One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 792048 |
| Date de publication | 2018-09-04 13:00:00 (vue: 2018-09-04 16:02:38) |
| Titre | Cyber Security Awareness Month - Phishing |
| Texte |
It’s September, which means it’s almost October, which is National Cyber Security Awareness Month (NCSAM)!
NCSAM was launched by the National Cyber Security Alliance & the U.S. Department of Homeland Security in October 2004. This government and industry collaboration was started with the intention to ensure citizens and companies of all sizes have access to resources needed to stay safe and secure online.
Every year, the official program focuses on a series of weekly themes. Many individuals and companies also share their own best practices and ideas for security awareness.
In doing our part, we’re also publishing a series of posts during September and October to help share some of our favourite resources and tips on staying safe online.
Phishing:
Kicking off the festivities, I’m highlighting one of the most prevalent threat vectors there is: phishing.
Phishing can take place under many guises and have different objectives - but at a high level it’s nearly always an email sent which claims to be from a trusted person or entity that attempts to trick the recipient into performing an action.
Examples of phishing emails can include:
The tax office claiming you have underpaid, or are due a repayment with a malicious document attached.
Your CEO asking that you make a large payment to a new supplier immediately.
The IT team asks you send them your password in an email or via a form.
Your bank asking you to login and confirm details.
A service provider threatening to cut off your service unless you respond to them immediately with information.
You get an unsolicited job offer, or a lucrative work-from-home scheme
A match on a dating site asks excessive personal information, or for money or gifts.
This is not an exhaustive list, but all of these tactics seek to instill a sense of urgency in the recipient, trying to get them to respond quickly usually using the broad hooks of money, employment, love, or threats (MELT).
There are many telltale signs you can usually look out for, such as the tone of the email, the grammar and spelling, or the email headers that can indicate whether an email is genuine or not. However, for the most part, it is best to err on the side of caution, and if something doesn’t feel right or genuine it’s best to confirm directly with the alleged sender of the email.
While there are a growing number of tools available to defend against cybercrime, education remains one of the most important tools in our defence. It is only by gaining a greater understanding of the threats and techniques encountered - in both personal and business settings - that we can best protect ourselves.
A short video on phishing
And a slightly more in-depth video on how to spott a phishing email
 |
| Envoyé | Oui |
| Condensat | 2004 access action against all alleged alliance almost also always are asking asks attached attempts available awareness bank best both broad business but can caution ceo citizens claiming claims collaboration companies confirm cut cyber cybercrime dating defence defend department depth details different directly document doesn’t doing due during education email emails employment encountered ensure entity err every examples excessive exhaustive favourite feel festivities focuses form from gaining genuine get gifts government grammar greater growing guises have headers help high highlighting home homeland hooks how however i’m ideas immediately important include: indicate individuals industry information instill intention is: it’s job kicking large launched level list login look love lucrative make malicious many match means melt money month more most national ncsam nearly needed new not number objectives october off offer office official one online only ourselves out own part password payment performing person personal phishing phishing: place posts practices prevalent program protect provider publishing quickly recipient remains repayment resources respond right safe scheme secure security seek send sender sense sent september series service settings share short side signs site sizes slightly some something spelling spott started stay staying such supplier tactics take tax team techniques telltale them themes these threat threatening threats tips tone tools trick trusted trying under underpaid understanding unless unsolicited urgency using usually vectors video we’re weekly whether which work year your |
| Tags | Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.