CNCounty News

MS-ISAC: Phight the phish by learning to identify malicious emails

Upcoming Events

Conference

NACo AI South Regional Forum

Related News

Advocacy

County Countdown – December 16, 2024

Image of MISC.png

Key Takeaways

October is Cybersecurity Awareness Month, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) wants to help empower the community with information on how to combat a cyber-attack known as phishing. Phishing is when a cybercriminal sends an email that aims to trick the recipient into providing personal information or into becoming infected with malicious software that can steal such information or cause other forms of damage. The cybercriminal will often purport to be sending this email from a trusted or legitimate source, such as a known business or organization that you may commonly deal with.

Tactics used in phishing attacks commonly aim to lure you into opening attachments, responding with personal information, or clicking links that download malicious software or bring you to a fraudulent form for collecting your information.

Persuasive language and a sense of urgency are common ways that cybercriminals capture attention and accomplish their malicious goals. Common examples include fraudulent shipping notifications, false fraud warnings on your account, requests to verify information on your account, or offers that seem too good to be true. 

Below are a few steps you can take to identify and appropriately react to Phishing emails.

  • Check the email address of the sender. Carefully examine if the sender’s email address is correctly spelled, as attackers commonly may use a special character or one-letter spelling mistake to approximate a legitimate looking email address.
  • Hover over links to see where they really go. By hovering your cursor over a link, you can see the address it will really take you to rather than simply what the displayed text says. Avoid clicking shortened links, especially when received from untrusted sources, as they cannot be easily examined in this way.
  • Avoid opening attachments. Don’t open attachments from untrusted sources and be wary of ones you are not expecting to receive from known contacts.
  • Don’t share personal or private information over email. Especially do not provide such information in response to an unsolicited email you received.
  • When in doubt, contact the real organization or sender! If you aren’t expecting the email, it asks for personal information or credentials, or it seems suspicious, contact the person or organization through known contact methods. For example, if the email states it is from your bank and they urgently need to speak to you, call them through the customer support line you have used in the past or is publicly listed, not via the method referenced in the email.
  • Report phishing emails. Report suspicious emails received at work to your Information Technology (IT) help desk or contact. Emails you receive personally can always be reported to www.ic3.gov.

Additionally, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has created a guide linked below to educate people on how to identify, understand, and safely or securely react to such attacks. The link to other CISA Cybersecurity Awareness Month resources is also below:

Image of MISC.png

Attachments

Related News

Artificial intelligence
County News

Podcast: Artificial intelligence and county government

Shinica Thomas, a Wake County, N.C. commissioner and a member of NACo's AI Exploratory Committee, talks about her process for learning about artificial intelligence, its limits and challenges and some applications for use in county government.

THE_County Countdown_working_image-4.png
Advocacy

County Countdown – December 16, 2024

Every other week, NACo's County Countdown reviews top federal policy advocacy items with an eye towards counties and the intergovernmental partnership.

AI Capitol Hill
Advocacy

NACo Publishes 2025 AI Policy Priorities Primer

On December 4, NACo published its Key AI Policy Priorities for Counties for the 119th Congress, building on the policy platform proposals voted on and passed at NACo’s 2024 Annual Conference.