What wrong with this email? 4 Hints to catching a Phish.

I am referencing the sophisticated email attack that happened May 3rd, 2017.  It happened to many organizations, not just us.  Let’s break it down:

Here is an example:

Innocent enough, right?  You may know the sender.. But you may question why he or she is sending you a document with no name out of the clear blue sky.  That is hint #1

Hint #2:  He or she sent the email to hhhhhhhhhhhhhhh

I don’t belong to a group called hhhhhhhhh…

You can take a closer look and you should do this often.

Clicking this down-pointing arrow can reveal if an email was sent by an actual Stony Brook account (which in this case it was, and which is why we are calling it a sophisticated phishing attempt) and who the email is actually sent to.

If you did click the blue Open in Docs button, you would have been prompted to give the document access to your contacts.  This is a bold hint (#3) it’s a scam, because it’s not logical that in order to VIEW a document it would need access to YOUR CONTACTS.

NOTE:  From now until forever, you are the guardians of your accounts and data– whether that be personal or work.  You will be phished by email, phone, websites, and regular mail.  It is up to you to question the authenticity of what is being asked of you. Take a minute and just “Google it”.

One easy way to do this is to highlight > right-click anything and then click Search Google for…..:

If you wish to be more of a trained-eye on these sort of things you can take the safecomputing.stonybrook.edu training, come to a DoIT Training’s workshop or request a customized workshop for your team.


What does an official Shared Document with Google Drive look like?  (This is hint# 4)

It has Google’s stamp all over it.

Here is the phishing attempt screenshot again for you to compare:

Also, in your inbox, you can click the View button: