MCC Daily Tribune Archive

Sophisticated Phishing Scams


We have all seen the phishing email scams.  Recently, cybercriminals have been using more cultivated phishing techniques to trick users into revealing personal information.

This new class of sophisticated, large-scale phishing is called 'longlining.'  Longlining refers to the practice of deploying miles-long fishing lines with thousands of individual hooks to ensnare the catch. The one that has made its way around MCC is the one that contained an attachment named "invoice.PDF" or "invoice.zip" that appeared to come from a trusted source.

In many cases, the targeted employees customarily dealt with invoices, so the request would not seem too out of place. When the attached invoice document is opened, a remote access malware that steals information is installed on the victim's computer.

What should you do when you suspect you have a phishing email? 

1.            Think before you click on it. 

2.            If the email is vague and you're not sure what the email is about, then call the sender to make sure it is legit.

3.            Never input personal information into URL links you received in an email.

4.            Delete the email from your inbox and then again from the deleted items.

5.            Help spread the word in your department, letting other co-workers know.

6.            Call the Tech Support line 292-8324 and report the phishing email.

To read more about Phishing Scams, see this month's Cyber Security Newsletter.

Donna Pogroszewski
Communications and Network Services
06/01/2015


Attachments:
icon Phishing Scams.pdf