4.4.11. Phishing messages

Attention!

The information in this article is for guidance only and is not intended to be an exact and complete instruction. This article describes only general recommendations, each situation should be considered individually.

Phishing is a type of fraud that aims to obtain sensitive data for further use by third parties. Phishing is often spread through emails that contain important or highly attractive content. For example, phishing aimed at obtaining mailbox logins and passwords is very common. For this purpose, emails are sent out informing about the need to verify or check the disk quota in a mail service. The message itself will contain a link or button directing to a full or partial copy of the authorization page of the target service.

Precautions

It is often difficult to determine whether an email is phishing or not, so you should follow certain rules when dealing with emails that explicitly or implicitly request sensitive information:

  • You should be extremely attentive to messages that explicitly or implicitly ask you to enter confidential data on some page. No service will ask for data that has already been provided earlier, so such a message is most likely to be a phishing email.
  • You should always double-check the links provided in emails. If you receive an email from adm.tools, but the link in the message points to service.tools, it is better not to follow it and instead go to the official site of the service from which the email supposedly came, where you can double-check all the necessary actions or contact technical support for more information.
    Tip When you hover over a button or link in the lower left corner of your browser, the full link will be displayed and you will be followed.
  • It is recommended to pay special attention to messages sent from supposedly trusted persons. Some domains do not have SPF records, so it is quite realistic to send emails with substitution of their domain, so it is better to check with the sender via other communication channels regarding the received message.
  • If the message was sent from the same mailbox it came from, or from the same domain, you should check it in more detail.
  • Do not download suspicious files, no matter what extension they have. This rule does not only apply to Windows devices, nowadays a huge amount of malware exists for all platforms, including macOS, iOS, Linux, Android and others.
  • Emails that include the recipient's personal information do not always mean that intruders have access to any sensitive data, so it is better to put such emails in spam. This rule applies especially to messages that threaten to hack or spread information. An attacker who has access to personal information will not ask about its further use with extortion, especially since a huge part of personal information can be found on the Internet, mostly in public sources, such as site contacts or personal pages in social networks.
  • Try to post as little personal information as possible that can be used for phishing.
  • You should always set the highest antispam level if possible. Antispam tools can reject a large number of suspicious messages.
  • Suspicious or obviously phishing emails received should be placed in spam and the sender should be blocked. On our hosting you can do it with blacklist, filtering messages in WebMail.Online and WebMail classic.

Correction of consequences

If you are a victim of phishing, you should take action as soon as possible:

  • Security of the account on the hosting:
  • Change all passwords you use:
  • Do not set identical passwords or passwords that contain personal data (year of birth, first name, last name, part of the phone number, etc.). There is a separate field for such passwords — social engineering.
  • Recall which sites or services used data that may have been stolen and change them as a matter of urgency.
  • If possible, set up two-step authentication in all other services you use.

See also

Content