Phight The Phish!
Phishing is a method that cyber criminals use to trick users into unknowingly opening a malicious link or file. It’s also a way to convince targets to take an action, like changing an employee or vendor’s direct deposit accounts.
Key phishing red flags to watch out for:
- Mistakes in email, such as odd spelling
- Sent from GMail rather than Mass.gov
- Sent outside of normal business hours
- Requests an urgent response
- Threatens to lock your computer
- Acts like they know you
What You Can do to Phight the Phish
- Keep Your Guard Up! Review every email carefully and don’t follow links from senders you don’t recognize.
- Virus check all attachments, especially from outside senders. Have your IT scan, or save into separate folder and virus scan the folder. (Ask your IT staff how to do this!)
- Don’t trust any email or call without validation! Use internal information already on file to personally contact sender to validate request is legitimate!
- REPORT any suspicious email or call to your IT staff and supervisors immediately BEFORE any action.
- If IT staff or supervisors also think suspicious they should report through their incident response process and also notify [email protected].
As part of a strong cybersecurity awareness training program, send out these weekly Cybersecurity Tips of the Week to all staff and encourage them to follow our Cybersecurity tips on Facebook, LinkedIn, and Twitter.