SHP Staff Dashboard

Email & Web Safety Best Practices

We are sharing some best practices to help you understand when someone is malicously trying to trick you into sharing your access to email and or personal data.

If you are unsure, don’t click on anything and share the email or page with our team by emailing: it@shpbeds.org

What is Phishing?
Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. It is called phishing as the bait can be subtle and looks very much like something official from your bank, eBay, Facebook, etc…

 

Here’s what to look for and how to protect yourself from phishing attempts.

Don’t Trust the Logos.
Almost all of these scams look real by using the graphic logos, fonts, and colors used by real companies in their counterfeit emails.

“Dear Valued Customer…”
Instead of your name or unique user ID a generic greeting is used. If it really was Paypal, for example, the greeting would be “Dear (first name, last name)”.

Text / Link Don’t Match
If you hover your mouse pointer over the link text the underlying webpage will appear in a mouse-over window (usually in the lower left corner of the browser). Try it here. Go ahead and click on this link and see Friendface.com If the email says “click here to log into Facebook” but the webpage is some unfamiliar name like zcaszicdCd.com it’s probably a phish. Don’t be fooled by what shows in the email; the web page may be totally different.

Misspellings
Slightly misspelled domain names often go unnoticed. “EBAV.COM” looks a lot like “EBAY.COM”, doesn’t it? But the “ebav” domain is someone else’s site, and you don’t want to go there.

DON’T WAIT !!!!
Pressure to do something NOW is a favorite phishing tactic. “Reply with your password within 24 hours or your account will be deleted!” No legitimate business will make such a demand. Things like “Send money to cover processing” of your alleged lottery winnings is another clue.

Friendly Phish
These appear to be from someone you know personally. Perhaps your cousin’s Facebook account has been hijacked and was used to send you a phish. Email accounts can be spoofed to make it appear that it is coming from an @shpbeds.org account. If it doesn’t sound like your cousin or Amy, Luke or Matt 🙂 pause before you reply or do what “cousin” says.

Your Car Warranty
Phone phishing relies on the unreasonable yet actual tendency to trust telephones more than the Internet. The phish may instruct you to “Please call this number to speak with a customer service rep.” These are often answered by an automated system that wants to confirm personal information, bank information, Social Security number “for verification” before transferring you to a customer service rep and then just hanging up.

Hmmmmm ?
When in doubt, just ask us! We can’t stress this enough. We’re more than happy to take a look at any message you receive to check its legitimacy and make sure that you are protected! We can be reached at it@shpbeds.org