public:emai:senderverify

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
public:emai:senderverify [2023-07-11 15:08] marppublic:emai:senderverify [2024-01-12 15:09] (current) marp
Line 1: Line 1:
-====== Verify the real sender ====== +====== Verify the credibility ======
 **Better safe, than sorry.** See guide [[:public:emai:spam|Spam, Phishing and Malware]] and [[:public:emai:malware|Dealing with malware, spam, suspicious content]] **Better safe, than sorry.** See guide [[:public:emai:spam|Spam, Phishing and Malware]] and [[:public:emai:malware|Dealing with malware, spam, suspicious content]]
  
-Everytime you receive any email, verify the true sender. Regardless of detecting email as a suspicious by the spamfilter. How difficult it is and how to do it exactly depend on the email client. But shortly saying:+Be cautious, restrained, distrustful, safety is yours, next is only help. 
 + 
 +Five steps to verify the credibility of the message 
 +  - Verify the sender 
 +  - Verify the URL (web link) 
 +  - Verify the signature 
 +  - Verify the content 
 +  - Ask in doubt 
 + 
 + 
 +===== Verify the real sender ===== 
 + 
 +  * Everytime you receive any email, verify the true sender. 
 +  * Regardless of detecting email as a suspicious by the spamfilter. 
 + 
 +How difficult it is and how to do it exactly depend on the email client. But shortly saying:
  
   - See the complete address in the form of somebody@somewhere.domain We do not allow outside sender to spoof @cerge-ei.cz domain.   - See the complete address in the form of somebody@somewhere.domain We do not allow outside sender to spoof @cerge-ei.cz domain.
Line 12: Line 26:
  
 [[https://lifehacker.com/how-can-i-find-out-where-an-email-really-came-from-1190061668 |How to find the true sender in the message header]] [[https://lifehacker.com/how-can-i-find-out-where-an-email-really-came-from-1190061668 |How to find the true sender in the message header]]
 +===== Verify the link =====
 +  * Phishing often uses fake institutional pages, e.g. email login, internal web login, etc. The look could be fine, but the link goes elsewhere. __Check link before you use it.__
 +  * Sometimes the cerge-ei domain is spoofed in the path to increase credibility. The complete path and the home domain at the end are decisive.
 +  * There are also sophisticated techniques using a similar domain name (like a typo) or fonts where the letter looks correct but the name is actually different.
 +===== Verify the signature =====
 +  * The signature is a significant indication of the trustworthiness of the message. Unknown, unusual or impersonal signature should be grounds for rejection or at least deep distrust.
 +  * Unfortunately on the other hand, the signature could be easily stolen or spoofed. You must not fully rely on the authenticity of the signature.
 +===== Verify the content =====
 +  * Check the style, language and content of the message. Beware of manipulative methods and social engineering.
 +  * **Do not succumb a time pressure** [[public:emai:spam|Spam, Phishing and Malware]]
 +
  
 +===== Ask in doubt =====
 +Feel free to ask if you have any doubts and/or to report a suspicious or dangerous email.
  
  • /var/www/html/dokuwiki/data/attic/public/emai/senderverify.1689088106.txt.gz
  • Last modified: 2023-07-11 15:08
  • by marp