Spear Phishing

Posted on January 25th, 2019 by

What is Spear Phishing?

Spear Phishing is the fraudulent practice of sending emails that appear to be from a known or trusted sender. The goal of spear phishing is often to elicit confidential information, or to have the recipient perform some action (e.g., clicking on a link or downloading an attachment).

What Should I Look For?

Anything that seems out of the ordinary. If you receive a message from someone you know that seems suspicious, check the sender’s email address. Often spear phishers will approximate the purported sender’s real name. If you receive a strange message from someone you know that is not from their recognized email address (for most cases, @gustavus.edu), please verify its authenticity before taking any action.

Take this Phishing Quiz to see if you can spot malicious messages:

How Does GusMail Help?

Google’s industry-leading security features allow them to catch 99% of all SPAM before it reaches your inbox. They use machine learning to continually update their ability to detect phishing and other fraudulent messages. If Google believes an email is suspicious, your GusMail will warn you. It will also alert you if you attempt to reply to a message that is not from an @gustavus email address. Click-time warnings for malicious attachments and other defensive features are there to protect you as well, but they are not always enough. Vigilance and good email habits are still necessary parts of your everyday email routine.

What Are Some Good Email Habits?

  1. Verify the sender’s email address is accurate.
  2. Mouse over any links to ensure they come from a recognized address–don’t trust the text in the email message!
  3. Never share confidential or personal information (including passwords) via email.
  4. Contact the GTS Helpline (x6111 or helpline@gustavus.edu) if you are unsure about any message.

Comments are closed.