THE DHS PHISHING IQ TEST PART 2 LEGITIMATE EMAIL V PHISHING EMAIL How do you know if an email is legitimate, or is a phony, phishing email? Take the.

• Slide 1

Slide 2 THE DHS PHISHING IQ TEST PART 2 Slide 3 LEGITIMATE EMAIL V PHISHING EMAIL How do you know if an email is legitimate, or is a phony, phishing email? Take the DHS Phishing IQ Test, and well show you what to look for in a phishing email. The best way to avoid getting phished is to NEVER CLICK ON LINKS IN EMAIL THAT ASK FOR YOUR IDENTIFYING INFORMATION. 2014 DHS IT Security & Privacy Training 2 Slide 4 LEGITIMATE OR PHISHING? 2014 DHS IT Security & Privacy Training 3 Which answer? Legitimate Phishing This email is supposedly from PC Magazine inviting the recipient to participate in a survey by clicking the supplied link. Slide 5 Putting the cursor over any of the links will show the full link, and these all go back to the senders website. Remember: don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender. 2014 DHS IT Security & Privacy Training 4 Slide 6 LEGITIMATE OR PHISHING? 2014 DHS IT Security & Privacy Training 5 Which answer? Legitimate Phishing This email is supposedly an invitation from a friend to view a youtube video by clicking on a link to the video. Slide 7 The receiver knew the sender, but was wary of clicking on the link. Clicking on the link brings a request for your cell phone number. If you provide it, phishers will have access to your cell phone account, and they can send spam and malware to your cell phone. (The receiver also received multiple copies of this email.) Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender. 2014 DHS IT Security & Privacy Training 6 Slide 8 LEGITIMATE OR PHISHING? 2014 DHS IT Security & Privacy Training 7 Which answer? Legitimate Phishing This email is supposedly from Southwest Airlines advertising a sale. The recipient is instructed to click on the link to go to the website. Slide 9 Southwest Airlines frequently sends these savings emails, but only if the recipient has gone to the site and requested to receive the emails. Don't use the links in an email to get to any web page if you suspect the message might not be authentic, if you don't know the sender, or if you did not request the information. 2014 DHS IT Security & Privacy Training 8 Slide 10 LEGITIMATE OR PHISHING? 2014 DHS IT Security & Privacy Training 9 Which answer? Legitimate Phishing This email is supposedly from CapitalOne bank and states the recipients online account has expired. It gives a link to click to renew the account. Slide 11 If youre not a customer, the email should be suspect from the beginning. If you are a customer, dont be taken in. This is a scam. Remember, don't use the links in an email to get to any web page if you suspect the message might not be authentic or you don't know the sender. 2014 DHS IT Security & Privacy Training 10 Slide 12 LEGITIMATE OR PHISHING? 2014 DHS IT Security & Privacy Training 11 Which answer? Legitimate Phishing This email is supposedly from Whos Who and informs the recipient he/she has been selected for inclusion. It asks the recipient to click on a link to verify information and accept the invitation. Slide 13 If you had clicked on the link on the previous screen, you would have been taken to this screen. If you complete this information and click Confirm, you have just given a scammer enough information to impersonate you. Remember: dont give out personal information in an email unless you have manually logged onto a website and you are sure it is authentic. 2014 DHS IT Security & Privacy Training 12