Easy steps to take to mitigate phishing or malware attacks - from the CAHF tech department

There have been an increasing number of fraudulent emails sent from addresses connected to CAHF.  Here's some information to help you keep your email safe from hackers.

Hover the cursor over the clickable link in the suspicious email (see example below) and look at the internet address (URL). 

Look for a period in the string of characters that show the words before and after the period.  These are the words that must be correct (corresponding to a real sender).   If the link says  www.spacex.com/CAHF-org/ the link is not going to CAHF; it is going to spacex.com to a compromised web page. 

If the identity of the sender it is too difficult to resolve, solve it by bypassing the email links entirely.  Manually type the real URL into the address bar of your browser and navigate to the site that way.

 The two hard and fast rules for keeping your data safe are:

  • Don’t click on links in emails you were not expecting.  If the email is in a gray area, consider calling the sender. 
  • Don’t reuse passwords, especially for important sites like banking, email, and healthcare.  If your email and banking or healthcare passwords are the same, you could very easily have your identity stolen and it will be difficult (and likely expensive) to get it back.

If you have been a victim of one of these phishing emails and clicked through the link, you will need to change your email password ASAP, and any other sites that used the same password.  Also, check that you do not have any forwards in your email added by the hackers.  

Using a password manager helps.  There are many free password managers available.  Dashlane, 1Password, LastPass, and KeePass (free and open source) are four of the top applications. 


Illustrating the hover results from an email that was reported as coming from CAHF:

Questions? Contact Beth Camero, CAHF IT Manager