Can you spot the
warning signs?
This is an example of a phishing email sent to
Dr. Michael Brandon, Medical Director of St. Mary’s
Primary Care Associates (PCA), pretending to
be from HR manager, Mary, asking to confirm
some personal information.
Read on for what
signs make this
email phishy.
Display names can be spoofed by
cybercriminals. Blindly hitting “reply”
without taking a second look at the
recipient could put sensitive
personally identifiable information
(PII) in the hands of hackers.
Mary.C @ stmarys.org
Michael.F @ stmarys.org
If something about the text of
email feels off, even if it seems to
come from a trusted source, you
should follow your gut. You know
your company’s procedures, so
ask yourself: is this the way we
do business?
Actually, follow-up outside of
email (such as a phone call) may
be warranted for requests of this
nature. If personally identifiable
information (PII) is at stake, extra
precautions are warranted.
8
Notice the conspicuous lack of links
in this particular spear phishing
attempt. Some phishing emails, such
as those targeting an individual, will
simply request information, relying
on a blind “reply” to acquire the
desired data.