News

Protection from phishing threats

  • Published
  • By Airman 1st Class Rachel Adams
  • 436th Communications Squadron
DOVER AIR FORCE BASE, Del. --  We sometimes forget how vulnerable we are to online threats. While you might feel safe behind a monitor or screen, you aren't.

Phishing attacks are one of today's top threats. Scam artists use clever and well-written emails to trick the recipient to release personal or confidential information. They often target things such as addresses, phone numbers or social security numbers. These emails have a sense of urgency about them that will persuade the reader into acting before they can think about the situation logically.

Phishing threats commonly seek to obtain personal information, incorporate threats to get the user to act with haste, and often use embedded links that redirect users to suspicious websites that appear to be legitimate. To avoid link manipulation, be mindful of the link name. Misspelled URLs, international domain names, or unsecure links are all things to look out for. These will lead you to websites that will appear legitimate. Never click on links you suspect to not be real.

A new report from the Ponemon Institute states "The average 10,000-employee company spends $3.7 million, or $395 per employee per year, dealing with phishing attacks." If you receive an email that urges you to act quickly, contains a generic greeting, asks for validation of information, includes heavy grammatical errors or asks for personal or confidential information, take a step back and ask for a second opinion.  A good practice to incorporate into your daily cyber vigilance is to utilize the R.E.A.D method.  Is your email:

Relevant?
Expected?
Addressed correctly?
Digitally signed?

Remember danger is closer than we think. It could just be one click away. Be cautious and double check with legitimate sources.  If you receive an email from your bank stating you need to give them current contact information, don't click on the link they provide. If there's ever a doubt that you received a phishing email, do your due diligence by reporting the email to your security manager or contact the institution directly to confirm if the email is legitimate. Protect yourself and protect our DoD enterprise network.