AgriLife Information Technology

Menu

Common Phishing Tactics

AIT Security Blog Michael Foggitt

Phishing is…

the crafting of an email that appears real to trick you into clicking a link in an email or share sensitive information with a malicious party

Mimicked Login Sites

The most common phishing emails seek to create urgency by warning you about an impending negative event such as:

  • Your password is about to expire
  • Your cloud drive is full
  • You have an invoice or receipt to review

Clicking on the links in these emails redirects you to a website that appears to look exactly like the Microsoft login page. This page is designed to harvest the username and password you enter.

Compare the 2 images below for example:

The left image is what the AgriLife Office 365 login looks like. The right image is an example of a site that is designed to collect the username and password you enter for malicious purposes.

Note the different website addresses- the address on the right is a clue that reveals it is a phony page, and you should not enter any credentials. The link does not go to login.microsoftonline.com but goes to objectstorage.eu-frankfurt-1.oraclecloud.com instead.

In this particular case, any credentials you enter will be incorrect, and you will not be able to log in.

You may receive an error message that states you could not be logged in, with a generic reason, such as “Sign in attempt timed out.”

Spoofed Supervisor’s Email

Another common phishing tactic malicious parties are using is to identify the department or organization’s structure based on information from a public Contact Us, About Us, or Staff page commonly found on websites.

  1. Find a supervisor or manager from a website
  2. Send an email with no links or attachments, but with the supervisor’s name (known as spoofing,) to another employee found on the website
  3. If the recipient replies to the “supervisor” then the spoofer may explain that they need a gift card, money order, PayPal transfer, or other transactions. They might also ask you to run an errand for them.

The sender name may have your supervisor’s name, but the actual sender’s email address will be able to help you determine if it is actually your supervisor.

Emails like this are likely not blocked initially because of their lack of malicious attachments or links. Knowing how to spot these emails early will help keep you and your accounts safe, and allow you to report them as phishing.

Report Phishing Emails

You can report phishing emails 24/7 from Outlook. This will add the sender’s email address to your blocked senders’ list.

This process takes 2 steps and roughly 30 seconds:

  1. Click on the Report Message button in the Home tab of your Outlook ribbon
  2. Specify whether the email is Junk or Phishing
  3. Click on Report