近期，对各大高校的钓鱼邮件攻击异常活跃，境内外非法人员利用邮箱升级、密码到期、补贴申领等主题，瞄准学校邮箱持续反复开展攻击，并造成经济损失现在，就让我们一起来学习如何识别、防范、处置钓鱼邮件攻击。

Recently, phishing email attacks have been extremely serious in many universities. Domestical and international criminals have been targeting school email addresses through topics such as email upgrades, password expiration, and subsidy claims, resulting in great economic losses. Now, let's learn how to identify, prevent, and handle phishing email attacks.

一、什么是钓鱼邮件？

一、What is phishing email?

不法分子伪装成老师、学生、同事或管理人员等您信任的人，通过发送电子邮件的方式，诱使您回复邮件内容、点击邮件中的链接或下载运行附件，达到窃取您敏感信息、钱财或在终端上执行恶意代码的目的。这种邮件，我们称之为做钓鱼邮件。

Criminals disguised as teachers, students, colleagues, or people who you trust, luring you to reply or click the link, or download and run attachments, in order to steal your sensitive information, money, or execute malicious code on the terminal. This type of email is called phishing email.

二、如何识别钓鱼邮件

二、How to identify phishing emails

1、看邮件正文

1、Read the email body

（1）称呼：对使用“亲爱的用户”或一些泛化问候的邮件保持警惕。如果某个可信机构有必要联系您，他们应该会知道您的名字和信息，而非邮箱前缀或泛化问候语。

（1）Salutation: Be vigilant to emails that use 'dear users' or some generalized greetings. If it is necessary for a trusted organization to contact you, they should know your name and information, rather than email prefixes or generalized greetings.

（2）恐慌：对任何制造紧急氛围的邮件提高警惕，如要求“请在今日下班前务必完成升级操作”，这是让人在慌忙中犯错的惯用手段。遇到类似邮件，建议与业务相关方电话核实。

（2）Panic: Be vigilant to any emails that create an urgent atmosphere, such as the requirement to 'please complete the upgrade operation before closing time', which is a common method for people to make mistakes in a hurry. When receiving these emails, it is recommended to verify with relevant people by phone.

（3）诱惑：对任何中奖或发放补贴邮件保持警惕，天上不会掉馅饼，发放补贴也不会要你提供银行账号和密码。

（3）Temptation: Be vigilant to any winning or subsidy emails, as there is no such thing as a free lunch, and providing password of bank account is not necessary for subsidy payments.

（4）链接：鼠标右键点击链接，可复制或看到链接真实地址。如果您复制或看到的链接地址与真实地址不同，这很可能是一次钓鱼攻击。在确认安全前，不要点击邮件中的链接。

（4）Link: Right click on the link to copy or see the real address of the link. If the link address you copy or see is different from the real one, it is likely a phishing attack. Before confirming security, do not click on the link in the email.

（5）附件：对附件保持警惕，确认邮件可信之前不要点击或下载附件。

（5）Attachment: Stay alert to attachments and do not click or download them until you confirm that the email is trustworthy.

2、与相关业务方核实信息

2、Verify information with relevant people

如果您对邮件内容有怀疑，建议通过电话、即时聊天工具等其他通讯方式核实。任何合法机构都不会索要您的敏感信息。在确认安全前，不要随意填写账号、密码、银行卡、身份证等敏感信息。

If you have any doubts about the content of the email, it is recommended to verify it through other communication methods such as phone calls or instant messaging. No legitimate organization will request your sensitive information. Before confirming security, do not fill in sensitive information such as account number, password, bank card, ID card, etc.

3、看发件人地址

3、Check sender's address

外部非法地址一般会通过修改显示名的方式进行发送仿冒邮件进行在钓鱼或诈骗行为。因此，辨别邮件真实发件人地址，是判别邮件真伪的重要依据。可参考辨别邮件发件人真实地址小贴士。

External illegal senders may send phishing emails or conduct fraudulent activities by modifying the display name. Therefore, identifying the true sender address of an email is an important basis for distinguishing its authenticity.Details Identifying true sender address.

Tips：建议使用webmail，对外部陌生邮件地址有“陌”字标识。

Tips：Webmail suggested. When an external unfamiliar email arrives, the system will automatically determine whether the address is in the address book. If it is an external sender, there will be a '陌' signal on the webmail for warming.

三、如何防范钓鱼邮件

三、How to prevent phishing emails

1、安装杀毒软件并定期更新病毒库，同时通过可信渠道定期下载和安装系统和软件的更新。

1、Install antivirus software and regularly update the virus library, while regularly downloading and installing updates to the system and software through trusted channels.

2、设置独立的邮箱密码，不要与其他业务共用密码，更不要在外部公共网站使用和邮箱一样的账号密码。

2、Set up an independent email password, do not share it with other businesses, and do not use the same account password as the email on external public websites.

3、不要向任何人轻易透露邮箱密码，不要在任何可疑的页面输入邮箱账号密码及您的银行账号信息。

3、Do not disclose your email password to anyone, and do not enter your email account password and bank account information on any suspicious page.

4、谨慎点击任何不确定的链接，留意辨别邮件地址、链接地址等是否伪造或高仿。

4、Be cautious when clicking on any uncertain links, and pay attention to identifying whether email addresses, link addresses, etc. are camouflaged or highly imitated.

四、如何处置钓鱼邮件

四、How to handle phishing emails

1、及时报告

1、report without delay

将钓鱼邮件转发it-support@shanghaitech.edu.cn，以便我们人工核实邮件真实性并加以处置。

Forward phishing emails to it-support@shanghaitech.edu.cn so that we can manually verify the authenticity of the email and dispose it.

2、立刻修改登录密码

2、Change login password now

如果您已经在钓鱼链接中输入了邮箱登录密码，请立即登录网页修改密码，防止不法分子获取邮箱中的邮件、联系人等敏感信息，遏制其进一步攻击渗透。

If you have already entered your email login password in the phishing link, please immediately log in to the webpage to modify your password to prevent criminals from obtaining sensitive information such as email addresses and contacts, which can prevent further attacks.

3、杀毒

3、Anti-Virus

钓鱼邮件中的链接或附件可能带有病毒、木马或勒索程序。发现异常请及时更新杀毒软件病毒库并全盘杀毒。

Links or attachments in phishing emails may contain viruses, Trojans, or ransomware programs. If any abnormalities are found, please update the antivirus software virus library in a timely manner and completely eliminate the virus.