OOPS, YOU CLICKED A PHISHING LINK!
Don’t worry, this is an IT exercise meant to train your skills to spot Phishing messages in the future. Your awareness is key for us, and your help identifying potential threats strengthens our overall security.
Criminals send phishing emails that appear to come from valid sources in an attempt to trick you into revealing personal and financial information.
| From: | info@packaging-dhl.com |
| To: | your@email.dk |
| Subject: | Shipment Document BL, INV and packaging list |
| Date: | 20.03.23 02:14am |
Dear John Doe
Please urgently confirm your DHL shipping documents
to see if your address is correct before we submit it to our outlet office for dispatch to your destination!
@2023 DHL International GmbH. All rights reserved.
If the text contains many errors, you should be careful. Also, look at the websites you are guided to and note whether the displayed menu actually works or if it generates error messages.
Whenever you are prompted to divulge personal data in order to update or verify a supposed account, you should be especially careful. Never enter personal or business username and password information on websites which were opened via a link in an email - unless you know its exact background and it corresponds to your company policy.
Even if you have received the email from your best friend, you should always remember that the message could be corrupt. Therefore, you should always be cautious. This also applies to emails from official organizations such as banks, tax authorities, online stores, travel agencies, airlines, etc. Even emails from your own employer are sometimes infected. Unfortunately, it is not so difficult to create imposter, phishing emails which appear identical to the real messages sent by legitimate organizations.
Sometimes the phishing emails and websites look just like the real ones. It depends on how well the phisher has done his “homework.” The links, however, are likely to be wrong, contain misspellings or lead to completely different pages (such as www.paypaul.com instead of www.paypal.com). If the page to be visited is a well-known site which you visit frequently, you can manually type the page address in your browser instead of clicking on the link.
If possible, do not open any emails from unknown senders. If you do, do not click any links contained in the message or at least move your mouse over the link to reveal the real target destination. Often the recipient copy ledger (cc:…) shows the email is being sent to numerous other recipients.
Be suspicious of emails which open with a generic greeting (such as using the non-personalized salutation To Whom It May Concern) or an inconsistent style (such as colleagues who previously addressed you on a first name basis are now using last names only). The same applies to messages that are suddenly written in a language different from the usual one.
Emails that call for an immediate reaction (such as, prompting for an immediate login to an account) convey a sense of importance and are typical of phishing attacks. A clear warning is when there is a hint in the email that the data must be entered within a short time period.
Files (for example, programs or even office documents) you receive via email may contain lethal malware. So remain cautious and only open emails that you expect and trust.
Keep in mind that when you click on a suspicious email, it is important that you contact our Service Desk immediately, for further analysis. Remember you are the main defense against a phishing attack.