Get best of the week

Corporate Email Correspondence Memo

I compiled a short memo, I hope it will be useful to you and your colleagues in countering social engineering and phishing.


Someone will say “button accordion”, someone will use it as a basis if there are no personal instructions for employees or they occupy dozens of pages.


By the way, by the type of activity, there were organizations in which not only employees do not know the basic rules of information security, but also hardware and software are vulnerable to the tricks of the “tricks”.


for instance

( ).
url, otvet.mail.ru .
«mail.ru@» url, .


image

Windows , Coinhive . https://google.com.mainer...1.ru, .


, .


In general, read, edit for yourself, use.


Signs you shouldn’t trust in letters:


  • in the text more than one error or squeak;
  • reference in the form of numbers. Example: 178.248.232.27;
  • the link contains the symbol "@"; Example: http: //bank.ru@phish.ru;
  • link with two or more addresses. Example: https://bank.ru/bitrix/rd.php?go=https://bitly.com/bank
  • letters with missing additional contacts (name, position, phone, mailing address);
  • if at the beginning of the address of the site is www, but there is no dot or dash. Example: wwwbank.ru or www-bank.ru
  • if at the beginning of the site address there is http or https, but no “: //”. Example: httpsbank.ru
  • when there are several points in the address of the site, see what is written on the right side, up to the first “/” character, there you will find the source site and if it is not familiar to you, the link is suspicious. Example: www.bank.ru.zlodey.ru/login?id=12/aa/bank.ru
  • email «» ;
  • «» -. : tele2.ru, , teie2.ru
  • , . , . : teIe2.ru, , , teie2.ru
  • “o” “0” L — “l”, i — “I” b d, (rn m, cl d, vv w) .. : 0nIinedank.ru onlinebank.ru
  • https:// — , ;
  • ;
  • .

:


  • , , . , , : , , , ;
  • .

:


  • https://www.browserling.com ;
  • «Test now»;
  • 3 , ;
  • The main thing is if you are asked to enter a username and password for anything or download something, leave the site. If the link was suspicious, then this all the more indicates that it is dangerous.

I hope the material is helpful. It can be freely used to raise the awareness of your colleagues as a base material, adjusting for yourself.


In the next article I will make a list of theses on how to distinguish between malicious attachments and an attacker sender. It turned out that not all users know that “.exe” can be hidden like this


image

I wish you and your loved ones indestructibility to the tricks of intruders.

Source: https://habr.com/ru/post/undefined/

More articles:


All Articles