Wiki source code of Podvodné zprávy - phishing
Last modified by Denisa Wernerová on 03.08.2023 12:55
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
74.1 | 1 | **Do not try to fight phishing on their own, because in many cases it can disrupt the already established and proven practices of our security team at the Technical University.** |
| |
16.4 | 2 | |
| |
74.1 | 3 | **If you read the message with many hours delay (more than about 12 hours), usually already we know about this incident and there is no need for us to report news!** Please forward fraudulent messages to abuse@vsb.cz immediately after delivery to your inbox. Thank you for your understanding. |
| |
66.10 | 4 | |
| |
74.1 | 5 | Report to us only fraudulent messages. Security team at the Technical University **do not solve common spam messages**, such as supply of Viagra pills, advertising messages and messages with infected attachment. |
| |
16.4 | 6 | |
| |
74.1 | 7 | === Content: === |
| |
37.1 | 8 | |
| |
74.1 | 9 | * [[What is phishing>>||anchor="what-is-phishing"]] |
| 10 | * [[How to recognize a phishing>>||anchor="recognize-phishing"]] | ||
| 11 | * [[Read carefully and use common sense>>||anchor="phishing-sense"]] | ||
| 12 | * [[How you can help>>||anchor="how-to-help"]] | ||
| 13 | * [[What can you do to protect your account security>>||anchor="protect-account"]] | ||
| 14 | * [[I responded to a suspicious message>>||anchor="responded"]] | ||
| 15 | * [[Samples of fraudulent messages>>||anchor="samples"]] | ||
| |
37.1 | 16 | |
| |
74.1 | 17 | {{id name="what-is-phishing"/}} |
| 18 | **What is phishing** | ||
| 19 | These are a fraudulent e-mail messages or web sites from which attackers want to lure users of confidential information such as login accounts, PIN to cards, etc. | ||
| |
29.1 | 20 | |
| |
74.1 | 21 | {{id name="recognize-phishing"/}} |
| 22 | **How to recognize a phishing** | ||
| |
29.1 | 23 | |
| |
74.1 | 24 | * With graphic design of the message attackers are trying to give the impression that the message was send by an organization whose clients are attacked. |
| 25 | * Text can look like information about non-payment, call for verification of the password validity or its change or as client satisfaction research with a service. | ||
| 26 | * In the message text is a link which should look that it is directed to the websites of the organization (bank) but on closer examination you find out that it is linked to somewhere else and there are fraudulent websites. | ||
| 27 | * In the browser address line is showed different address than address of the organization whose clients are attacked. Sender address can also be from different domain than websites of the organization (you see it after showing head of an email). | ||
| 28 | * Message/form encourages you to share information that would not be required by the organizaton. | ||
| |
23.1 | 29 | |
| |
74.1 | 30 | [source: [[http:~~/~~/www.hoax.cz/phishing/>>url:http://www.hoax.cz/phishing/]]] |
| |
16.2 | 31 | |
| |
74.1 | 32 | {{id name="phishing-sense"/}} |
| 33 | **Read carefully and use common sense** | ||
| |
18.1 | 34 | |
| |
74.1 | 35 | * //You win one million pounds!// |
| 36 | Did I bet? | ||
| 37 | * //Pay the bill!// | ||
| 38 | Did I ordered something? | ||
| 39 | * //Your inbox is full!// | ||
| 40 | I greased e-mails last week. Could I really fill inbox so quickly? | ||
| 41 | * //Send us an additional personal information, otherwise we will ... !!!// | ||
| 42 | I have no agreement with the organization and I did not want anything. | ||
| 43 | * //Tell us your password, your administrator!// | ||
| 44 | At CIT they are far more privileges than I am (an ordinary user). | ||
| 45 | * **So this is not!** | ||
| 46 | ** Do not write your password on the bottom of the screen and for sure do not tell it anyone. | ||
| 47 | ** When someone imitate my signature, I will give it a criminal complaint, but the electronic signature that is just such a crazy farce IT guy. Something like a computer game. | ||
| |
19.1 | 48 | |
| |
74.1 | 49 | {{id name="how-to-help"/}} |
| 50 | **How you can help** | ||
| |
19.1 | 51 | |
| |
74.1 | 52 | * Forward to us every suspicious message by email on [[abuse@vsb.cz>>path:mailto:abuse@vsb.cz]] and attach also the source code of the message (see guides for [[Outlook 2016>>doc:uzivatel.email.exchange.outlook-2016.outlook2016-zdrojovy-kod.WebHome]], [[Thunderbird>>doc:uzivatel.email.postovni-klienti.mozilla-dalsi-navody.thund-zdroj-kod.WebHome]], [[Roundcube>>uzivatel.email.roundcube.zdrojovy-kod.WebHome]], [[Office 365>>uzivatel.email.office365-mail.office365-zdroj-kod.WebHome]]). |
| |
14.5 | 53 | |
| |
74.1 | 54 | {{id name="protect-account"/}} |
| 55 | **What can you do to protect your account security** | ||
| |
1.3 | 56 | |
| |
74.1 | 57 | * please, report us suspicious messages immediately on [[abuse@vsb.cz>>path:mailto:abuse@vsb.cz]] and leave the message in the mail until you are asked (for case that you won't sent all necessar information), |
| 58 | * never reply to suspicious messages, | ||
| 59 | * don't click on links in suspicious messages, | ||
| 60 | * tell nobody and never your login and password. | ||
| |
42.1 | 61 | |
| |
74.1 | 62 | {{id name="responded"/}} |
| 63 | **I responded to a suspicious message** | ||
| |
42.1 | 64 | |
| |
74.1 | 65 | * change disclosed password immediately (see [[password change>>uzivatel.hesla.jednotne-heslo.zm-hesla.WebHome]]), |
| 66 | * don't be affraid and don't be shame we are happy and willing to help you. Please report us the situation and we also investigate if someone else has been also caught. | ||
| |
1.3 | 67 | |
| |
74.1 | 68 | {{id name="samples"/}} |
| 69 | **Samples of fraudulent messages** | ||
| |
1.3 | 70 | |
| |
74.1 | 71 | * View message head detail in the email client and check addresses. From and Reply-to. Don´t tell your login and password by email. |
| |
1.3 | 72 | |
| |
74.1 | 73 | **Example No. 1** |
| 74 | \\[[[[image:phishing.gif||style="vertical-align:middle"]]>>attach:phishing.gif]] | ||
| |
14.3 | 75 | |
| |
1.3 | 76 | |
| |
74.1 | 77 | **Example No. 2** |
| 78 | \\[[[[image:phishing_2.gif||style="vertical-align:middle"]]>>attach:phishing_2.gif]] | ||
| 79 | \\**Example No. 3** | ||
| 80 | \\[[[[image:phishing_3.png||style="vertical-align:middle"]]>>attach:phishing_3.png]] | ||
| 81 | **Example No. 4** | ||
| 82 | \\[[[[image:phishing_4.png||style="vertical-align:middle"]]>>attach:phishing_4.png]] | ||
| |
1.3 | 83 | |
| |
74.1 | 84 | **Example No. 5** |
| 85 | \\[[[[image:phishing_5.png||style="vertical-align:middle"]]>>attach:phishing_5.png]] | ||
| 86 | \\**Example No. 6** | ||
| 87 | \\[[[[image:phishing_6.png||style="vertical-align:middle"]]>>attach:phishing_6.png]] | ||
| |
1.5 | 88 | |
| |
74.1 | 89 | **Example No. 7** |
| 90 | \\[[[[image:phishing_7.png||style="vertical-align:middle"]]>>attach:phishing_7.png]] | ||
| 91 | \\**Example No. 8** | ||
| 92 | \\[[[[image:phishing_8.png||style="vertical-align:middle"]]>>attach:phishing_8.png]] | ||
| 93 | \\**Example No. 9** | ||
| 94 | \\[[[[image:phishing_9.png||style="vertical-align:middle"]]>>attach:phishing_9.png]] | ||
| |
1.3 | 95 |