NMIS ICT Servicedesk NMIS ICT Service Desk Knowledgebase Security
Memorandum No. 2022-09-0669 | URL Phishing Scheme
Suggested knowledgebase articles:

Memorandum No. 2022-09-0669 | URL Phishing Scheme

Please be reminded NOT TO CLICK ON ANY URL FROM UNSOLICITED EMAIL, even from reliable sources. Scammers use fake emails, also called phishing, brand spoofing or carding, to "fish" for information. These fake messages can look real, but link to fake websites. The website might also portray a reputable, well-known business. Scammers will send you emails or texts to coerce you into divulging your personal information. They might attempt to obtain your Social Security number, account information, or passwords.

What to Look For:

For check these warning signs when you are not sure of an email:

  • Urgency: Phishing emails often need an immediate response or action.
  • Your name/email is not in the "to" field: Scammers send out thousands of phishing emails in the hopes that one will be opened.
  • Asks for sensitive or banking information: A real bank would never ask for your Social Security number, bank account information or PIN in an email.
  • Uses a public internet account: If the email is from a public account, such as Yahoo or Gmail, but claims to be from your bank or other business, do not trust the email.
  • Is not a secure site: The website will be missing the lock symbol at the bottom of the screen and will not include an "s" after "http" in the web address.
  • Incorrect URL: Check to make sure the site address is accurate. Crooks may create a fake website with a slight misspelling in the business name to catch you.
  • Poor spelling and grammar: Cybercriminals often don't catch spelling errors in an email.
  • All caps: Scammers often use capital letters to get your attention.
  • Displays low resolution images: Scammers usually build fake sites quickly using forged company logos, signatures and styles, and this show in the lower quality of the sites.
  • Includes small pieces of your personal information: Some personal information may be included. This is typically general information the scammers got from another source.

How to Help Protect Yourself

  • Use common sense. Read and examine emails carefully, making sure you recognize the sender.
  • Only open emails from a sender you know and trust. This goes for attachments and links, too.
  • Go directly to a company's published website if asked to fill out information. Do not use a link provided in an email.
  • Double check the message: Look for false "from" and "subject" lines, spelling errors and grammar mistakes.
  • Ensure that a website is secure by checking to see whether there is an "s" after the http in the address (https://) and a lock icon at the bottom of the screen - both are indicators that the site is secure. Never enter payment information on a site that isn't secure.
  • Be vigilant. Monitor your bank and credit card statements for any suspicious charges or transfers.
  • Please continue to be extra careful and vigilant of suspicious activities online. Should you encounter these, immediately inform our PIMD-ICT at (02) 8924-7980 and send an email to ict@nmis.gov.ph.

 

Was this article helpful? Yes | No

Article Details

Article ID:
2
Category:
Security
Rating :