Technology » Phishing 101

Phishing 101

Phishing 101
What is Phishing?
  • A phishing attacks is a popular form of cybercrime and a type of social engineering attack.
  • A social engineering attack involves manipulating someone (you) into into sharing private information, downloading malicious software, visiting unsafe websites, or sending money to cybercriminals.
Smishing Attack
What are the different types of Phishing?
  • Phishing by Communication Type
    • Email Phishing: The attack comes by email   
    • Smishing: The attack comes by text message (SMS)
    • Vishing: The attack comes by phone call (voice)
    • Social Media Phishing: The attack comes by a social media website or app
  • Phishing by Target
    • General Phishing: The attack has no specific target, but is sent to a large group of unrelated individuals with the hopes of tricking at least some of them
    • Spear Phishing: The attack targets a specific group or type of individual (like school employees)
    • Whaling: The attack targets a high level employee or administrator 
How can I recognize a Phishing Attack?
  • Where is it coming from?
    • Unusual Message from Familiar Sender: If the email looks correct but the message is very strange, this is likely a "spoof" email. It looks like it came from your real coworker or supervisor, but it is actually being sent from another email address. Reach out to the individual at their official MPS email or phone extension to confirm.
Spoof Email
    • Unfamiliar Email from a Familiar Name: An email from [email protected] is most likely not from your principal. Reach out to the individual at their official MPS email or phone extension to confirm.
Phishing Email 2
    • First-Time Message from an Unfamiliar Sender: If you receive an email from an unfamiliar sender with a request for money or personal information, do not respond or comply. If they claim to represent a legitimate company or organization (Millville Public Schools), reach out to the company or organization directly.  
First Time Message

    • Message Marked as "External": Our IT department has protections in place to help you. Always look for the yellow banner. This will tell you if the email is coming from outside of Millville Public Schools!
Yellow Banner
  • What is in the message?
    • Generic Greeting: Is the message from your "supervisor", but they don't use your name? 
Generic Greeting
    • Spelling/Grammar Errors: Are there are a lot of errors in the message? Does it look like it's been copy-pasted or just badly written?
Spelling Errors
    • Strange Language/Tone: Is there something "not quite right" about the tone of the email? Does the language seem too casual or way over the top?
Strange Language
    • Request for Gift Cards or Money Transfer: Are you being asked to purchase gift cards or send money via app? Are they asking that you do it IMMEDIATELY?
Request for Money
    • Request for Confidential Information: Is the message asking for your social security number or banking information? Do you think a legitimate sender would ask for this by email?
confidential info
  • What is included?
    • Suspicious Links: Are you being asked to click a link with very little information or proof that it is legitimate? Does the link look strange or unexpected? (Tip: Hover your mouse -- Don't Click! -- over the link to see where it is actually taking you.)
First Time Message
    • Unexpected Attachments: Is there a strange attachment that doesn't look quite right? Did you get an email with no explanation as to why there is an attachment?
Phishing Email 2
    • Unfamiliar Account Information: Are you being asked to verify or make a payment on an account you don't even have? Chances are high this is phishing!
Unfamiliar Account Information