Written by: Magazine Team on June 19, 2017.
Phishing - how to manage it
Phishing - how to manage it: Change the password of all affected email accounts. Make sure all computers accessing your email accounts are free from viruses/malware/spyware. Use SSL encryption when sending and fetching emails.
Suddenly you notice many incoming emails that make you wonder why you are getting spam or you hear from some colleague that he or she has got strange emails that are sent from you. There are two important things that you should do to stop and prevent this situation:
1. Scan your computer for viruses
2. Change password for your email address - It is also recommended to change passwords for all email addresses on the same domain.
Why is this important?
Some short information about phishing can be found on e.g.
https://en.wikipedia.org/wiki/Phishing:
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim.
Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter personal information at a fake website, the look and feel of which are almost identical to the legitimate one.
Spoofing that is mentioned above is described in one of our earlier articles so you can read more about it here:
https://justfindit.se/magazine/?p=1799 .
The image is found on myonlinesecurity.co.uk . It shows an example of phishing email that was received from e.g. PayPal. But it was not!
An example of explanation information that different web hosts can give to their customers who have got problems with phishing is:
Suspending outgoing mail service because of this:
Spam/phishing email has been sent from one or more of your email accounts. This was done without your knowledge by someone that has gained access to your email account passwords. Confirmed affected accounts: emailaddress@yourdomain.com .
You must do following:
- Change the password of all affected email accounts
- Make sure all computers accessing your email accounts are free from viruses/malware/spyware
- Use SSL encryption when sending and fetching emails
Please be aware that we cannot be sure that we have identified all compromised accounts on your domain. If any other email account has been accessed from the same computer(s) as the affected ones listed above they are likely compromised as well. We strongly suggest that you change all email account passwords on your domain(s).
Please be aware that this most commonly happens through one of your computers having a virus that harvests login-information from your email client (such as Outlook) and sends it to a third party. Alternatively you have replied to an email asking for your login information while pretending to be some kind of web mail / online mail service authority. Please be careful when you receive emails such as that.
So as mentioned above, if you recognize yourself in this situation:
Please be careful when you receive emails asking for your login information. That will protect you and your email address much.
Back to the to previous page