recognize spam email (even if you trust the sender)
DESCRIPTION
This is a quick tutorial I made for my staff. Users have been getting a large amount of spam lately (most of which results from phishing scams). This small presentation will hopefully serve as a quick visual tutorial for recognizing the good from the bad, and more importantly how to tell if a trusted sender has been compromised.TRANSCRIPT
KNOW YOUR EMAIL SPAM
A Guide to Avoiding Compromising Your Email Account
Tuesday, February 25, 14
SPAMMY EMAILA message arrives like this, from a trusted source..
Tuesday, February 25, 14
THE GIANT RED FLAGSThe Click Here link is red flag #1
The disclaimer is red flag #2Is it written in your friend’s voice? No? Red flag #3
Tuesday, February 25, 14
WHAT TO DO?DO NOT “Click Here”
Respond to the sender letting them know they’ve been compromised, suggest they change their password
Delete the email - simply opening the email is fine, you are not compromised for getting itTuesday, February 25, 14
HOW DO YOU KNOW IT’S BAD?Here is what it looks like if you clicked on the link...
Looks ok?Look at the address in the address bar...
Tuesday, February 25, 14
GIANT RED FLAGNever sign in to a site who’s address looks like this
.ru if Russia’s country code, Russia is a hotbed of hackers/spammers
Tuesday, February 25, 14
WHAT IS A SAFE ADDRESS?The lock means the site is secure
The “s” in https means the site is secureThe fact google.com is in the address means it is the right place
Tuesday, February 25, 14
BAD LOGIN SCREENLook at the bad grammar in the opening line
Tuesday, February 25, 14
PROPER LOGIN SCREENEvery Google address will take you to the same screenA proper Google sign-in page will always look like this
Tuesday, February 25, 14
EVEN IF YOU ARE GAFEGAFE (Google Apps for Education)
If your domain has a specific login address (ie: mail.ps10.org) you will still get the standard Google screen but with the added pop-up regarding your domain
Tuesday, February 25, 14
BAD!Avoid!Leave!
Do not enter information here!Tuesday, February 25, 14
GOOD!This is what a proper screen & address looks like
Tuesday, February 25, 14
HOW THIS WORKS
• These spammer/hacker email links work like this:
• they direct you to their site
• you “sign in” giving them your username & password
• they now have access to your account
• they use your address book to send more spam
Tuesday, February 25, 14
KEEP IN MIND
• Remember:
• no harm in getting the email
• no reputable email will ever say “click here and enter your password”
• never enter your password on an untrusted site
• verify the site by looking at the address bar
Tuesday, February 25, 14
IF YOU DO GET COMPROMISED
• It happens, no one is completely immune
• Log in to your service at the main address (gmail.com, yahoo.com, etc)
• Change your password immediately
• Send an email to your contacts letting them know you were compromised, to ignore the spammy email from your account, and suggest they change their passwords too
Tuesday, February 25, 14
Created by Mr. Casal, 1/2014
CREDITSCreated by Chris Casal
Computer Teacher,Technology Coordinator, and PS10.org Google Apps AdministratorPS10 - 15K010
[email protected] / [email protected]@mr_casal
Tuesday, February 25, 14