Email Safety: Spam, Phishing and Spear Phishing

Spam

Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

Spear Phishing

Spear phishing is highly specialized attacks against a specific target or small group of targets to collect information or gain access to systems.

Items to note

The email they send can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business. It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or another matter.
If you are unsure, try to verify it:

• Contact the company directly using information provided on an account statement or back of a credit card.
• Search for the company online – but not with information provided in the email.

Here are ways to reduce spam:

• Enable filters on your email programs.
• Report spam! Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
• Consider hiding your email address from online profiles and social networking sites, or only allowing certain people to view your personal information.

How Do You Avoid Being a Victim? Protect Yourself with These Tips:

When it doubt, throw it out:
Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk.
Think before you act:
Be wary of communications that ask you to act immediately/offers something that sounds too good to be true, or asks for personal information.
Make your password a sentence:
A strong password is at least 12 characters long. Focus on a positive sentence that is easy to remember (for example, “I love country music.”).
Unique account, unique password:
Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.

What Should You Do if You Think You are a Victim?

Report it to the appropriate people within the organization, including network administrators. If you believe your financial accounts may be compromised, contact your financial institution immediately and close the account(s). Also consider reporting the attack to your local police department.