I am truly delighted with the number of malicious emails that are being forwarded to firstname.lastname@example.org. The Mount Royal community is doing a great job of letting us know what to look for and helping us defend their data. There is one question that people keep asking though, what is the difference between Spam and a phishing email? I thought I would take a moment to clarify.
- Goal is to sell you something.
- It is sent to hundreds or thousands of people at a time.
- Reading the email does not generate an emotional response.
- It may or may not contain links
- Clicking on the links will take you to the organizations website.
- Goal is to steal your data or use your workstation as a tool to access data on other people’s devices.
- It can be sent to thousands of people or just one or two.
- Reading the email generates an emotional response.
- It may or may not contain links and or attachments.
- Clicking on the link or opening an attachment takes you to a fake web page and/or loads malware onto your device.
The easiest way to determine if what you are dealing with is spam or phishing is by examining the purpose of the email. If it looks like they are trying to sell you something, then it is probably spam. If it looks like they are trying to confuse or trick you, then it is likely phishing.
Spam emails should be marked as spam by clicking the stop sign icon in the Gmail menu bar. Phishing emails should be forwarded to email@example.com. If you aren’t sure which one it is, forward it to firstname.lastname@example.org and we can let you know.