<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" href="/style.css" type="text/css" /> <script type="text/javascript" src="/jquery.min.js"></script> <title>CERN Computer Security Information</title> <script type="text/javascript"> $(document).ready(function(){ // Menu highlight var path = location.pathname.split("/"); if ( path ) { $('#main_menu a[href*="' + path[1] + '"][class!="noselect"]').addClass('selected'); // path[3] = /security/<xxxxx>/ $('#sidebar ul.sidemenu li[class!="noselect"]:has(a[href$="' + path.reverse()[0] + '"])').addClass('selected'); } // Add icon to external links $('a[id!=logo-img]').filter(function() { return this.hostname && this.hostname !== location.hostname;   }).after(' <img src="/images/external_link.png" alt="external link" title="external link"/>'); }); </script> </head> <body> <div id="wrap"> <div id="top-bg"></div> <!--header --> <div id="header"> <div id="logo-text"> <a id="logo-img" href="https://home.cern/"><img src="/images/CERNLogo2.png" width="59" height="59" style="margin: 10px" alt="CERN Logo"/></a><div id="logo-text-big"><a href="/home/en/index.shtml" title="">CERN Computer Security</a></div> </div> <div id="header-logo"><a href="/services/en/emergency.shtml"><img width=335 src="/images/emergency.png" alt="Computer Emergencies"/></a></div> </div> <!--header ends--> <div id="header-photo"></div> <!-- navigation starts--> <div id="nav"> <ul id="main_menu"> <li><a class="noselect" href="/home/fr/index.shtml"><img src="/images/fr.png" alt="FR"/></a></li> <li><a href="/home/en/index.shtml">Home</a></li> <li><a href="/rules/en/index.shtml">Computing Rules</a></li> <li><a href="/recommendations/en/index.shtml">Recommendations</a></li> <li><a href="/training/en/index.shtml">Training</a></li> <li><a href="/services/en/index.shtml">Services</a></li> <li><a class="secured" href="/reports/en/index.shtml">Reports &amp; Presentations</a></li> </ul> </div> <!-- navigation ends--> <!-- content-wrap starts --> <div id="content-wrap"> <div id="main"> <!-- EDIT ME --> <h2>Bad Mails for You: "Phishing", SPAM and Fraud</h2> <p>Unsolicited email, commonly known as SPAM, is a growing problem across the Internet at large. Besides the annoying advertising of products, SPAM mails are trying to validate your email address or try to trick you in disclosing your password (so-called "Phishing"-emails for "password fishing"). In addition, some computer viruses often hide in emails or in their attachements, and place your computer at risk.</p> <p>CERN's email gateways classify around 98% of the incoming emails as SPAM. Still, such emails can reach you because distinguishing SPAM from intended email is not easy.</p> <p>If an email looks suspicious, <b> do not even open it</b> - just delete (from Outlook you can delete email using the right button of your mouse to select the message and then selecting delete). If you continue to receive unsolicited e-mail from the same sender then you can report this to <a href="mailto:spam-report@cern.ch">spam-report@cern.ch</a>.</p> <h4>"Phishing"</h4> <p>"Phishing" is an attempt to trick someone to reveal his password. Criminals use various phishing techniques to fool computer users. One of the technique is to send a fake e-mail, that looks like coming from a legitimate source (a bank, the employeer, the mail service, the helpdesk etc.) asking for a user name and a password. Another technique involves a similar e-mail that contains a link to a criminal-operated Web page that looks like a legitimate Web page of a bank, on-line service etc. - criminals hope that the victim will type his password on that Web site without realising that it is not the real, legitimate one. This is how attackers usually steal user passwords.</p> <p>Ever wondered how good you are at telling the difference between a legitimate website and one that's a phishing attempt? Take the quiz below to find out or try yourself whether you can <a href="http://www.opendns.com/phishing-quiz/">outsmart Internet scammers</a> (&copy; OpenDNS).</p> <p><div><center> <div id="game-container"><img src="/recommendations/images/phishing.jpg" id="game-link" width="90%"/></div> <script type="text/javascript"> $("#game-link").click(function(){ $("#game-container").load("/recommendations/images/phishing.html"); }); </script> </center> <center> &copy; OnGuard Online</center> </div></p> <h4>Examples</h4> <p>SPAM and virus emails can be disguised to trick you into reading the email and/or performing an action. Here are examples of some techniques to help you recognise them:</p> <ul> <li><b>Fake email addresses:</b> emails can appear to be from people you know or even from yourself. In fact, email addresses can be faked quite easily. Your own email address can appear in emails which you did <b>not</b> send, resulting in non-delivery messages or unexpected replies. If the email looks suspicious then <b>delete it</b> and <b>do not open</b> the attachments. If you are unsure then check with the sender first;</li> <li><b>Enticing subjects:</b> the email subject uses words to make you curious, believe the email is important, or specific to you, so that you will read it. It may even <i>appear</i> to be from someone you know. <b>Delete it</b> and <b>do not open</b> the attachments;</li> <li><b>Asking for your password:</b> emails can appear to come from the CERN Computer Support, the mail services or other bodies, and might ask to provide your password. These emails are named <b>"Phishing"</b> emails trying to "fish your password" (hence the word). <b>Do not reply</b>. No legitimate person will ever ask your for your password. Never; <li><b>Click on an embedded link:</b> if you click on a link which is embedded in your email, this can initiate a download of a virus, or lead you to a fake login page which tries to "fish your password". In addition, this can also be a technique to validate your email address and increase your chances of receiving more unwanted emails. If in doubt, <b>do not click</b>;</li> <li><b>Unexpected attachments:</b> such attachements might contain a virus or some other malicious code. If in doubt either delete the e-mail directly or obtain further details from the sender before opening the attachment. The safest way to read an attachment is to first copy it to disk and then open it using the appropriate program (Word, Excel, ...);</li> <li><b>Asking you to forward email to people you know</b>: this false information or the mail can contain a virus. If the email warns of a virus then it is almost certainly a <a href="http://www.f-secure.com/virus-info/hoax/">hoax</a>. <b>Do not forward</b> such an email;</li> <li><b>Join a petition or support a cause:</b> the petition or cause rarely exists. It is more likely that your email address will be collected and used for further SPAM mails (as sender or receiver). References to recent topical events are common techniques to make the false information look more realistic. <b>Do not forward or reply</b> such an email;</li> <li><b>Money scams:</b> one of many examples of false information are "money scams" offering you "a hell lot of money" provided you send them a few dollars for the transaction. Don't believe them, just <b>delete such emails</b>;</li> <li><b>"Response to your request":</b> an email may pretend that you made a request so that you will take it more seriously. Do not be tricked by false information. Just <b>delete the email</b>;</li> <li><b>"Remove from a list":</b> asking you take action to remove yourself from a mailing list which you did not join can be used to validate your address for (ab)use in the same way as petitions and causes. <b>Do not click or reply</b> in order to get yourselve removed. Just ignore.</li> </ul> </div> <!-- main ends --> <!-- SIDEBAR --> <!-- sidebar menu starts --> <div id="sidebar"> <h3>For All Users<br/> (Experts or Not)</h3> <ul class="sidemenu"> <li><a href="/recommendations/en/good_practises.shtml">Seven easy good practises</a></li> <li><a href="/recommendations/en/how_to_secure_your_pc.shtml">How to secure your PC or Mac</a></li> <li><a href="/recommendations/en/passwords.shtml">Passwords &amp; toothbrushes</a></li> <li><a href="/recommendations/en/2FA.shtml">Starting with multi-factor authentication</a></li> <li><a href="/recommendations/en/bad_mails.shtml">Bad mails for you:<br/>"Phishing", "SPAM" &amp; fraud</a></li> <li><a href="/recommendations/en/malicious_email.shtml">How to identify malicious e-mails and attachments</a></li> <li><a href="/recommendations/en/how_to_remove_malicious_browser_notifications.shtml">How to remove malicious browser notifications</a></li> <li><a href="/recommendations/en/working_remotely.shtml">Working remotely</a></li> <li><a href="/recommendations/en/connecting_to_cern.shtml">Connecting to CERN</a></li> <li><a href="/recommendations/en/ssh.shtml">Connecting using SSH</a></li> </ul> <h3>For Software Developers</h3> <ul class="sidemenu"> <li>Good programming in <a href="/recommendations/en/program_c.shtml">C/C++</a>, <a href="/recommendations/en/program_java.shtml">Java</a>, <a href="/recommendations/en/program_perl.shtml">Perl</a>, <a href="/recommendations/en/program_php.shtml">PHP</a>, and <a href="/recommendations/en/program_python.shtml">Python</a></li> <li><a href="/recommendations/en/password_alternatives.shtml">How to keep secrets secret<br/> (alternatives to passwords)</a></li> <li><a href="/recommendations/en/checklist_for_coders.shtml">Security checklist</a></li> <li><a href="https://gitlab.docs.cern.ch/docs/Secure%20your%20application/">GitLab CI Security Tools</a></li> <li><a href="/recommendations/en/web_applications.shtml">Securing Web applications</a></li> <li><a href="/recommendations/en/code_tools.shtml">Static code analysis tools</a></li> <li><a href="/recommendations/en/more_on_software.shtml">Further reading</a></li> </ul> <h3>For System Owners</h3> <ul class="sidemenu"> <li><a href="/recommendations/en/rootkits.shtml">Checking for rootkits</a></li> <li><a href="https://twiki.cern.ch/twiki/bin/viewauth/CNIC/WebHome">Securing Control Systems (CNIC)</a></li> <li><a href="/recommendations/en/containers.shtml">Securing Containers & Pods</a></li> <li><a href="/rules/en/baselines.shtml">Security baselines</a></li> <li><a href="http://linux.web.cern.ch/linux/docs/linux_exploit_faq.shtml"> The CERN Linux vulnerability FAQ</a></li> </ul> </div> <!-- sidebar menu ends --> <!-- content-wrap ends--> </div> <!-- footer starts --> <div id="footer-wrap"> <div id="footer-bottom"> &copy; Copyright 2024<strong> <a href="https://cern.ch/security">CERN Computer Security Office</a></strong> <table> <tr> <td id="footer-info-left"> e-mail: <a href="mailto:Computer.Security@cern.ch">Computer.Security@cern.ch</a><br/> Please use the following PGP key to encrypt your messages:<br/> ID: 0x954CE234B4C6ED84<br/> <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/429D60460EBE8006B04CDF02954CE234B4C6ED84">429D 6046 0EBE 8006 B04C DF02 954C E234 B4C6 ED84</a> </td> <td id="footer-info-right"> Phone: +41 22 767 0500<br/> Please listen to the recorded instructions. </td> </tr> </table> </div> </div> <!-- footer ends--> </div> <!-- wrap ends here --> <!--img height=30px src="/home/en/CERNfooter_800.png"--> </body> </html>