Dear Colleagues,
 
Please be informed that an Email Impersonation Attack (Email spoofing) was discovered this morning. A sample is attached for your attention.
 
6 email security tips for protecting yourself
Tip 1. Don’t trust the display name
            A favorite phishing tactic among cybercriminals is to spoof the display name of an email.
Tip 2. Beware of the subject line
            Invoking a sense of urgency or fear is a common phishing tactic.
Tip 3. Don't trust URL links
            You will be asked for personal credentials in malicious websites by malicious links looking seemingly legitimate.
Tip 4. Don’t give personal information
            Legitimate organizations never ask for personal credentials via email.
Tip 5. Check for spelling mistakes
            Legitimate messages usually do not have major spelling mistakes or poor grammar.
Tip 6. Review the signature
            Legitimate organizations always provide contact details. Lack of details strongly suggests a phish.
 
Please be reminded that NOT to respond to suspicious emails asking for personal information and report any suspicious email to ITSO Helpdesk at 3190 6640. Thank you.
 
Regards,
Raymond Lui
Information Technology Services Office
 
 
Sample of Email Impersonation Attack on 23 Feb 2021