Date: 18.04.2020
Phishing warning
Based on the notice of the National Cyber and Information Security Authority (NÚKIB) and Cesnet, please be aware of “Phishing attacks” while working with e-mail messages.
Phishing attacks are increasing (“Phishing” see https://en.wikipedia.org/wiki/Phishing) and more attacks will take place. The most common consequence of such an attack is the encryption of the user’s data - not only locally on the PC but also on all available network folders - shared folders, backups, attached external drives, etc.. Another type of phishing attack is theft and misuse of credentials in electronic banking or email.
What to watch out for?
Sender - this is usually an address, which doesn’t make sense. Don’t check just the senders name, but the whole sender's full email address must be displayed in the mail client. Sometimes the sender's domain (part of the email address after @) is discreetly changed, even one letter. For example, instead of @bc.cas.cz, it could be @bc.caz.cz
Salutation and signature – is often neutral "Hello customer", "Dear user", "Hello clients"…and more. Signature at the end of the mail is often missing or meaningless again.
Email text - although Google translator is still improving, it's not perfect. You often find errors caused by imperfect translation (emails in Czech language).
Attachment or link - be careful here. If something does not seem right at the points above, do not open the attachment at all. It may contain malicious code that subsequently encrypts all data. The attachment file can only be masked, and is actually an executable file, such as "document.pdf.exe". In this particular case of a link, the actual landing page is different from the one displayed in the email. If you hover over the link, the actual address will be displayed as shown in the attachment. Never click or enter any login information if prompted.
Recommendation:
- check senders email address
- perform offline backups to external drives or flash drives which are not normally connected to the PC
- check for antivirus updates (Kaspersky antivirus)