The ANL Cyber office reports increased phishing activity, some of it pretty well executed. They’re taking advantage of the fact that it’s tax season to try to get you to open documents. Please be mindful of this when opening any documents.
Some good practices for you to engage in:
1) Do your best to keep your personal activity in your personal mailbox, rather than your ANL mailbox. This way, you’ll notice a red flag if see e-mail claiming to be from your bank e-mails but coming to your work address. Free personal e-mail accounts can be trivially obtained from Google, Yahoo, and Microsoft. Also, your internet provider usually provides an e-mail account you can use.
2) Look at the mail headers of any message you receive that purports to be from a trusted source. It might claim to be from somewhere you trust, but it really isn’t. And, trust me, I recognize the irony that Argonne broadcasts like Argonne Today don’t come from anl.gov servers. That being said, they also don’t come from some Italian ISP, so if you see that in the headers, it’s a sign.
3) And, the mantra we’ve always touted forever and ever, don’t open any attachments that you weren’t expecting or don’t know what they are. If in doubt, ask the sender via a trusted method. Or ask us. We’re here to help.
If you like goofy mnemonics or catch phrases, Cyber is touting "SEAR the phish". Where SEAR means Stop, Examine, Ask, Report.
Stop: Don’t panic and don’t be too quick to click on email links even if the message looks urgent and threatening. This is NOT a contest where being 1st to click wins.
Examine: Look at the email closely. Does the message look suspicious, does the link look unusual, does the request make sense?
Ask: Question the sender (if you know him/her personally). Check with the Cyber Office (email@example.com) to determine if the email is legitimate or not.
Report: Notify Cyber if you receive any phishing emails by forwarding it to firstname.lastname@example.org
Stay vigilant, folks! Thanks!