Catch the "Phish"

“Congratulations!”

Have you ever come across emails or social media posts with such a statement? Or perhaps “Check your 13th month bonus here!” or “I’ve taken some interesting photos, check it out here!” Such emails use social engineering tactics to trick you to access malicious websites or to divulge your sensitive information, by masquerading as an email that seems to be real. However, as real as they seem, there are usually tell-tale signs that you can look out for to prevent yourself from falling prey.

Catch the “Phish”

Did you manage to identify the tell-tale signs? While content can be spoofed and information such as your name and designation could be obtained through social engineering means, attackers are rarely able to spoof information such as the email and web address domain name.

Tell-tale signs

Know the difference

Security Tips

• Attackers could obtain information about you through social media sites. Refrain from disclosing sensitive information (e.g. date of birth, phone number, etc) to people that you do not know.
• Social engineering attacks do not only come in the form of email. If you receive unsolicited phone calls or people asking you for your personal information on the street, beware of what you disclose.
• Attackers might ask for your login details or ask you to go to a website to install software for troubleshooting your computer's problem. Think twice before you act as your computer and personal information may be compromised.