Phishing Game – How smart are you?

Did you know that 91 percent of all hacking attacks begin with a phishing email?  Fraudsters send fake emails or set up fake web sites that mimic LCC’s sign-in pages (or the sign-in pages of other trusted companies, such as eBay or PayPal) to trick you into disclosing your user name and password. This practice is sometimes referred to as “phishing” — a play on the word “fishing” — because the fraudster is fishing for your private account information.  Other fraudsters are trying to get you to visit malicious web sites or open a malware-infected attachments.

Once they gain access, they can use your personal information to commit identity theft, charge your credit cards, empty your bank accounts, read your email, and lock you out of your online account by changing your password.  They will take control of your computer and scan the network, join a bot net, or sit and listen for your keyboard activity…passwords, bank account details, and credit card numbers.

Last week, several LCC employees received the following email…how many ‘red flags’ or suspicious items can you spot?

From: Sharon McPherson [mailto:badguy@yahoo.com]Sent: Friday, June 12, 2015 9:42 AM
To: youraddress@lcc.edu
Subject: My Resume

Good day.

I witnessed your website today Fri, 12 Jun 2015 and found it very interesting.  I was praying there was any possibility of employment, just to prove my competence.

As you will see in my CV, I am very qualified and have a very broad experience in this line of employment. I am confident it will be worth your time reviewing it, and I am even more positive you will find me very appropriate in your business. Please see my attached CV.
I’m very much looking forward to hearing from you.

Many thanks,

Sharon McPherson

Did you find 6 red flags?  Let me explain:

  • Unfamiliar sender from an unsolicited email
  • Sender asks multiple times for you to open the attachment
  • If you are not in HR, or work with resumes, then the email was sent to the wrong person
  • Poor grammar…’witnessed your website’
  • Email is from a ‘free’ email account (hotmail.com, yahoo.com, gmail.com, etc.)
  • No contact information in the email

If you had opened the email’s word attachment, and then enabled the marcos (which we did in a controlled environment), the document would appear to be a bunch of scrambled characters.  However, the malware would have immediately installed itself on your computer, started tracking your activity, and contacted a server in Bosnia with its’ status and ability to exfiltrate information.

I need all LCC staff and students to stay vigilant for this type of activity.  If you receive emails from an unknown sender and/or appear suspicious, please send them to the help desk (lcc1@star.lcc.edu) and we will double check them for validity (and we’ll do it very quickly!).

If you have any questions or need further info, please contact the LCC ITS division, Director of Information Security, Mr Paul H. Schwartz, schwarp1@lcc.edu.