One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8334232 |
| Date de publication | 2023-05-08 10:00:00 (vue: 2023-05-08 10:07:29) |
| Titre | Empêcher des attaques de phishing sophistiquées destinées aux employés Preventing sophisticated phishing attacks aimed at employees |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. As technology advances, phishing attempts are becoming more sophisticated. It can be challenging for employees to recognize an email is malicious when it looks normal, so it’s up to their company to properly train workers in prevention and detection. Phishing attacks are becoming more sophisticated Misspellings and poorly formatted text used to be the leading indicators of an email scam, but they’re getting more sophisticated. Today, hackers can spoof email addresses and bots sound like humans. It’s becoming challenging for employees to tell if their emails are real or fake, which puts the company at risk of data breaches. In March 2023, an artificial intelligence chatbot called GPT-4 received an update that lets users give specific instructions about styles and tasks. Attackers can use it to pose as employees and send convincing messages since it sounds intelligent and has general knowledge of any industry. Since classic warning signs of phishing attacks aren’t applicable anymore, companies should train all employees on the new, sophisticated methods. As phishing attacks change, so should businesses. Identify the signs Your company can take preventive action to secure its employees against attacks. You need to make it difficult for hackers to reach them, and your company must train them on warning signs. While blocking spam senders and reinforcing security systems is up to you, they must know how to identify and report themselves. You can prevent data breaches if employees know what to watch out for: Misspellings: While it’s becoming more common for phishing emails to have the correct spelling, employees still need to look for mistakes. For example, they could look for industry-specific language because everyone in their field should know how to spell those words. Irrelevant senders: Workers can identify phishing — even when the email is spoofed to appear as someone they know — by asking themselves if it is relevant. They should flag the email as a potential attack if the sender doesn’t usually reach out to them or is someone in an unrelated department. Attachments: Hackers attempt to install malware through links or downloads. Ensure every employee knows they shouldn\'t click on them. Odd requests: A sophisticated phishing attack has relevant messages and proper language, but it is somewhat vague because it goes to multiple employees at once. For example, they could recognize it if it’s asking them to do something unrelated to their role. It may be harder for people to detect warning signs as attacks evolve, but you can prepare them for those situations as well as possible. It’s unlikely hackers have access to their specific duties or the inner workings of your company, so you must capitalize on those details. Sophisticated attacks will sound intelligent and possibly align with their general duties, so everyone must constantly be aware. Training will help employees identify signs, but you need to take more preventive action to ensure you’re covered. Take preventive action Basic security measures — like regularly updating passwords and running antivirus software — are fundamental to protecting your company. For example, everyone should change their passwords once every three months at minimum to ensur |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 2023 800 about access action actual addresses adopt advances affected again against aimed alert align all almost also antivirus any anymore anyone appear applicable appropriate are aren’t article artificial asking at&t attachment attachments attachments: attack attackers attacks attacks: attempt attempts author avoid avoidable aware basic because becoming behavior being blocking blocks bots breach breaches businesses but called can can’t capitalize challenging change chatbot classic clean click clicked clicking comes common companies company company’s constantly content convincing correct could covered create cybersecurity damage data department details detect detected detection detection: device didn’t difficult does doesn’t doing downloaded downloads during duties effects email emails employee employees endorse ensure ensures essential even every everyone everything evolve example fake field fixed flag for: formatted from fundamental general getting give goes gpt hackers happen harder hardware has have help highly hours how humans identification identify immediately indicators industry information inner install instructions intelligence intelligent irrelevant issue it’s its know knowledge knows language leading legitimate lets like likely limited link links long look looks make malicious malware manage many march may measures messages methods mimic minimize minimum misspellings misspellings: mistakes months more multiple must need new next normal not notice odd often once one out passwords people phishing place poorly pose positions possible possibly post potential prepare prepared preparing prevent preventing prevention prevention: preventive procedures proper properly protect protected protecting provided puts quickly reach react real received recognize regularly reinforcing relevant remain remained report reporting: requests: respond response response: responsibility retrain risk role running scam secure secured security send sender senders senders: set should shouldn signs simulated simulations since situations software solely someone something somewhat sophisticated sound sounds spam specific spell spelling spoof spoofed stage stop styles successful susceptible systems take targeting tasks team technology tell text them themselves they’re they’ve thinking those though threat threats three through today track train training unaffected unlikely unrelated update updated updating use used users usually vague views warning wasn’t watch well what when which will within won’t words workers workings you’ll you’re your |
| Tags | Spam Malware |
| Stories | ChatGPT |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.