Phishing - Email Attack
Periodically, your e-mailbox may be the target of a phishing scam designed to do harm either to your computer or your checkbook. Phishing is a method used by scammers to ‘lure’ you into directing your computer to a harmful website or into responding with confidential information.
**TCCSA will _never_ request your account name and password be sent to us via e-mail**. Whenever you receive a request such as this, it is most likely a phishing attack. Sending your account and password through an e-mail not only jeopardizes your personal information, it creates a problem for everyone on our TCCSA network.
How can you tell if the message you received is a phishing attack?
- Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam.
- Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message.
If the link does not reflect what is typed in the message…beware!
- Threats. Have you ever received a threat that your TCCSA account would be closed if you didn't respond to an email message? Cybercriminals posed as “system administrators” often use threats that your security has been compromised.
- Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered.
TCCSA uses two very high quality e-mail filters to prevent most of these attacks. The purpose of two filters is because one is based upon reputation and one is a rules-based filter. This results in a very secure TCCSA e-mail environment. Because of the variety of methods used by cybercriminals, there is absolutely no way of obtaining 100% accuracy on filtering inbound messages. There will always be some that flow through the filter.