Email - Fool Me Once...

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
47 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:03
>> Now to protect ourselves against phony emails,
00:03
we really need to apply
00:03
the same information that we
00:03
learned in social engineering,
00:03
because this is one of the main ways that
00:03
social engineers trick us and they persuade us to
00:03
click on links in emails that lead
00:03
us to corrupted sites that may
00:03
infect our systems or they have us
00:03
open up attachments that contain malware inside.
00:03
Ultimately, this is one of
00:03
the easiest ways to distribute
00:03
malware and to persuade someone to
00:03
give out information that they
00:03
really should not give out.
00:03
Phony emails, often we hear about spam,
00:03
we hear about email hoaxes,
00:03
and we hear about phishing.
00:03
Spam really overwhelms our inboxes
00:03
and the problem with that is it can wind up
00:03
causing a denial of service attack on
00:03
our mail servers just because they're
00:03
so inundated with these messages,
00:03
and they really are a tremendous nuisance.
00:03
Now, hoaxes spread via e-mail,
00:03
where I send misinformation,
00:03
anything for this email and
00:03
Bill Gates will give you a dollar
00:03
or a $1000 or whatever,
00:03
to more serious request,
00:03
if you provide us with your banking information,
00:03
we'll send you a check immediately.
00:03
The biggest things that we can do to
00:03
protect ourselves against compromise with e-mails,
00:03
stop clicking on links in email messages.
00:03
There is no good reason today,
00:03
when you're in your email program,
00:03
to click on a link.
00:03
If they tell you
00:03
your banking account has been compromised,
00:03
then go to the URL field,
00:03
enter your bank's address,
00:03
and go through their webpage.
00:03
Don't go from your mail to any direct access.
00:03
That's one of the most common tricks in
00:03
the book that attackers use for misdirection.
00:03
Don't click on links in emails.
00:03
Many times when you do that or if you get
00:03
infected with a virus from opening an attachment,
00:03
what happens is your email address book is then used to
00:03
forward the virus or the malware out to
00:03
everybody in your address book coming from you.
00:03
The thing that's so sinister about that is now I
00:03
get an e-mail from somebody that I trust,
00:03
telling me to click on a link,
00:03
so we're still very vulnerable to that.
00:03
Stop clicking on links in emails,
00:03
even if they purport
00:03
to come from somebody you know or somebody you trust.
00:03
Always check the e-mail address.
00:03
A lot of times you'll see a message
00:03
that says it's from Yahoo customer service,
00:03
whatever, and then if you hover your mouse over it,
00:03
you'll see that the address is
00:03
actually something totally different.
00:03
That's a very quick,
00:03
easy way to verify that this is a rogue e-mail,
00:03
this is something that's being spoofed.
00:03
Don't download files that you haven't solicited.
00:03
If somebody sends you
00:03
a spreadsheet or sends you a document,
00:03
be very careful with it.
00:03
Check with the source, make sure it's legitimate.
00:03
Check to see if it's digitally signed.
00:03
Many organizations have a policy not to download or
00:03
open attachments that are digitally signed.
00:03
Run your antivirus software scan to make
00:03
sure that the attachment isn't corrupted with malware.
00:03
Other things for mail that you know,
00:03
that should trigger your instinct
00:03
that these are not legitimate,
00:03
look for poor spelling,
00:03
bad grammar,
00:03
anything that starts hitting you up for money.
00:03
You can usually be pretty sure
00:03
that that's a phishing email.
00:03
Be very cautious with what you do in your e-mail
00:03
because you have the potential
00:03
not just to affect your system,
00:03
but to affect the other systems on your network.
00:03
One more time, stop clicking on links in emails.
00:03
Don't do it.
Up Next