycle Bin or Deleted Items folder, so remove it from there as well. There’s no need to keep it after you report it.

You don’t need to run a virus scan or clear your browser history just because you received a phishing email. However, you should always be running an anti-virus program (Like McAfee or MalwareBytes), but it doesn’t hurt to scan your computer and mailbox from time to time.

If you run an anti-virus program that is updated regularly, then it should catch anything malicious before it runs. Of course, if you don’t click a link or open an attachment in the email, then it is highly unlikely that anything malicious has been deposited on your computer.

Don’t worry and carry On

Phishing emails are annoyingly frequent, like flies on a cow pat. In most cases, if you are careful and diligent, your spam or junk e-mail filters will catch most of them, and you never see them. Sometimes, they don’t even get that far because the university’s mail servers will block them.

To defeat the few that do get through, just be careful and don’t click any links or attachments unless you’re sure they’re safe.
Millions of phishing emails are sent every day, but don’t worry – you’re not being singled out as the phishers only target. Just follow the simple steps I have covered above, and then carry on with your day.

The final question you might be asking is whether phishing protection can be funny at all, and you might think not. But believe it or not there is comedy gold hiding in plain sight!

Look no further than the work of comedian James Veitch, whose popular TED Talk details his conversations with multiple email scammers.

 

Stay Safe out there!

David Wiles