One of the newer forms of social engineering, phishing, involves creating and using emails, messengers, and websites designed to look like those of well-known legitimate businesses, financial institutions, and government agencies to deceive internet users into disclosing personal data or information.
Phishing scams typically operate counterfeit websites that trick consumers into revealing their personal and financial data, including social security numbers, bank and credit card account information, and details about online accounts and passwords.
Email and messenger attacks, such as spoofing, phishing, etc., can harm many users. An attachment might contain a "reverse-connected shellcode" in encoded form so that antivirus/EDR tools cannot identify it as a threat. However, when you click on it, the shellcode "reverse-connects" to the attacker's computer, thereby creating a valid session.
Please note that your firewall—even a security mechanism applied in the network—might allow a connection to be established.
Think before you click or open email attachments!
👮 What to Do When You Receive a Suspicious Email
Please be cautious when going through your emails. Test IO depends on your security awareness.
If you receive a suspicious email, check it for the following:
Do you know the sender?
Have you received an email from this sender before?
Were you expecting a message (particularly one with an attachment) from this sender?
Does the email header (sender, subject line, attachment names) make sense? Does it contain any strange characters?
Is it work-related, or did you initiate the action?
Does the name of the attachment seem to match the sender and the subject line? Does it contain poor spelling and grammar?
Does this email contain a virus? Your antivirus/EDR software will tell you this if it is installed, running, and up to date.
After answering the questions above, if you consider an unexpected email to be suspicious, you must know exactly what to do and what not to do.
You will find one interesting phishing attempt using email in the screenshot below.
❌ DON'T
You may receive emails even from your bank user asking you to update your account by clicking a link. The link in such emails will likely take you to a malicious website. Do not click such links!
Do not open attachments or run macros if you have opened an email from an unknown sender.
Do not respond to suspicious emails.
Do not forward suspicious emails.
Do not enter your credentials after clicking links.
Do not share your government ID information (passport number, driver's license number, etc.) with others.
Do not click links embedded in spam emails, even if they seem secure or correct.
✅ DO
The best way to deal with a suspicious or unwanted email is to report it by clicking the "Check SPAM/Malicious" button in Outlook or the "Report Phish" button in Outlook for Windows/Mac/iOS/Android and Outlook Web Access.
You can delete the malicious email after the Report Phish action is completed.