Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
public:emai:senderverify [2023-07-11 15:08] – marp | public:emai:senderverify [2024-01-12 15:09] (current) – marp | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Verify the real sender | + | ====== Verify the credibility |
**Better safe, than sorry.** See guide [[: | **Better safe, than sorry.** See guide [[: | ||
- | Everytime you receive any email, verify the true sender. Regardless of detecting email as a suspicious by the spamfilter. How difficult it is and how to do it exactly depend on the email client. But shortly saying: | + | Be cautious, restrained, distrustful, |
+ | |||
+ | Five steps to verify the credibility of the message | ||
+ | - Verify the sender | ||
+ | - Verify the URL (web link) | ||
+ | - Verify the signature | ||
+ | - Verify the content | ||
+ | - Ask in doubt | ||
+ | |||
+ | |||
+ | ===== Verify the real sender ===== | ||
+ | |||
+ | * Everytime you receive any email, verify the true sender. | ||
+ | * Regardless of detecting email as a suspicious by the spamfilter. | ||
+ | |||
+ | How difficult it is and how to do it exactly depend on the email client. But shortly saying: | ||
- See the complete address in the form of somebody@somewhere.domain We do not allow outside sender to spoof @cerge-ei.cz domain. | - See the complete address in the form of somebody@somewhere.domain We do not allow outside sender to spoof @cerge-ei.cz domain. | ||
Line 12: | Line 26: | ||
[[https:// | [[https:// | ||
+ | ===== Verify the link ===== | ||
+ | * Phishing often uses fake institutional pages, e.g. email login, internal web login, etc. The look could be fine, but the link goes elsewhere. __Check link before you use it.__ | ||
+ | * Sometimes the cerge-ei domain is spoofed in the path to increase credibility. The complete path and the home domain at the end are decisive. | ||
+ | * There are also sophisticated techniques using a similar domain name (like a typo) or fonts where the letter looks correct but the name is actually different. | ||
+ | ===== Verify the signature ===== | ||
+ | * The signature is a significant indication of the trustworthiness of the message. Unknown, unusual or impersonal signature should be grounds for rejection or at least deep distrust. | ||
+ | * Unfortunately on the other hand, the signature could be easily stolen or spoofed. You must not fully rely on the authenticity of the signature. | ||
+ | ===== Verify the content ===== | ||
+ | * Check the style, language and content of the message. Beware of manipulative methods and social engineering. | ||
+ | * **Do not succumb a time pressure** [[public: | ||
+ | |||
+ | ===== Ask in doubt ===== | ||
+ | Feel free to ask if you have any doubts and/or to report a suspicious or dangerous email. | ||