Beware of Email

Email is easily "forged", that is, an attacker can make an email appear to be from anyone, even people you trust such as your friend, your bank or your ISP.

Be suspicious of email. Do not open attachments you did not expect -- this helps avoid viruses and worms. Also, avoid clicking hyperlinks in an email. Instead, copy-and-paste the URL into your web browser. Phishing attacks often use hyperlinks to trick you into going to a malicious but legitimate-looking website.

Unexpected E-Mail Attachments

A popular way for viruses and worms (like W32/SoBig) to propagate is through e-mail attachments. Viruses and worms are clever. They can send themselves in e-mails that are forged to look like they came from someone you know and trust. Do not open unexpected e-mail attachments, no matter who they're from.

If in doubt, reply to the sender with a polite message asking "...did you intend to send me this?"

Phishing

A phishing attack is a type of "social engineering" where you receive a legitimate-looking email claiming, for example:

From: Your Bank
To: You
Subject: Account Alert!

...your withdraw of $10,000 needs approval... follow the link below... to take immediate action.
http://your.bank.com/login

If you were to click the link, you web browser would display a convincing, legitimate-looking, but completely bogus site. You may be asked to enter passwords, account numbers, etc. which end up in the hands of the attacker -- making you a likely victim of identity theft.

Learn to recognize a phish. Please read the Top 10 Tips for finding a Phish from www.mailfrontier.com. Then take the MailFrontier quiz.