Does something

seem “phishy” to you?

Millions of people are targets of phishing scams each day. Cyber criminals use a variety of tricks to disguise themselves
as legitimate companies, your colleagues, and people you would normally trust. Make sure you know who you are really
communicating with and be careful of suspicious links.

October is National Cyber Security Awareness Month. For more information and tips to stay safe online,
visit: https://www.dhs.gov/ncsam
How to Spot a Phishing Scam
Cyber crime is a critical threat with social engineering attacks becoming more sophisticated, realistic, and difficult to
recognize. Phishing attacks are one of the most common forms of cyber crime. What does a phishing email look like?
Review the example below for characteristics of a phishing scam disguised to look like a legitimate email.

Generic subject line Bad grammar/spelling

Legitimate emails usually
have detailed subject lines.
A vague subject line can
be a key indicator of a
phishing scam.
Suspicious URL
Hover over links included
in emails to see the actual
destination of the URL.
From: Webmail Master Security (webmastersecurity@webmail.com)
Phishing emails often contain
Subject: Urgent Email misspelled words and bad
grammar. This is a sign that the
email did not come from a
Dear Webmail User, professional organization or a
real person you may know.
You are required to authenticate your account below to continue sending and receive
messages. We strongly advice you to upgrade now to protect your web/Domain and
avoid termination. Follow link to verify your email address immediately:
www.security.webmail.com.
Unnecessary urgency
Failure to update might process your account as inactive, and you may experience Use your intuition and if
termination of services or undue errors. Please comply with new server requirements something 'feels' wrong, consider
and read through the attached privacy policy. calling the organization or office
directly to validate the email.
Wondering why you go this email?

This email was sent automatically during routine security checks. We are trying to
Improper use of protect your account so you can continue using services uninterrupted.
copyright
Thanks,
Watch for improper use of
copyright information. This
Webmail Master
is used to make the phishing
©2017 Webmail Domain
email look official.

Types of Social Engineering

Phishing: Ransomware: Identity Theft:

Online communications or emails
designed to lure individuals into
providing sensitive information.
Tip: When in doubt, throw it out. If
an email looks suspicious, contact
the organization/individual
directly to validate the legitimacy
of the email. You can also report
the email to your email provider’s
IT Security department.
A type of malware that prevents An act of wrongfully obtaining
or limits users from accessing and using another person’s
their system or select files, information that involves fraud
unless a ransom is paid to or deception.
restore access.
Tip: Be diligent before posting
Tip: Be proactive and protect personal information online and
against data loss by backing up think carefully before sharing
your files and keeping them information through apps
safe on a physical, external and websites.
storage device.

For more information and tips to stay safe online throughout the year, visit: https://www.dhs.gov/ncsam
DON’T GET REELED IN.
Phishing is a scam by which an
email user is duped into revealing
personal or confidential
information that the scammer can
use illicitly or fraudulently.

PHISHING
PREVENTION 101
Secure yourself from fraud
and phishing attempts by:
• Turning off the option to
automatically download
attachments
• Saving and scanning any
attachments before opening them
• Before providing any kind of
information, call and verify For more information
with the source that they are
indeed the ones who sent the on phishing visit:
email or message
http://www.cdse.edu/toolkits/cybersecurity
CYBER SECURITY IS OUR SHARED RESPONSIBILITY

DON’T TAKE
THE BAIT

• D
o not open attachments or click on links from untrusted
sources

• Never send personal information in an email

• Keep your firewall and antivirus software updated

CYBER SECURITY IS OUR SHARED RESPONSIBILITY

CONNECT
WITH CARE

• Keep your devices updated with the latest system and

application patches
•
Assume that Wi-Fi connections are not secure, since many
Wi-Fi hotspots don’t encrypt the information you send
• Do not log into financial accounts or other sensitive accounts
when using public Wi-Fi networks
• Consider turning off features on your computer or mobile
devices that allow you to automatically connect to Wi-Fi
CYBER SECURITY IS OUR SHARED RESPONSIBILITY

PROTECT YOUR
SMART PHONE
DO’S DON’TS
• Make sure the OS and software •
Jailbreak your phone
are up to date at all times
•
Download apps from third-
• Download apps from reputable party app stores and sites
sites and closely review permission
requests •
Leave your mobile device
unattended in public places
• Make sure to check the feedback
from other users before installing •
Enable your “Wi-Fi ad-hoc
the program from an app store mode”

• Use a strong, complex password

• Use a security app, if available for your
device
• Turn off Bluetooth and other
connections when not in use
CYBER SECURITY IS OUR SHARED RESPONSIBILITY

USE SECURE
PASSWORDS

KEEP YOUR PASSWORD SAFE BY FOLLOWING

THESE EASY TIPS:
DEVELOP strong passwords that use a combination of words, numbers, symbols, and
both upper- and lower-case letters

CREATE a password phrase and make it relevant. If you’re joining a shopping site for
example, think “About to Use Shopping Site” and use “ABT2_uz_$h0pping”

USE different passwords for every unique account, such as work, banking, and email

DISABLE the “save password” feature in your Internet browser