Blog 4: If It Looks "Fishy", It Just Might Be "Phishy!"

Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net

A fish, that is just floating effortlessly by a rock, all of a sudden sees a flash of white and yellow heading it's way. It thinks to itself, "that looks like something I could eat! Yes, it is something I could eat because it looks just like a minnow. If it looks like a minnow, it must be a minnow. I love minnows! Therefore, I must swim to it fast, open my mouth, and gobble that flashy and tasty little treat up." At this point, the fish is feeling very lucky. So, it moves in a quick direction towards the meal and completes the mission. Unfortunately, that was not a delicious minnow and the fish was tricked! 

Like the fish, I must be the luckiest person on the planet! According to some of the emails I receive, I have people from all over the world wanting to send me money. Out of everyone in the world...they picked ME! How amazingly lucky is that, right?! Even more, they make it so easy to get the money. All I have to do is provide them with some personal information, like my full name, social security number, and a bank account to get the money deposited. I am so incredibly LUCKY! Well, about as lucky as that fish on the end of the hook fighting to stay in the water while being pulled from the other end of the line. You see, after providing the information, I did not see any of the promised money deposited. Instead, I saw money withdrawn, as I too have been tricked! 

Lucky for me, this is just a story and didn't actually happen. As the title of this blog states, if it looks "fishy", it just might be "phishy." Phishing emails come in many forms and can even appear to be legitimate. Therefore, do not become a victim like the fish or my story. Before you click on any attachment or link in an email be sure to R.E.A.D. the email first. Ask yourself if the email is:

• Relevant: Is the email relevant and appropriate for you or your work? If the answer is no, it could be spam or a phishing attempt.

• Expected: Is the email from an expected or trusted source under the sender’s typical email address? Does this source normally send you similar emails or attachments? If the answer is no, it could be a phishing attempt.

• Action Requested: Does the email call for you to perform an urgent/immediate action (click a link or open an attachment)? If the answer is yes, it could be a phishing attempt.

• Defies Logic: Does the email sound too good to be true or seem suspicious? If the answer is yes, it could be a phishing attempt.

Thank you for reading! Until next time, remember that you don't have to become a victim of a threat to become aware of a threat!