- This topic has 4 replies, 4 voices, and was last updated 2 weeks, 6 days ago by
.
-
Posts
-
Dear participants, welcome to the forum discussion of PENETRATION TESTER course!
Please give us your answer/opinion about the following:
- How do you handle suspicious emails or messages in your inbox?
- How often do you update your passwords for online accounts?
If I receive a suspicious email or message in my inbox, here are some steps I can take to handle it:
Initial Evaluation: Begin by scrutinizing the sender’s details, subject line, and message content for any anomalies or signs of suspicion.
Confirm Sender Identity: Verify the authenticity of the sender’s email address to ensure it hasn’t been spoofed or compromised.
Content Examination: Analyze the email’s language, tone, and any requests for urgency or sensitive information, as well as attachments, for potential risks.
Check Links and Attachments: Exercise caution when interacting with links or downloading attachments, verifying their legitimacy by hovering over links and inspecting file types.
Utilize Security Measures: Make use of email security features and anti-phishing tools to automatically detect and mitigate potential threats.
Prompt Reporting: Report any suspicious emails to the appropriate IT or security personnel promptly to prevent further exposure to risk.
When I receive suspicious emails or messages in my inbox, I exercise caution by carefully scrutinising the sender’s address, examining the content for any red flags such as spelling errors or urgent requests for personal information, and refraining from clicking on any links or downloading attachments from unknown sources. To remain on top of popular phishing strategies, I use email filtering software and update my cybersecurity skills on a regular basis. When it comes to upgrading passwords for online accounts, I make it a point to do so on a regular basis, usually every few months, to improve security and reduce the danger of unauthorised access.
Changing passwords is generally advised, ideally every few months, especially for important accounts like social media, email, and banking. Changing passwords on a regular basis reduces the possibility of unwanted access brought on by prospective data breaches or password compromises.
Suspicious emails or messages are often filtered out and don’t appear in my email inbox but in the client’s spam folder. However, if there are emails that catch my interest or if a suspicious-looking email does make it through into my inbox, I view the original raw message to examine the email headers, looking for telltale signs of malicious content or intent. I continue with reviewing the email body. Under all circumstances, I avoid double-clicking on an email attachment or opening any included hyperlinks unless I’m confident they aren’t malicious.
Characteristics I look out for include urgency, poor grammar and/or typos, spoofed email addresses, HTML designed to impersonate a legitimate brand, link manipulation, and attachments.
Tools like PhishTool (https://www.phishtool.com/) and other utilities such as https://mailheader.org/ can assist in the analysis. However, I rarely delve deeply into these tools and instead discard what appears suspicious rather quickly. If curiosity takes over, I use the mentioned tools and check the sender’s IP address with https://ipinfo.io/, for instance, or run a quick reputation check at https://talosintelligence.com/reputation. There’s a lot that can be done in handling suspicious emails, but the first and most important step is for the warning bell to go off before clicking or downloading anything. Suspicion must kick in prior to any potential harm.
In the event that an attachment needs further examination, I would create a hash of the attachment and verify it with VirusTotal to see if it has been flagged as potentially malicious or overwhelmingly safe. However, the results do not guarantee that I would blindly open the attachment. If my gut feeling persists because the entire message is unsolicited, I won’t open the file and will simply discard the message altogether.
- You must be logged in to reply to this topic.