Indianapolis, In. — The Indiana Criminal Justice Institute was notified that some grantees are receiving “phishing” emails such as the one in the image at the bottom of this message. Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords and financial information by disguising as a trustworthy entity.
Phishing and malicious software or “malware” are becoming increasingly sophisticated, so it is important to keep your software updated and use available spam filters. But you are the last and most important defense against security threats.
Below are some questions you should ask yourself when receiving email messages.
- Do I know the sender? Does this look like a typical email from this person?
- Was I expecting this message? Was I expecting an attachment?
- Is the text in the subject line or message body alarmist, have spelling errors or offering a prize?
Phishers will try to conceal email and web addresses. In many cases, you can check the From: line or colored, underlined link by hovering your mouse pointer over without clicking it. The address will appear near your mouse pointer or at the bottom of the window. Verify the server name or domain that usually ends with something like .gov, .org or .gov and would be immediately followed by the first single forward slash (/).
State of Indiana websites typically have an in.gov domain. Emails from state employees will be formatted as “Lastname, Firstname” such as “Owens, Gabrielle”. Occasionally you may see trusted State of Indiana services, such as IntelliGrants or this GovDelivery email provider.
If you suspect an email is suspicious, do not open any of the attachments. Report it by clicking the Spam button, if your email provider offers one, or by notifying your Information Technology professional and then by deleting the message.
