Let's go Phishing!

Everyday millions of spam emails are getting by spam and firewall filters, and into the mailboxes of many unsuspecting users.  From claims of a wealthy Nigerian Prince, to sweepstakes winners, "magic pills" and many others litter the inbox, and all it takes is one end user to click on the email and either follow the instructions in said email, or a malicious link, which is what we are going to talk about today.Phishing is the act of stealing a person's credentials by leading them to a legitimate looking website when in reality, it is a fake page.  One example is an email claiming that your bank is going to close your account for non-payment of a non-existent tax, so of course one would panic and without thinking, click on the link and input their bank login.  Only when they do that, they inadvertently sent their login and password to a hackers email account, which alerted the hacker that another poor guy fell for a phishing scam, and the hacker promptly logs into the bank account using that person's login and can wire the money to a specially made account or split it up into many PayPal accounts to leave a longer digital paper trail.One way to tell your fellow employees to avoid falling for this scam is to scrutinize the email carefully and always with an air of doubt.  If there is one or more links in the email, a trick is to hover over the link and determine if it looks like a legit hyperlink.  For example, if you got an email from amazon, then the link should have amazon.com, not amazon-help.com.  The real address would be amazon.com/gp/help.Here is another example: You can see that the email appears to be from WellsFargo bank, and the hyperlink says wellsfargo.com-onlinebanking.com.  Obviously, this is fake, but where does it go?  Don't bother trying to find out; mark it as spam and delete it immediately."Always think before you do anything."