Laptop 

You Were Phished!

How To Recognize and Avoid Phishing Scams

Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.

What looks phishy in this email?

Take a look at the examples below. Hover over the colorful dot to see the answer. How many phishing tricks did you get correct?

Phishing Email Examples: Button | Attachment | Link

Phishing Email With Button

Example 1

Unknown/Unrecognized Sender

In this example, the domain name “emailnotificationz.com” is misspelled. Additionally, any account deactivation will come from ASRT IT department with our domain ending in “asrt.org”.

Threats

This is not a standard ASRT process to deactivate a staff account. These types of requests only come from HR which are carefully communicated and coordinated outside of an email.

Suspicious Links

Only IT can deactivate an account. This procedure is only fulfilled with HR approval and never carried out through a link in an email.

Urgent call to action

Creating a false sense of urgency is a common trick of phishing attacks. But this is an uncommon practice of ASRT. This should prompt you to reach out and double check with ASRT IT department.

Impersonation

ASRT does not have a dedicated Security Team or task force. These efforts fall within the ASRT IT department and you would typically see a signature from “IT Operations Team”.

Unknown/Unrecognized Sender

If you receive an email from an email address you have not heard of, pause it may be a phishing attempt. The portion after the @ symbol is referred to as the domain. Do you recognize this domain? In some cases, if you are unsure and the domain does sound like someone you have worked with, open a web browser and access your account directly. From there you can look for any requests from the specific vendor.

Threats

Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message.

Suspicious Links

If you suspect that an email message is a scam, don't open any links you see. Instead, hover your mouse over the link, but DO NOT CLICK, the link to where the link is taking you. Specifically look after the https://. Is this a site you recognize? If not do not access the link.

Urgent Call to Action

If you are presented with a message stating action must be taken immediately, think twice. This tactic forces you to believe you have to act quickly and will not research the rest of the email.

Impersonation

Most phishing attempts will impersonate a specific department, or individual within your company. Many scammers will research a company looking for those who hold high positions in the company. Does the signature match the from email address? Does the request they are making seem like something they would normally request from you? If you are suspicious, open a new email message and message this individual/department directly.

Phishing Email With Attachment

Example 1

From Name Does not Match Address

All ASRT correspondence will come from email addresses ending in “@asrt.org”.

Threats

Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message.

Unexpected Attachments

Hoovering over an attachment can expose the website you will be redirected to. If you do not recognize the domain name (ex. “employeeportal.net-login.com”), DO NOT CLICK. If the attachment is malicious, the website will typically be unsecure and have a URL that leads with “http” rather than “https”.

http://employeeportal.net-login.com/xcmvnjaxbqzwa50-x2lktoqynd3dsnaq2gmz-ijyq1woywolnbl9wyd-5fq9mtc5sntg4nyzhy4rp-b239y2xpy2smdxjspqd0dhbzo-i8vc2jdxijlxz1sbvyzm0og3=

Urgent call to action

When you get an email that claims to be from a reputable company, colleague or unfamiliar, take a moment to examine it extra carefully before you proceed. The email may be sent from another email domain. Be watchful for subtle misspellings of the legitimate domain name.

Impersonation

Identifying executives or members of management team is easily done by scanning an organizations website. ASRT has a Staff Listing page on our website. Although email addresses aren’t listed, hackers understand it is common for organizations to utilize a standard convention such as first initial, last name followed by the domain name.

From Name Does not Match Address

This email appears to be from Ray Arambula, ASRT’s CIO. However, looking at the rest of the email address (no-reply@escmail.com) does not match an ASRT email. Editing the "From" field of an email address is easy and is used to ease the receiver that this may be a legitimate email.

Unexpected Attachments

Clicking an attachment from an email can execute an installation of an unwanted program. Some attachments will allow you to hover over the attachment to verify the location of the attachment. Emails with attachments should be verified before opening the attached document.

Impersonation

Similar to above, this hacker has used Ray’s name and email address. This time he put the email in the body of the message. This one is easier to catch as the email address in the message body does not match the senders address.

Phishing Email With Link

Example 1

Unknown/Unrecognized Sender

In this example, the domain name “emailnotificationz.com” is misspelled. Additionally, any account deactivation will come from ASRT IT department with our domain ending in “asrt.org”.

Threats

Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message.

Suspicious Links

Hoovering over a link can expose the website you will be redirected to. If you do not recognize the domain name (ex. “employeeportal.net-login.com”), DO NOT CLICK. If the link is malicious, the website will typically be unsecure and have a URL that leads with “http” rather than “https”.

http://employeeportal.net-login.com/xcmvnjaxbqzwa50-x2lktoqynd3dsnaq2gmz-ijyq1woywolnbl9wyd-5fq9mtc5sntg4nyzhy4rp-b239y2xpy2smdxjspqd0dhbzo-i8vc2jdxijlxz1sbvyzm0og3=

Urgent call to action

Creating a false sense of urgency is a common trick of phishing attacks. But this is an uncommon practice of ASRT. This should prompt you to reach out and double check with ASRT IT department.

Impersonation

Identifying executives or members of management team is easily done by scanning an organizations website. ASRT has a Staff Listing page on our website. Although email addresses aren’t listed, hackers understand it is common for organizations to utilize a standard convention such as first initial, last name followed by the domain name.

Unknown/Unrecognized Sender

If you receive an email from an email address you have not heard of, pause it may be a phishing attempt. The portion after the @ symbol is referred to as the domain. Do you recognize this domain? In some cases, if you are unsure and the domain does sound like someone you have worked with, open a web browser and access your account directly. From there you can look for any requests from the specific vendor.

Suspicious Links

If you suspect that an email message is a scam, don't open any links you see. Instead, hover your mouse over the link, but DO NOT CLICK, the link to where the link is taking you. Specifically look after the https://. Is this a site you recognize? If not do not access the link.

Urgent Call to Action

If you are presented with a message stating action must be taken immediately, think twice. This tactic forces you to believe you have to act quickly and will not research the rest of the email.

Impersonation

Most phishing attempts will impersonate a specific department, or individual within your company. Many scammers will research a company looking for those who hold high positions in the company. Does the signature match the from email address? Does the request they are making seem like something they would normally request from you? If you are suspicious, open a new email message and message this individual/department directly.

© 2022 American Society of Radiologic Technologists