Advisory (27th July, 2020) Phishing Emails

The Guyana National CIRT (GNCIRT) has received information pertaining to phishing emails being sent to various Government Ministries and Agencies.

Phishing is a digital form of social engineering that uses authentic-looking—but bogus—emails to request information from users or direct them to a fake web site that requests information.[1] Normally, these emails contain links or attachments, when clicked upon or downloaded, executes malicious code or malware unto your system.

The GNCIRT hereby recommends the following:

  1.  That users and administrators be cautious when receiving suspicious emails. Further, do not click on any link or download any attachments within these emails.
  2. That users and administrators verify all suspicious emails received with the sender of the email, to ascertain that an email was actually sent. This should be done via telephone or other means of communication that does not include sending emails.

An example of a phishing email include:

An Example of a Phishing email include:

 

 

 

 

 

 

 

 


[1] https://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf

 

For further information on phishing, please visit https://www.getsafeonline.gy/protecting-yourself/spam-scam-email/

Reference

Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2008, September 30). Technical Guide to Information Security Testing and Assessment. Retrieved July 24, 2020, from https://csrc.nist.gov/publications/detail/sp/800-115/final