Phishing and Email Scams

From XMission Wiki
Jump to: navigation, search

Phishing can be harder to identify than you think.

A phish is an attempt to trick you into providing your personal information to criminals pretending to be someone you know such as your email provider, your bank, a trusted vendor, or even someone at your own company. It can happen via email, text messages, telephone calls, and online surveys or ads. Their goal is to get your account passwords, financial details, and other personal information. The information is then used to access important accounts, send more phishing or spam emails, and can result in identity theft and even financial loss. Phishing is illegal but finding and prosecuting the criminals is difficult.

Today we will focus on phishing by email.

Generally, phishing email are written to appear as if they were sent by a business whose services you may use. They trick you into a clicking a link to a fake webpage coaxing you to enter personal information. Such messages commonly include information that your payment method has expired or that your mailbox is in danger of deletion if you do not click the link and log in.

As your email and Internet provider, XMission will never ask for personal information via email or delete your account if you do not update your personal details within a short period of time. This is the same with most banks and financial institutions as well.

Tips to identify a phishing email: (See if you can identify clues.) – Manny spelling errors – Grammåticål errors (Unusual çharacters, Case, bold text, or italics use.) – Hidden or incorrect links. To test, hover over link and to see an unauthorized address.

Here is an example of a real phishing attempt (malicious links removed):

From: “IT Help Desk” <random@longbogusdomain.example.com>

: user@yourdomain.example.com

Subject: Dear XMISSION Zimbr Email User

Dear XMISSION Email User,

We detected an unusual login of this account from another location. To help us keep your email account secured, we request an additional security challenge to authenticate your account.

Help Desk department will be performing Authentication and maintenance of the email on our new XMISSION WebMail Server this week. Authenticate immediately to avoid suspension of your account.

Click Here }}}}}} https://webmail.XMISSION.com and Complete the Process.

Thanks, Technical Support

XMISSION System Help Desk

Copyright 2019. All rites reserved

---


Let talk about how to protect yourself against spam and phishing emails:

  • Passwords and Two-factor Authentication
    • One way to ensure security is to change passwords on a regular basis. Passphrases work best and have very reasonable security when 17+ characters. Reference OTHER BLOG POST
    • Never use the same password for multiple accounts.
    • Never re-use old passwords from previous websites as phishing criminals can track your meta data and will try your previously compromised passwords on other websites. (After successful phishing, this is the second most successful method phisher’s compromise mailboxes.)
  • Webmail and mail application settings should always be set to show the full email address of the sender rather than only the friendly name of the sender.
  • If the email was sent at an unusual time of night for the contact the sender is pretending to be. Most people and businesses send during predictable hours.

Example: Sender may show as “XMission Support” for the friendly name but the phish uses, “XMission Support” <landspeed@unusualdomain.example.net>

    • When using webmail and email applications, set preferences to never open images by default. “[ ] Display external images automatically in HTML email.” Make sure this is unchecked.
    • If there is a link in an email, hover over the URL first. Secure websites with a valid security certificate begin with “https”.
    • If the website requires unexpected verification, check the URL for accuracy, and then always contact the company personally before entering any details online.
  • Web browser settings should be changed to prevent fraudulent websites from opening. Browsers keep a list of fake websites and when you try to access the website, the address is blocked or an alert message is shown. The settings of the browser should only allow reliable websites to open up.
    • Use privacy and protection browser plug-ins from trusted vendors such as Privacy Badger and Adblock Pro
  • Banks and financial organizations use monitoring systems to prevent phishing. Individuals can report phishing to industry groups where legal actions can be taken against these fraudulent websites. Organizations should provide security awareness training to employees to recognize the risks.

That is a general education on some steps to protect yourself from phishing attempts.


Final few notes from XMission.

The accurate and safe ways to contact XMission support team are as follows: https://xmission.com/contact

If your XMission account becomes past due and is subject to disconnection, we will notify via email and we may even give you a courtesy call. Our voice mail message will refer you to login to the XMission Control portal to make payments or changes to your account.

As always, if you receive an email that you suspect as a phishing attempt, please forward to abuse@xmission.com and then mark the email as spam to help train our filters to block future attempts trying to use the same attack.