You receive a phishing email requesting login and password verfication should you do next?
Do not click the link(s) within the email and do not provide your password or any other personal information. You can ignore the email, and you can also forward it to the "real" company (for example, if the phishing email appears to be from Yahoo.com, forward it to the real company so they are aware of the scam).
A new employee just reported to your unit within the last week One of his duties is to access taxpayer records using one of the IRS computer systems He has yet to receive his login ID and password?
Phishing is when a scammer emails you pretending to be a friend or trusted source. These emails usually ask for very personal information, so the scammer can access the person's money or other assets. There is software, phishing filters, that will warn you when you receive an email that may be a phishing attempt.
As with nearly all social engineering, the best way to reduce the risk of phishing is education, policies and procedures. Some key elements are: 1) Recognize all types of phishing emails. Many phishing emails will be address to a generic "customer" or "sir or ma'am" instead of directed to the customer by name. 2) Do not send personal information via email. There are almost always more secure ways to provide that information to a legitimate…